Article delegate-en/4111 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4110@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FW: [DeleGate-En] Windows Integrated Authentication
05 Sep 2008 10:10:01 GMT "Nagel, Willy" <ptihqbdyi-5bnwhwfcsmlr.ml@ml.delegate.org>


Hi Yutaka,

I'm using MSIE7.

Normally, when connecting to an NTLM enabled site from a non-domain
computer / non-local hostname, you get a popup in which you'll have to
enter your credentials.

I have tried it on the server itself and then it works fine. On another
machine (non-domain, external) I expected to receive a popup and the
credentials to passed on to IIS.

Is this possible? Now it takes the credentials of the users that's
logged on to the server and then it works.

The website is accessible directly from the inside (from domain PC's)
and users are automatically logged on. The idea is that the users can
connect from outside our network, to the website and to enter their
credentials to authenticate. Because we don't want them to connect
directly to the webserver, the idea was to place a Delegate server in
between.

Kind regards,

Willy Nagel.

-----Original Message-----
From: Yutaka Sato [mailto:feedback@delegate.org] 
Sent: Friday, September 05, 2008 11:51 AM
To: feedback@delegate.org
Cc: feedback@delegate.org; Nagel, Willy
Subject: Re: [DeleGate-En] FW: [DeleGate-En] Windows Integrated
Authentication

Hi Willy,

In message <_A4109@delegate-en.ML_>
on 09/05/08(18:32:23) you "Nagel, Willy" <ptihqbdyi-5bnwhwfcsmlr.ml@ml.delegate.org> wrote:
 |I already tested using http in stead of https.

With which browser and what URL are you accessing the DeleGate?
If you are accessing the DeleGate with "non-local hostname" with MSIE,
NTLM is not enabled by default.

<URL:http://support.microsoft.com/kb/258063>
> Internet Explorer must consider the requested URL to be on the 
> intranet (local). If the computer name portion of the requested URL 
> contains periods (such as http://www.microsoft.com and 
> http://10.0.0.1), Internet Explorer assumes that the requested address

> exists on the Internet and does not pass any credentials 
> automatically. Addresses without periods (such as http://webserver) 
> are considered to be on the intranet (local); Internet Explorer passes

> credentials automatically. The only exception is addresses included in
the Intranet zone in Internet Explorer.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law.

If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message.

Thank you for your co-operation.



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V