Hi,
I was hoping that you could help me. I running Apache 2.0.52/mod_perl 1.99.19/Apache::AuthenNTLM 2.08 on Fedora Core 3 and I'm running into a problem. In the browser both IE and Firefox NTLM pass-thru authentication seems to fail and I get prompted for my username and password, but the realm that I set in the AuthName is missing. It says 'Enter username and password for "" at http...' Anything I enter here still fails to authenicate, correct or not. However, if I press the Cancel button, I get prompted for my password again and this time the realm shows up in the dialog box in the quotes, I enter the correct username and password and up comes my web site.
I was hoping that you could help me. I running Apache 2.0.52/mod_perl 1.99.19/Apache::AuthenNTLM 2.08 on Fedora Core 3 and I'm running into a problem. In the browser both IE and Firefox NTLM pass-thru authentication seems to fail and I get prompted for my username and password, but the realm that I set in the AuthName is missing. It says 'Enter username and password for "" at http...' Anything I enter here still fails to authenicate, correct or not. However, if I press the Cancel button, I get prompted for my password again and this time the realm shows up in the dialog box in the quotes, I enter the correct username and password and up comes my web site.
My config is as
follows:
<Location
/>
PerlAuthenHandler Apache::AuthenNTLM
AuthType ntlm,basic
AuthName test
Require valid-user
PerlAddVar ntdomain "cmg-corp co-dc1"
PerlSetVar defaultdomain cmg-corp
PerlSetVar ntlmdebug 1
</Location>
PerlAuthenHandler Apache::AuthenNTLM
AuthType ntlm,basic
AuthName test
Require valid-user
PerlAddVar ntdomain "cmg-corp co-dc1"
PerlSetVar defaultdomain cmg-corp
PerlSetVar ntlmdebug 1
</Location>
Here is the log. 9599 is the transaction when I first call the web
page in the browser. 9600 is when I try on log on when the realm is
blank. 9601 is from when I successfully authenicate, using basic it
seems.
[Tue Dec 28 09:26:43 2004]
[notice] Apache/2.0.52 (Unix) mod_ssl/2.0.52 OpenSSL/0.9.7a mod_perl/1.99_19
Perl/v5.8.5 configured -- resuming normal operations
[9599] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9599] AuthenNTLM: Config Default Domain = cmg-corp
[9599] AuthenNTLM: Config Fallback Domain =
[9599] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9599] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9599] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9599] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9599] AuthenNTLM: Config SplitDomainPrefix =
[9599] AuthenNTLM: Authorization Header <not given>
[Tue Dec 28 09:26:54 2004] [error] Bad/Missing NTLM/Basic Authorization Header for /
[9599] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9599] AuthenNTLM: Config Default Domain = cmg-corp
[9599] AuthenNTLM: Config Fallback Domain =
[9599] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9599] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9599] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9599] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9599] AuthenNTLM: Config SplitDomainPrefix =
[9599] AuthenNTLM: Authorization Header <not given>
[Tue Dec 28 09:26:54 2004] [error] Bad/Missing NTLM/Basic Authorization Header for /
[9600] AuthenNTLM: Config
Domain = cmg-corp pdc = co-dc1 bdc =
[9600] AuthenNTLM: Config Default Domain = cmg-corp
[9600] AuthenNTLM: Config Fallback Domain =
[9600] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9600] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9600] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9600] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9600] AuthenNTLM: Config SplitDomainPrefix =
[9600] AuthenNTLM: Authorization Header NTLM
[9600] AuthenNTLM: protocol=NTLMSSP, type=1, flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET), flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=0, domain offset=0, host length=0, host offset=0, host=, domain=
[9600] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9600] AuthenNTLM: enter lock
[9600] AuthenNTLM: verify handle
[9600] AuthenNTLM: charencoding = 1
[9600] AuthenNTLM: flags2 = 130
[9600] AuthenNTLM: Send header: NTLM ...
[9600] AuthenNTLM: Start NTLM Authen handler pid = 9600, connection = 163322120 conn_http_hdr = keep-alive main = cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
[9600] AuthenNTLM: leave lock
[9600] AuthenNTLM: Setup new object
[9600] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9600] AuthenNTLM: Config Default Domain = cmg-corp
[9600] AuthenNTLM: Config Fallback Domain =
[9600] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9600] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9600] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9600] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9600] AuthenNTLM: Config SplitDomainPrefix =
[9600] AuthenNTLM: Authorization Header NTLM
[9600] AuthenNTLM: protocol=NTLMSSP, type=3, [EMAIL PROTECTED]@[EMAIL PROTECTED]@s^@, [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@2^@, domain=, msg_len=0[9600] handler type == 3
[Tue Dec 28 09:27:38 2004] [error] SMB Server connection not open in state 3 for /
[9600] AuthenNTLM: Config Default Domain = cmg-corp
[9600] AuthenNTLM: Config Fallback Domain =
[9600] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9600] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9600] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9600] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9600] AuthenNTLM: Config SplitDomainPrefix =
[9600] AuthenNTLM: Authorization Header NTLM
[9600] AuthenNTLM: protocol=NTLMSSP, type=1, flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET), flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=0, domain offset=0, host length=0, host offset=0, host=, domain=
[9600] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9600] AuthenNTLM: enter lock
[9600] AuthenNTLM: verify handle
[9600] AuthenNTLM: charencoding = 1
[9600] AuthenNTLM: flags2 = 130
[9600] AuthenNTLM: Send header: NTLM ...
[9600] AuthenNTLM: Start NTLM Authen handler pid = 9600, connection = 163322120 conn_http_hdr = keep-alive main = cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
[9600] AuthenNTLM: leave lock
[9600] AuthenNTLM: Setup new object
[9600] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9600] AuthenNTLM: Config Default Domain = cmg-corp
[9600] AuthenNTLM: Config Fallback Domain =
[9600] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9600] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9600] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9600] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9600] AuthenNTLM: Config SplitDomainPrefix =
[9600] AuthenNTLM: Authorization Header NTLM
[9600] AuthenNTLM: protocol=NTLMSSP, type=3, [EMAIL PROTECTED]@[EMAIL PROTECTED]@s^@, [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@2^@, domain=, msg_len=0[9600] handler type == 3
[Tue Dec 28 09:27:38 2004] [error] SMB Server connection not open in state 3 for /
[9601] AuthenNTLM: Config
Domain = cmg-corp pdc = co-dc1 bdc =
[9601] AuthenNTLM: Config Default Domain = cmg-corp
[9601] AuthenNTLM: Config Fallback Domain =
[9601] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9601] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9601] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9601] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9601] AuthenNTLM: Config SplitDomainPrefix =
[9601] AuthenNTLM: Authorization Header Basic
[9601] AuthenNTLM: basic auth username = cmg-corp\fhess
[9601] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9601] AuthenNTLM: enter lock
[9601] AuthenNTLM: verify handle fhess
[9601] AuthenNTLM: Verify user fhess via smb server
[9601] AuthenNTLM: leave lock
[9601] AuthenNTLM: OK pid = 9601, connection = 163322120 cuser = cmg-corp\fhess ip = 10.0.0.101
[9601] AuthenNTLM: Start NTLM Authen handler pid = 9601, connection = 163322120 conn_http_hdr = keep-alive main = Apache::RequestRec=SCALAR(0x9bbcb20) cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
[9601] AuthenNTLM: Setup new object
[9601] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9601] AuthenNTLM: Config Default Domain = cmg-corp
[9601] AuthenNTLM: Config Fallback Domain =
[9601] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9601] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9601] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9601] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9601] AuthenNTLM: Config SplitDomainPrefix =
[9601] AuthenNTLM: Authorization Header Basic
[9601] AuthenNTLM: basic auth username = cmg-corp\fhess
[9601] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9601] AuthenNTLM: enter lock
[9601] AuthenNTLM: verify handle fhess
[9601] AuthenNTLM: Verify user fhess via smb server
[9601] AuthenNTLM: leave lock
[9601] AuthenNTLM: OK pid = 9601, connection = 163322120 cuser = cmg-corp\fhess ip = 10.0.0.101
[9601] AuthenNTLM: Start NTLM Authen handler pid = 9601, connection = 163322120 conn_http_hdr = keep-alive main = Apache::RequestRec=SCALAR(0x9bbcb20) cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
[9601] AuthenNTLM: Config Default Domain = cmg-corp
[9601] AuthenNTLM: Config Fallback Domain =
[9601] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9601] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9601] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9601] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9601] AuthenNTLM: Config SplitDomainPrefix =
[9601] AuthenNTLM: Authorization Header Basic
[9601] AuthenNTLM: basic auth username = cmg-corp\fhess
[9601] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9601] AuthenNTLM: enter lock
[9601] AuthenNTLM: verify handle fhess
[9601] AuthenNTLM: Verify user fhess via smb server
[9601] AuthenNTLM: leave lock
[9601] AuthenNTLM: OK pid = 9601, connection = 163322120 cuser = cmg-corp\fhess ip = 10.0.0.101
[9601] AuthenNTLM: Start NTLM Authen handler pid = 9601, connection = 163322120 conn_http_hdr = keep-alive main = Apache::RequestRec=SCALAR(0x9bbcb20) cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
[9601] AuthenNTLM: Setup new object
[9601] AuthenNTLM: Config Domain = cmg-corp pdc = co-dc1 bdc =
[9601] AuthenNTLM: Config Default Domain = cmg-corp
[9601] AuthenNTLM: Config Fallback Domain =
[9601] AuthenNTLM: Config AuthType = ntlm,basic AuthName = test
[9601] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[9601] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on
[9601] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[9601] AuthenNTLM: Config SplitDomainPrefix =
[9601] AuthenNTLM: Authorization Header Basic
[9601] AuthenNTLM: basic auth username = cmg-corp\fhess
[9601] AuthenNTLM: Connect to pdc = co-dc1 bdc = domain = cmg-corp
[9601] AuthenNTLM: enter lock
[9601] AuthenNTLM: verify handle fhess
[9601] AuthenNTLM: Verify user fhess via smb server
[9601] AuthenNTLM: leave lock
[9601] AuthenNTLM: OK pid = 9601, connection = 163322120 cuser = cmg-corp\fhess ip = 10.0.0.101
[9601] AuthenNTLM: Start NTLM Authen handler pid = 9601, connection = 163322120 conn_http_hdr = keep-alive main = Apache::RequestRec=SCALAR(0x9bbcb20) cuser = remote_ip = 10.0.0.101 remote_port = remote_host = <> version = 2.08
Fraser Hess