Jozza.net

DotNet HTTP Wrapper for ColdFusion

One of the worst caveats in ColdFusion (and Java for that matter) is lack of support for NTLM authentication over HTTP. Whilst there are numerous libraries out there trying to connect over NTLM (Apache HTTPClient, Samba JCIFS, and Jespa to name a few), none of them do a great job. Or even work half the time, for that matter. Furthermore, even in the most established libraries I feel that NTLM authentication is in there, but untested or limited in functionality.

In my opinion, it's because all these libraries are trying to interface with a platform that is poorly documented by its maker, the all-evil Microsoft Corporation. Though they have released some specification on their platform, obviously it's not enough, as these tools still don't work - at least in the network I work in.

The problem is that we are using a proxy that authenticates using NTLM (Windows based challenge-response) - and nothing else. Whilst it's extremely (unnecessarily?) secure, any attempt to use it to programmatically connect to a website results in a 407. At best, you may be able to connect to some websites, but if the return header is a 301, for example, authentication will fail again. Not nice.

So, what I have done is written a wrapper that will interface with ColdFusion via the DotNet Gateway in ColdFusion 8 and upwards. It allows authentication to occur natively in a windows environment using .net libraries - So NTLM works, both for Proxy and target server requests. I know it's not a common requirement, but I hope it helps someone out there.

To implement this code, you will need to:

  • Have the .Net Framework (3.5 or above) installed on your machine.
  • Have the .Net Integration Service installed on your machine
  • Download the zip file and extract to a folder within your custom tags search path.
  • Call the <cf_dotnethttp> tag. The attributes are as follows:
    • URL - the URL to fetch, required
    • Result - the variable to fill with the resultant HTML, required
    • ProxyServer - the name of the server to use as proxy, optional
    • ProxyPort - the server port, optional, default is 80
    • ProxyDomain - domain for proxy authentication, optional
    • ProxyUsername - username for proxy (do not include domain), optional
    • ProxyPassword - password for proxy, optional
    • AuthDomain - domain for authentication, optional
    • Username - username, optional
    • Password - password, optional


Note that there is no request timeout, this is because there is no facility for setting the timeout in the .net WebClient object, which is what I am using to connect.

Currently, the tag only returns HTML Data. I deem this sufficient but I am sure many of you dont. Inspect the WebClientWrapper object and you will also find the following methods:

  • GetResponseStatus(objResponse*) - returns a struct containing headers returned from the browser
  • getResponseStatus(objResponse*) - returns a string containing the numeric statuscode following by a space and the status description

*objResponse is the object returned from getResponse(strURL)

Limitations

Only does get requests. Post requests could be done down the track, but for now I'm sticking with get requests only.

Issues

You may find that the first request will time out, then the following requests are very fast. This only happens once - when the DLL is instantiated. After that, the problem disappears. Restart your machine, restart the DotNet service and there will be no delay. I think this is due to the service creating proxy objects for the wrapper to communicate with ColdFusion.