You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Fabrizio Reale <fa...@redomino.com> on 2007/11/09 11:17:18 UTC

[users@httpd] Re: Use NTLM only when needed

Hi Christian,

> On Tue, Nov 06, 2007 at 10:41:57PM +0100, Fabrizio Reale wrote:
>> I have a web application (Plone) which has its own authentication, but in
>> an intranet I set up the NTLM authentication using the mod_ntlm module.
>> It works very well when I am using a windows PC, but when I use my Linux
>> desktop I must login using the ugly NTLM popup window.
>> I would rather prefer to use the standard login of the web application.
>> So if I can perform the NTLM authentication the system should
>> authomatically log me, but if not I would like to see the application as
>> an anonimous user.
>> 
>> Does any one know how to do that?

> I can think of a hack including mod_rewrite and possibly mod_security,
> but it means a potential breach of your security and is really
> complicated. Unless you absolutely have to (and "ugly popup" sounds
> annoying, but not really lethal) I would stick with the situation
> as is. If you really have to, then there are a lot of learning
> opportunities ahead. ;)

The ugly popup is shown before any page, so the user can not even know where
is going and it is not easy to write a password without viewing a page.

What hack do you suggest?

> However, I'd be happy to hear about Firefox on Linux being able to respond
> to NTLM by itself. Have not checked that in quite some time. And it
> would solve your problem too, I suppose.

No, because sometimes I am not in the intranet.

Thank you,
Fabrizio

-- 
Fabrizio Reale                               fabrizio.reale@redomino.com
Redomino S.r.l.                 Largo Valgioie 14 - 10146 Torino - Italy
Tel: +39 011 7499875 - Fax: +39 011 3716911    http://www.redomino.com/



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org