Say that you work for a company that limits internet access through a
proxy that requires SPNEGO authentication, if you want to use an
application that does not support this authentication mechanism, then
you are out of luck. spnego-proxy enables those applications to
access internet by handling the authentication on behalf of the
client. It sits between the application and the real proxy and acts as
a normal HTTP proxy. It forwards requests made by the client to the
real proxy by adding a Proxy-Authorization header to the
requests. It does not alter nor does it inspects traffic between the
client and the real proxy.
Just copy one of the pre-compiled binary available
here on
your machine (preferably in a location contained in your PATH) and you
are done. If you feel adventurous or you don't like using binaries not
compiled by you, you can compile the binary from sources. To do so,
you need to install the Go toolchain. Once
the go toolchain is installed on your machine, execute go install github.com/montag451/spnego-proxy@latest. The binary will be
installed in the bin directory of your GOPATH (use go env GOPATH
to find out the value of GOPATH on your machine)
Type spnego-proxy -h to find out the options that the
command understands. The required options are:
addrconfiguserrealmproxy
The addr flag specifies the listening address of the proxy.
The config flag specifies the location of a file which contains
Active Directory or Kerberos configuration information required to
authenticate with SPNEGO. The format of the file is specified
here.
The user flag specifies the user name used to authenticate with the real proxy.
The realm flag specifies the Kerberos realm or the Active Directory
domain to which the user belongs.
The proxy flag specifies the address of the real proxy.