Zaurus NTLM Authorization Proxy Server

This is an implementation of Dmitry Rozmanov's excellent NTLM Authorization Proxy Server v.0.9.8 customized for the Zaurus. An ipk is available here

What is NTLM Authorization Proxy Server?

As explained in Dmitry's homepage:
NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

Why do I need it?

You need it if you intend to access the internet with your Zaurus in networks that use the MS IIS proxy server with NTLM authentication. Specifically, if you experienced the following proxy errors when trying to access an external site:

Error 407 Proxy Authentication Required
Error 401 Access Denied/Unauthorized

How does it work?

The APS runs locally on your Zaurus and proxies all network requests, handling the authentication with the Microsoft proxy. And it makes it look like it is communicating with an IE 5.5 client to boot.

Requirements

The APS is written in Python, so you will need it installed first. It has been tested to work with v. 2.3.3-10. The specific packages you must install are:
- python_2.3.3-1.0_arm.ipk
- python-webtools_2.3.3-1.0_arm.ipk
You also need opie-sh, which provides a convenient way to input passwords. Grab a copy of opie-sh_0.5.1-20020527_arm.ipk here

Configuration

The APS configuration is stored in the file ntlm/server.cfg. The defaults should work in most cases, but you must edit this file and provide your NT Domain and username information:

# Windows Domain.
# NOTE: it is not full qualified internet domain, but windows network domain.
NT_DOMAIN:my_domain

# What user's name to use during authorization. It may differ form real current username.
USER:my_username

Configure the proxy information using the Network Wizard: Select "HTTP Proxy" and use 127.0.0.1 for the address and 5685
- Proxy Type: HTTP
- Address: 127.0.0.1
- Port: 5865
Some programs can be configured to use the proxy directly. Check the program documentatin for the details. For instance:

wget: add the following to .wgetrc:
```
http_proxy="127.0.0.1:5865"
```
lynx: add the following to lynx.cfg
```
http_proxy:http://127.0.0.1:5865/
```

Run the Proxy

Run the APS by clicking on the "NTLM Proxy" icon. A dialog box should pop up requesting your password. If all is ok, the proxy should allow you to reach external sites.

Troubleshooting

Refer to Dmitry's homepage for documentation on how to enable logging and troubleshooting authentication problems.

Webmaster<webmaster@akiaki.org>

Last modified:

Fri Jul  9 00:21:04 EDT 2004