I have a server that supports both methods Negotiate & NTLM (Using Waffle). The detail is that it only sends "WWW-Authenticate: Negotiate". On Windows, this works as expected: Chrome prompts for NTLM credentials. But on Linux, this fails without prompting for any credentials. I know that this works if I explicitly send another header "WWW-Authenticate: NTLM", but my question is: what is the difference in Chrome between Windows & Linux, that Windows "seems" to detect that the server supports NTLM without the extra header?
Asked
Active
Viewed 252 times
1 Answers
0
Chrome uses the OS library to negotiate the authentication. On Linux this is typically GSS-API, which doesn't correctly negotiate fallback to NTLM.
You can resolve the issue on your Linux machine by installing https://github.com/gssapi/gss-ntlmssp
NetworkMeister
- 1,625
- 2
- 14
- 19