Andreas,
Kerberos and NTLM are two completely different ways of authenticating
a user. Whilst they essentially do the same thing, the main difference
that you care about is that Kerberos works correctly over HTTP, unlike
NTLM which does not.
- which module you may suggest
There are a number of mo
Max Clements:
Depending on the versions of Windows and what you are trying to do, it
may be possible to use Kerberos via Nginx, rather than NTLM.
that's what I mean saying "I don't care if it's named NTLM or ugly_voodoo"
You name it "Kerberos" - fine.
Now I came up with two questions:
- whi
Depending on the versions of Windows and what you are trying to do, it
may be possible to use Kerberos via Nginx, rather than NTLM. It
requires some foo setting up Service Principal Names, but does work
properly via an HTTP proxy, and provides passthrough auth, which seems
to be what the desire he
Hi.
Am 18-04-2016 22:59, schrieb A. Schulze:
Maxim Dounin:
Just a side note: NTLM auth is broken by design and violates HTTP
basic rules. Avoid using it if you can.
to be clear: I don't care if it's named NTLM or ugly_voodoo
The goal is a nginx accesses by a IE/edge browser. Users should n
On Apr 18, 2016, 6:25 PM -0700, Maxim Dounin, wrote:
> Hello!
>
> On Mon, Apr 18, 2016 at 02:28:19PM -0700, Payam Chychi wrote:
>
> > > Maxim Dounin:
> > >
> > > > Just a side note: NTLM auth is broken by design and violates HTTP
> > > > basic rules. Avoid using it if you can.
> > >
> > > to
Hello!
On Mon, Apr 18, 2016 at 02:28:19PM -0700, Payam Chychi wrote:
> >Maxim Dounin:
> >
> >>Just a side note: NTLM auth is broken by design and violates HTTP
> >>basic rules. Avoid using it if you can.
> >
> >to be clear: I don't care if it's named NTLM or ugly_voodoo
> >
> >The goal is a ngin
Maxim Dounin:
Just a side note: NTLM auth is broken by design and violates HTTP
basic rules. Avoid using it if you can.
to be clear: I don't care if it's named NTLM or ugly_voodoo
The goal is a nginx accesses by a IE/edge browser. Users should not be
bothered with authentication
as they
Maxim Dounin:
Just a side note: NTLM auth is broken by design and violates HTTP
basic rules. Avoid using it if you can.
to be clear: I don't care if it's named NTLM or ugly_voodoo
The goal is a nginx accesses by a IE/edge browser. Users should not be
bothered with authentication
as they
Hello!
On Mon, Apr 18, 2016 at 09:21:53PM +0200, A. Schulze wrote:
> Hello,
>
> currently we run web applications on nginx accessible from MS clients part
> of a Windows Domain.
> the users are requested to authenticate via Basic-Auth (via HTTPS) which
> nginx validate against the
> domain activ
Hello,
currently we run web applications on nginx accessible from MS clients
part of a Windows Domain.
the users are requested to authenticate via Basic-Auth (via HTTPS)
which nginx validate against the
domain activ directory using https://github.com/kvspb/nginx-auth-ldap
But I think the M
10 matches
Mail list logo
