NTLM authentication

Questions and answers on designing your Servoy solutions, database modelling and other 'how do I do this' that don't fit in any of the other categories

NTLM authentication

Postby rieder » Wed Apr 19, 2017 11:02 am

Hi

Our customer is asking for NTLM support of our products: Clients would like to launch our application(s) using NTLM for authentication. E. g. the client did login to a computer, opens a browser and enters the URL to start an NG client. Is this possible? And how?

Thanks and regards
Birgit Rieder
7r AG, Switzerland
SAN Developer
http://www.seven-r.ch
User avatar
rieder
 
Posts: 81
Joined: Thu Jan 26, 2012 5:18 pm

Re: NTLM authentication

Postby rvanderburg » Wed Apr 19, 2017 3:38 pm

That's probably possible. It would require research on how to create a web component that taps into this and then it would need to be built. This is not a simple task, however. NTLM seems a fairly old protocol. Most enterprises are moving to SAML2 for SSO in the web.
rvanderburg
Site Admin
 
Posts: 47
Joined: Wed May 04, 2011 10:28 am

Re: NTLM authentication

Postby rieder » Wed Apr 19, 2017 5:06 pm

Thank you. Now I know, that there is nothing available so far. And that it wouldn't be that easy.
So I better first ask for the future plans. Not, that we investigate time (and money) and the customer switches to other technologies.

Kind regards
Birgit Rieder
7r AG, Switzerland
SAN Developer
http://www.seven-r.ch
User avatar
rieder
 
Posts: 81
Joined: Thu Jan 26, 2012 5:18 pm

Re: NTLM authentication

Postby kwpsd » Wed Apr 19, 2017 7:15 pm

Birgit,

Have your customer read this article..perhaps, it will change the customer's position on using NTLM for automatic web logins:

https://blog.preempt.com/the-security-risks-of-ntlm-proceed-with-caution
Kim W. Premuda
San Diego, CA USA
User avatar
kwpsd
 
Posts: 566
Joined: Sat Jul 28, 2007 6:59 pm
Location: San Diego, CA USA

Re: NTLM authentication

Postby rieder » Thu Apr 20, 2017 11:21 am

Thank you, Kim, probably not. Interesting article which should prevent you from using NTLM.

By the way, how can this be used from within a browser?
Birgit Rieder
7r AG, Switzerland
SAN Developer
http://www.seven-r.ch
User avatar
rieder
 
Posts: 81
Joined: Thu Jan 26, 2012 5:18 pm

Re: NTLM authentication

Postby kwpsd » Thu Apr 20, 2017 7:26 pm

We set up NTLM browser authentication a long time ago for a non-Servoy project and this is what we generally did...

NTLM authentication is turned off (by default) in most browsers. For IE, go into Tools → Internet Options → Security and change the Internet Zone settings to 'Automatic logon with current user name and password'. Then, go into (Trusted) Sites and add the fully qualified domain/path name to the customer's active directory. Other browsers should have similar settings.

My knowledge of the NG client is limited, therefore, I cannot comment on how to use NTLM within the client...sorry.

I hope this helps!
Kim W. Premuda
San Diego, CA USA
User avatar
kwpsd
 
Posts: 566
Joined: Sat Jul 28, 2007 6:59 pm
Location: San Diego, CA USA

Re: NTLM authentication

Postby rieder » Tue May 02, 2017 8:35 am

Hi Kim

Thanks anyway for giving information about security options in browsers. This helps a lot.

Kind regards
Birgit Rieder
7r AG, Switzerland
SAN Developer
http://www.seven-r.ch
User avatar
rieder
 
Posts: 81
Joined: Thu Jan 26, 2012 5:18 pm


Return to Programming with Servoy

Who is online

Users browsing this forum: No registered users and 2 guests