I have an application which uses NTLM for SSO authentication which is setup on apache using following:
<Location /> SetHandler dispatcher-handler AuthName "A Protected Place" AuthType SSPI SSPIAuth On SSPIAuthoritative On SSPIDomain SRV11599 SSPIOmitDomain On SSPIOfferBasic Off SSPIBasicPreferred Off SSPIUsernameCase lower SSPIPerRequestAuth On SSPIOfferSSPI On SSPIPackage NTLM Require valid-user <Location> The NTLM authentication handshake (https://blogs.msdn.microsoft.com/chiranth/2013/09/20/ntlm-want-to-know-how-it-works/) follows the correct sequence in any non-IE browser. But it breaks for IE browser.
After one 401 response, IE sends POST request again with POST data but with Content-Length 0. Server responds to that request but IE does not retries the request again.
Any idea on what could be the reason and its fix?
Replicated it on IE11 and IE10.
Apache 2.2, mod_auth_sspi 1.0.4
0 comments:
Post a Comment