Valencfder
New Member
I know that you can enable NTLM authentication in an ASP.Net app using:\[code\]<authentication mode="Windows" />\[/code\]However - I need to handle Forms, HTTP and other custom authentications in the same app, so ASP.Net's limited built-in support is no use.The NTLM handshake should be fairly simple:\[code\]Request - [unauthenticated - no user info passed]Response - 401 Unauthorized WWW-Authenticate: NTLMRequest - Authorization: NTLM <base64-encoded type-1-message>Response - 401 Unauthorized WWW-Authenticate: NTLM <base64-encoded type-2-message>Request - Authorization: NTLM <base64-encoded type-3-message> Server can now check username/password against LDAP from type-3 messageResponse - 200 Ok [now authenticated & authorised]\[/code\]So to roll my own I need to parse type-1 and type-3 messages and generate a type-2 message.The structure for those messages is well documented but fairly complex - it seems very messy to write my own message generators and parsers. I think the methods to read and write these messages should already be in .Net, but I haven't been able to find them.How can I build and parse these NTLM messages using .Net?