Hi
Our customer is asking for NTLM support of our products: Clients would like to launch our application(s) using NTLM for authentication. E. g. the client did login to a computer, opens a browser and enters the URL to start an NG client. Is this possible? And how?
Thanks and regards
That’s probably possible. It would require research on how to create a web component that taps into this and then it would need to be built. This is not a simple task, however. NTLM seems a fairly old protocol. Most enterprises are moving to SAML2 for SSO in the web.
Thank you. Now I know, that there is nothing available so far. And that it wouldn’t be that easy.
So I better first ask for the future plans. Not, that we investigate time (and money) and the customer switches to other technologies.
Kind regards
Birgit,
Have your customer read this article…perhaps, it will change the customer’s position on using NTLM for automatic web logins:
https://blog.preempt.com/the-security-risks-of-ntlm-proceed-with-caution
Thank you, Kim, probably not. Interesting article which should prevent you from using NTLM.
By the way, how can this be used from within a browser?
We set up NTLM browser authentication a long time ago for a non-Servoy project and this is what we generally did…
NTLM authentication is turned off (by default) in most browsers. For IE, go into Tools → Internet Options → Security and change the Internet Zone settings to ‘Automatic logon with current user name and password’. Then, go into (Trusted) Sites and add the fully qualified domain/path name to the customer’s active directory. Other browsers should have similar settings.
My knowledge of the NG client is limited, therefore, I cannot comment on how to use NTLM within the client…sorry.
I hope this helps!
Hi Kim
Thanks anyway for giving information about security options in browsers. This helps a lot.
Kind regards