I'm going to send some data to a web form that is accessed after authentication.

Here's the command I thought should work:

curl -c cookietemp --trace-ascii tracelog --ntlm -u <user>:<password> http://@192.168.1.11
0610:/Host/Path/login.aspx"

It didn't produce the cookietemp file

tracelog basically tells me that I'm not authorized to view the page due to credentials & also the ACL on the Web server.

I know my username & password are correct.

What might I be missing?

What happens if you add the -v flag?

According to the man page you get no errors if -c doesn't produce a cookie for some reason and the only way to get feedback is with the -v.

I did it with the -v option and it still provided no error message about why it didn't create the cookie. I'm thinking that might be because it doesn't get that far before it kicks out my ID?

I thought maybe the problem is that the authentication page needs to be handled like a form so I attempted this with both the -F and the -d options using the form's field names

txtOperatorID
txtPassword
btnSubmit

That creates a cookie but doesn't contain the .ASPXAUTH cookie

Here is the result:

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSite%2fPath%2fLogin.aspx%3fAspxAutoDetectCookieSupport%3d1">here</a
>.</h2>
</body></html>


I hope this additional information will ring some bells for someone.