For anyone interested...
here's my short summary of the code status...in my test environment
When NTLM is compiled in, and the domain set,
the Proxy Auth header is sent twice: once with Basic, and once with
NTLM.
IE4 on windows 98, and IE 5 on windows 2000 ignore the NTLM entry, and
pop up a dialog box asking for user input.
I modified the code to only present the NTLM line, and voila, it works
as per the various notes around on sourceforge, and this list.
I'm researching whether this is alterable behaviour in IE or not, but so
far I've found no info.
I'm planning on doing some work on this in the near future. I suggest
that the process should be
check the Agent header, if it contains MSIE (ideally if it matchs a
particular acl type - say NTLM_agents) present NTLM only, otherwise
present all known auth lines.
If the browser won't accept NTLM, fall back to presenting all known auth
lines.
Any comment/flames etc?
Also does anyone have suggestions as to preventing the logging of the
two DENIED entries while the NTLM handshake goes on?
Rob
Received on Mon Jul 10 2000 - 21:48:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:32 MST