Using ruby net/http library I cannot authenticate http request with basic auth going to the IIS server

Question

The IIS server has basic auth enabled alongside Negotiate and NTLM. Here's Response headers:

{"content-type"=>["text/html"], "server"=>["Microsoft-IIS/10.0"], "www-authenticate"=>["Negotiate", "NTLM", "Basic realm=\"my_realm\""], "x-powered-by"=>["ASP.NET"], "date"=>["Thu, 19 Apr 2018 22:14:06 GMT"], "content-length"=>["1293"]}

With browser doing NTLM authentication, I can successfully authenticate to it entering my user credentials. But submitting request via Ruby's net/http library and doing basic auth, I am getting 401 Unauthroized for the same user. Below is my code trying to submit successful get request:

require 'net/http'
def get(username, password)
uri = URI.parse(URI)
req = Net::HTTP::Get.new(uri.path)
req.basic_auth(username, password)
http = Net::HTTP.start(uri.host, uri.port) do |http|
    resp = http.request(req)
    resp
end

From enabling basic auth on IIS server and submitting http request via Ruby net/http library, I have tried all hooks and researched enough, but can't seem to possibly authenticate to the server with basic auth. Looking at the response, I do doubt that server might be expecting NTLM or Negotiate scheme, as it seem to just ignore the basic auth. Any help would be appreciated much!

Answer 1

Was missing domain entry in the username. I was unable to authenticate for my user with username 'testuser'. So appending domain name to it was the trick here. Here's the scoop , for a given username 'testuser' and domain 'FOO', authenticating with username = "FOO\testuser" worked.

require 'net/http'
def self.get(username, password)
  uri = URI.parse(URI)
  req = Net::HTTP::Get.new(uri.path)
  req.basic_auth(username, password)
  http = Net::HTTP.start(uri.host, uri.port) do |http|
    resp = http.request(req)
    resp
  end
end

So, calling my get with these args:get("FOO\\testuser", "VapTest1") was all I did.