[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fwd: [Bug 23679] NTLM auth for HTTP]



Damn Straight! I am so ready for this. I run our Intranet, and I have IIS (yuk) running it, just so there is a transparent login for our users. I personaly dont care if it asks for my username and password, as long as I can be on one box and work.

Rui Miguel Seabra wrote:

Good news, mozilla >= 1.6 will probably support NTLM on all platforms.

-----Forwarded Message-----
From: bugzilla-daemon mozilla org
To: rms 1407 org
Subject: [Bug 23679] NTLM auth for HTTP
Date: Mon, 17 Nov 2003 19:13:56 -0800

http://bugzilla.mozilla.org/show_bug.cgi?id=23679


darin meer net changed:


          What    |Removed                     |Added
----------------------------------------------------------------------------
 BugsThisDependsOn|                            |224653
            Status|ASSIGNED                    |RESOLVED
        Resolution|                            |FIXED




------- Additional Comments From darin meer net 2003-11-17 19:12 ------- this bug is fixed. see bug 224653 for details. here's a quick summary:

o starting with mozilla 1.6 beta, it should be possible to connect using NTLM authentication on all platforms. note: NTLM is currently only supported for HTTP or HTTPS.

o it is not supported when FIPS mode is enabled (because it uses MD4).

 o  the SSPI based WIN32 implementation has been dropped in favor of the new
    cross-platform implementation.  we had too many bugs with SSPI crashing on
    older machines.  if possible, i'd therefore like to avoid SSPI altogether.
    however, i'm willing to entertain the possibility of adding it back under
    certain conditions if it proves valuable.

 o  the new implementation attempts to negotiate the preferred NTLM2 session
    key mode whenever the server supports it.  this improves security.

o as with the previous SSPI based implementation, mozilla does not automatically send username, password, and domain (based on the user's
WINNT logon) since we feel that that is a security risk. in a future
version we may eliminate this restriction for proxy authentication.






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]