proxy to translate basic auth to authenticate against Active Directory?
Hello!
I have been developing a small process automation program on a linux box which is intended to run bulk processes against a web interface.
That interface has been moved from servers using NTLM authentication to using the "windows" authentication; Active Directory.
Any time the authorisation popup appears on my linux machine, I have to intervene manually - this is not acceptable as my application needs to pass through credentials (via a https interface) and no human should be looking at those. The software (selenium, firefox and phantomjs) cannot handle these popups and, so, I must work around the problem.
I had this solved earlier by use of a local proxy server that acted as an intermediary or translation proxy - I gave it plain creds, it used them for NTLM negotiations.
But then the servers were changed ... :/
What I need is a workaround to this problem.
Some points to consider:
- My machine is running Centos7
- Internet access is not possible
- I cannot use full AD integration (this is outside my power)
- I have SUDO privileges but we also have a local, static repo
- I can add almost anything to python via PyPI and manually installing
- I can compile and install from source on this machine
- All users of this program must be authorised on the AD
- They may not be local users of the machine (access via https)
- The program must use the provided credentials
- Kerberos is already installed, tested and working
- This project is written entirely in python 2.7
- I prefer a solution that is either transparent to the program or part of it
I won't be able to share much in the way of config or code due to the nature of my employer, but I'll answer whatever I can.
Any help would be greatly apprecaited
Last edited by yakkmeister; 10-26-2017 at 11:08 PM.
Reason: Spelling
|