Skip to main content

wget maven ntlm proxy

How to make wget, curl and Maven download behind an NTLM Proxy


Working on CentOS, behind an NTLM proxy:
  1. yum can deal without problem with a NTLM Proxy
  2. wget, curl and Maven cannot
The solution is to use "cntlm".
"cntlm" is a NTLM client for proxies requiring NTLM authentication.

How it works
  • Install "cntlm"
  • Configure "cntlm" 
    • by giving it your credentials
    • by giving it the NTLM Proxy
  • Start "cntlm" deamon (it listens to "127.0.0.1:3128")
  • Configure wget, curl and Maven to use "cntlm" instead of using directly the NTLM Proxy
Note: You will have then a kind of 2 stages Proxy: cntlm + the NTLM proxy

Configure CNTLM

After installing cntlm, the configuration file is in "cntlm.conf".

You must have your domain (in the Windows meaning), proxy login and  proxy password.
Mine are respectively: rktmb.org, mihamina, 1234abcd (yes, just for the example)

You must have you NTLM Proxy Hostnama or IP and port
Mine are respectively: prx.rktmb.org, 8080

You have to make cntlm format them to make cntlm job easy by

cntlm -H -d rktmb.org -u mihamina

This will output something like:

PassLM          D6F1CF1F55CFC61D2C114A2E7
PassNT          B649D7C5ECEFD7A189C189763
PassNTLMv2      F9E6B8689C0B5CE6194605D73

Thanks to https://gist.github.com/lpf23/d3c4e1ef158c7fb4a909

The final "cntlm.conf" file looks like:

Username        mihamina                                                                                                                                                                  
Domain          rktmb.org                                                                                                                                                                 
Password        1234abcd                                                                                                                                                              
                                                                                                                                                                                         
PassLM          D6F1CF1F55CFC61D2C114A2E7                                                                                                                                         
PassNT          B649D7C5ECEFD7A189C189763                                                                                                                                         
PassNTLMv2      F9E6B8689C0B5CE6194605D73                                                                                                                                         
                                                                                                                                                                                        
Proxy           prx.rktmb.org:8080                                                                                                                                                        

Configuring wget to use cntlm


You have to set the following environment variables:
export https_proxy=${http_proxy}
export http_proxy=http://localhost:3128
Feel free to put it into ".bashrc" or ".bash_profile", depending on your distribution.

Configuring Maven to use cntlm


In "~/.m2/settings.xml"

<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">

  <proxies>
    <proxy>
      <id>rktmb-proxy</id>
      <active>true</active>
      <protocol>http</protocol>
      <host>127.0.0.1</host>
      <port>3128</port>
    </proxy>
  </proxies>
</settings>


Comments

Popular posts from this blog

dockerfile multiline to file

Outputing a multiline string from Dockerfile
I motsly use a Dockerfile by sourcing from a base ditribution: CentOS or Debian.
But I also have a local mirror and would like to use it for packages installation.

Espacially on CentOS it is about many lines to write to the /etc/yum.repos.d/CentOS-Base.repo file.

Easiest way: one RUN per line The first method that comes in mind is to issue one RUN per line to write.
Here you are:

RUN echo "[base] " > /etc/yum.repos.d/CentOS-Base.repo RUN echo "name=CentOS-$releasever - Base " >> /etc/yum.repos.d/CentOS-Base.repo RUN echo "baseurl=ftp://packages-infra.mg.rktmb.org/pub/centos/7/base-reposync-7 " >> /etc/yum.repos.d/CentOS-Base.repo RUN echo "gpgcheck=0 " >>…

Jira workflow for new projects

Associated workflow creation I'm a Jira Cloud user and begining from some version 6, I noticed that when I create a project, it automatically creates a Workflow and Issue Scheme that is prepended by the project key and which is a copy of the default scheme.
I always had to make a cleanup after creating a project. Default workflow for new projects I also miss a feature that would allow me to make a custom workflow (and globally custom project setting) the default for new projects I create.
Solution: Create with shared configuration While searching, I noticed that with Jira Cloud which is version 7.1.0 at the time I write, there is a link at the bottom of the "Create project" wizard:
"Create with shared configuration" will allow me to select the project I want the new one to share configuration with.

The new created project will use the same configuration as the project I selectThere will be no creation of Workflow and Issue Scheme that I need to cleanup

This fea…

vmware net_device trans_start

VMWare Workstation 12 and Kernel 4.7 When recompiling vmware kernel modules on a kernel 4.7, I get this error:

/tmp/modconfig-xrrZGZ/vmnet-only/netif.c:468:7: error: ‘struct net_device’ has no member named ‘trans_start’; did you mean ‘mem_start’?     dev->trans_start = jiffies;
This seems to be an already encountered problem: http://rglinuxtech.com/?p=1746http://ferenc.homelinux.com/?p=356 I choosed to replace the line, instead of deleting it.

- dev->trans_start = jiffies; + netif_trans_update(dev); I also noted that I had to re-tar the modified sources instead of leaving them untared, because the compilation process only takes the archives. 
On precedent editions of these files, I just left the modified folders "vmnet-only/" and "vmmon-only/" expanded without the need to re-tar them.