LWP::UserAgent and proxies with NTLM handshake

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


I'm having trouble overcoming and figuring out how to get through a
proxy using LWP::UserAgent (with or without WWW::Mechanize).  Bare
with me...

I've found a myriad of examples highlighting *->credentials(...) or *-
Quoted text here. Click to load it
LWP::Authen::Ntlm but can't find a robust working solution.

For illustrative purposes consider two local network addresses:

When I manually configure my proxy settings in firefox, for example, I
can explicitly require use through proxydom
<a href=3D"https://picasaweb.google.com/lh/photo/oIeVI -
src=3D"https://lh3.googleusercontent.com/-V8R0XScbjLw/Tw8WRQcKMDI /
AAAAAAAAABI/99OroAj_HDQ/s400/manual_Setting.jpg" height=3D"74"
width=3D"400" /></a>

I can browse from the minute I open firefox and don't have to enter a
username or password.
(see the Request/Response headers from Tamper Data)
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh4.googleusercontent.com/-C1mM5xsob9E/Tw8WQnuS1nI /
AAAAAAAAAAo/x9qQ8AZfAGU/s400/m1-p1.jpg" height=3D"94" width=3D"400" /></a>
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh4.googleusercontent.com/-TC7Wj60ck78/Tw8WQhxionI /
AAAAAAAAAAk/Y2_MiFmgCTA/s400/m1-p2.jpg" height=3D"93" width=3D"400" /></a>
<a href=3D"https://picasaweb.google.com/lh/photo/53lKHfH1 -
src=3D"https://lh4.googleusercontent.com/-njswpjlHrk0/Tw8WQiV-ijI /
AAAAAAAAAA0/_QV6QPaWD5A/s400/m1-p3.jpg" height=3D"129" width=3D"400" /></

Alternatively, when I have proxy settings set to "automatically
detect", the first http request I initiate routes me to a pop up box
asking to please enter the username and password for http://authorizedom.
I then enter my username and password and can browse without further
interruptions.  This process redirects me to authorizedom for
validation than I'm redirected back to the requested website.
(see Request/Response headers from Tamper Data)
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh5.googleusercontent.com/-7r4MHlWJysU/Tw8X5wcW5EI /
AAAAAAAAAB4/_pfRRlvzzJg/s400/m2-p0.jpg" height=3D"77" width=3D"400" /></a>
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh3.googleusercontent.com/-ioJfEm5HW7s/Tw8WQz2cfuI /
AAAAAAAAAA4/6tCi3lXNBLY/s400/m2-p2.jpg" height=3D"87" width=3D"400" /></a>
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh3.googleusercontent.com/-lyA0UdYmSgw/Tw8WRDt3eyI /
AAAAAAAAABE/n11HUoBKIP8/s400/m2-p3.jpg" height=3D"97" width=3D"400" /></a>
<a href=3D"https://picasaweb.google.com/lh/photo /
src=3D"https://lh5.googleusercontent.com/-nj8-iWQ0OFg/Tw8WRsvLXRI /
AAAAAAAAABU/QRm-ihTyspc/s400/m2-p4.jpg" height=3D"105" width=3D"400" /></

Method 1:
Ideally, I'd like to simulate the first method with LWP::UserAgent,
but I believe there is an NTLM handshake and am unsure whether I use/
what I use for/if I use my username and password.

Is anyone knowledgeable about what is occurring automatically in
firefox that I don't understand that lets it walk through the NTLM
handshake without a username/password?  I have logged into a Win 7
machine with that username and password, but this is a copy of
portable firefox, so I don't think it could attain my pasword to send
to the server. How would I use LWP::UserAgent to simulate this?

Method 2:
I've actually managed to get this to work (in a fashion).
Given authorizedom as the redirecting server I do a combination of the
#follow redirects manually from header info.

Problem here is I actually get redirected to 1 of 2 authorizedom
servers, and though I change all the above parameters accordingly, I
can only succeed in reaching the desired page with authorizedom-02 but
authorizedom-01 tells me my credentials are wrong.  So, sometimes my
agent passes through and sometimes it doesn't depending on which
authroizedom I'm routed to for a reason I can't figure out.

Any help would be greatly appreciated and I can provide any dumped
headers I receive along the way if they're useful for everyone, but if
anyone knows what=92s going on in method 1 such that I can skip the
username/password all together, that'd be wonderful.


Site Timeline