Apache:AuthenNTLM - why does it prompt for a password


Hi guys,

I have Apache:AuthenNTLM partially working... 

Firefox
- prompts me for a username/password with the the following message:
Please enter a username and password for "" at http://nmv-intranetdev/ 
- If I enter a valid username/password it works.  
- If I hit cancel, I then get another prompt for a uername/password:
Please enter a username and password for 'NIGHTLIFE' at
http://nmv-intranetdev/ (NIGHTLIFE is the AuthName field in the http.conf).
- I have also added NIGHTLIFE to network.automatic-ntlm-auth.trusted-uris in
Firefox about:config

Internet Explorer 6/7
- Error message: cannot display the page
- I have also added the URL of the webserver to the trusted sites

Here is my http.conf
LoadModule perl_module /usr/lib/apache2/modules/mod_perl.so
<Location />
AllowOverride All
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName NIGHTLIFE
require valid-user
PerlAddVar ntdomain "NIGHTLIFE  nmv-pdc nmv-pdc"
PerlSetVar defaultdomain NIGHTLIFE
#PerlSetVar ntlmauthoritative off
#PerlSetVar basicauthoritative off
PerlSetVar splitdomainprefix 1
PerlSetVar ntlmdebug 2
</Location>

Apache log for FireFox
[Mon Oct 08 09:46:08 2007] [error] Bad/Missing NTLM/Basic Authorization
Header for /temp/test.php
[6510] AuthenNTLM: verify handle  smbhandle == 9197184
[6510] AuthenNTLM: Send: 78 84 76 77 83 83 80 0 2 0 0 0 0 0 0 0 40 0 0 0 1
130 0 0 213 29 91 57 121 58 129 234 0 0 0 0 0 0 0 0
[6510] AuthenNTLM: charencoding = 1
[6510] AuthenNTLM: flags2 = 130
[6510] AuthenNTLM: nonce=Õ[9y:ê
[6510] AuthenNTLM: Send header: NTLM
TlRMTVNTUAACAAAAAAAAACgAAAABggAA1R1bOXk6geoAAAAAAAAAAA==
[6510] AuthenNTLM: verify handle = 1 smbhandle == 9197184
[6510] AuthenNTLM: Start NTLM Authen handler pid = 6510, connection =
9179312 conn_http_hdr = keep-alive  main =  cuser =  remote_ip =
192.168.1.250 remote_port = 12598 remote_host = <> version = 0.02 smbhandle
=
[6510] AuthenNTLM: Object exists user = \
[6510] AuthenNTLM: Authorization Header NTLM
TlRMTVNTUAADAAAAGAAYAFYAAAAYABgAbgAAAAAAAABAAAAACAAIAEAAAAAOAA4ASAAAAAAAAAAAAAAAAYIAAGEAZABhAG0ASQBUAC0AUABDAC0ANAAqFlak/RLK+iqGWpmCsRCNkrX/buVxeKgqFlak/RLK+iqGWpmCsRCNkrX/buVxeKg=
[6510] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 3 0 0 0 24 0 24 0 86 0 0 0 24
0 24 0 110 0 0 0 0 0 0 0 64 0 0 0 8 0 8 0 64 0 0 0 14 0 14 0 72 0 0 0 0 0 0
0 0 0 0 0 1 130 0 0 97 0 100 0 97 0 109 0 73 0 84 0 45 0 80 0 67 0 45 0 52 0
42 22 86 164 253 18 202 250 42 134 90 153 130 177 16 141 146 181 255 110 229
113 120 168 42 22 86 164 253 18 202 250 42 134 90 153 130 177 16 141 146 181
255 110 229 113 120 168
[6510] AuthenNTLM: protocol=NTLMSSP, type=3, user=adam, host=IT-PC-4,
domain=, msg_len=0
[6510] handler type == 3
[6510] AuthenNTLM: verify handle = 3 smbhandle == 9197184
[6510] AuthenNTLM: Verify user adam via smb server


Apache log for IE
[Mon Oct 08 09:51:01 2007] [error] Bad/Missing NTLM/Basic Authorization
Header for /temp/test.php
[6490] AuthenNTLM: Start NTLM Authen handler pid = 6490, connection =
9179312 conn_http_hdr = Keep-Alive  main =  cuser =  remote_ip =
192.168.1.250 remote_port = 12598 remote_host = <> version = 0.02 smbhandle
=
[6490] AuthenNTLM: Setup new object
[6490] AuthenNTLM: Config Domain = nightlife  pdc = nmv-pdc  bdc = nmv-pdc
[6490] AuthenNTLM: Config Default Domain = NIGHTLIFE
[6490] AuthenNTLM: Config Fallback Domain =
[6490] AuthenNTLM: Config AuthType = ntlm,basic AuthName = NIGHTLIFE
[6490] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1
[6490] AuthenNTLM: Config NTLMAuthoritative = on  BasicAuthoritative = on
[6490] AuthenNTLM: Config Semaphore key = 23754 timeout = 2
[6490] AuthenNTLM: Config SplitDomainPrefix = 1
[6490] AuthenNTLM: Authorization Header NTLM
TlRMTVNTUAABAAAAB7IIogkACQAvAAAABwAHACgAAAAFASgKAAAAD0lULVBDLTROSUdIVExJRkU=
[6490] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 1 0 0 0 7 178 8 162 9 0 9 0
47 0 0 0 7 0 7 0 40 0 0 0 5 1 40 10 0 0 0 15 73 84 45 80 67 45 52 78 73 71
72 84 76 73 70 69
[6490] AuthenNTLM: protocol=NTLMSSP, type=1,
flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET),
flags2=178(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=9, domain
offset=47, host length=7, host offset=40, host=IT-PC-4, domain=NIGHTLIFE
[6490] handler type == 1
[6490] AuthenNTLM: Connect to pdc = nmv-pdc bdc = nmv-pdc domain = nightlife
[6490] AuthenNTLM: enter lock
[6489] AuthenNTLM: leave lock
[Mon Oct 08 09:51:01 2007] [error] Wrong password/user (rc=3/1/327681):
NIGHTLIFE\\adam for /favicon.ico
[6489] AuthenNTLM: rc = 3  ntlmhash =
[6490] AuthenNTLM: verify handle  smbhandle == 11053552
[6490] AuthenNTLM: Send: 78 84 76 77 83 83 80 0 2 0 0 0 0 0 0 0 40 0 0 0 1
130 0 0 6 181 99 222 193 217 9 10 0 0 0 0 0 0 0 0
[6490] AuthenNTLM: charencoding = 1
[6490] AuthenNTLM: flags2 = 130
[6490] AuthenNTLM: nonce=µcÞÁÙ
[6490] AuthenNTLM: Send header: NTLM
TlRMTVNTUAACAAAAAAAAACgAAAABggAABrVj3sHZCQoAAAAAAAAAAA==
[6490] AuthenNTLM: verify handle = 1 smbhandle == 11053552

Any ideas why this is not working? How do I get this working with both
Firefox and IE?  
I have am starting to think that seamless authentication is more hassle than
it is worth...

Thanks,
Adam
-- 
View this message in context: 
http://www.nabble.com/Apache%3AAuthenNTLM-not-working-properly-tf4585199.html#a13088697
Sent from the mod_perl - General mailing list archive at Nabble.com.

Reply via email to