CODEWITHSUNDEEP
pythonauthenticationproxyhttpsntlm
Laurent Luce
Laurent Luce

Reputation: 929

Python urllib2 HTTPS and proxy NTLM authentication

urllib2 doesn't seem to support HTTPS with proxy authentication in general, even less with NTLM authentication. Anyone knows if there is a patch somewhere for HTTPS on proxy with NTLM authentication.

Regards,

Laurent

Upvotes: 6

Views: 11905

Answers (3)

lemonad
lemonad

Reputation: 4208

Late reply. Urllib2 does not support NTLM proxying but pycurl does. Excerpt:

self._connection = pycurl.Curl()
self._connection.setopt(pycurl.PROXY, PROXY_HOST)
self._connection.setopt(pycurl.PROXYPORT, PROXY_PORT)
self._connection.setopt(pycurl.PROXYUSERPWD,
                        "%s:%s" % (PROXY_USER, PROXY_PASS))
...

Upvotes: 6

ZZ Coder
ZZ Coder

Reputation: 75496

http://code.google.com/p/python-ntlm/

I never tried with HTTPS but I think it should work.

EDIT: If you are using SSL Tunneling, proxy authentication is a bad idea.

Proxy using Basic Auth over HTTPS is not secure when the SSL is tunneled. Your password will be sent in clear (Base64-encoded) to proxy. Lots of people assumes the password will be encrypted inside SSL. It's not true in this case.

It's almost impossible to support other encrypted or hashed mechanisms like Digest/NTLM because they all require negotiation (multiple exchanges) and that's not defined in CONNECT protocol. This negotiation happens out of the band of the HTTP connection. It's very hard to implement in proxy/browser also.

If this is an enterprise proxy, IP ACL is the only secure solution.

Upvotes: 2

Alex Martelli
Alex Martelli

Reputation: 882103

Good recipe (for HTTPS w/proxy) and discussion here, it should be possible to meld that with the python-nltm code @ZZ has already suggested.

Upvotes: 1

Related Questions