Version 0 of AuthenticatedHttpOnWindows

Updated 2006-03-31 08:53:32

Hi! This is my first entry on that wiki so formatting probably won't be perfect. The problem I had to solve was to access an intranet webserver (with my own contents, a database inside) without asking the user for an extra password. So, this server (apache) was integrated into our normal windows authentication system that is, the microsoft kerberos authentication and I had to make use of that. As it turned out, I could use Tcl in its finest tradition as a glue language and utilize windows as it is for all the authentication stuff. Enter WinHTTP. This is a microsoft provided API for use with non-.NET applications and scripts. The script interface is a COM component called WinHttpRequest and can be accessed using tcom, which is contained in the ActiveTcl distribution. A small tcl script that accesses an authenticated website thus looks like this:

   package require tcom

   #set the test URL
           set MyUrl "http://myintranetwbsite"

   #Start up the component
           set WinHttpComp [::tcom::ref createobject "WinHttp.WinHttpRequest.5.1"]

   #Create the request
           $WinHttpComp Open "GET" $MyUrl 0

   #If WinHttp thinks this is not an intranet website, set security to low.
           $WinHttpComp SetAutoLogonPolicy 0

   #Send the Request, doing all the authentication under the hood
           $WinHttpComp Send

   tk_messageBox -type ok -title "Status" -message "[$WinHttpComp Status]\n[$WinHttpComp StatusText]"
   tk_messageBox -type ok -title "Result" -message "[$WinHttpComp ResponseText]"

Category Person