I’m currently developing an ASP.NET App and I want to get the Username & Workstation of the current User/Request.
I want to use NTLM and the Authorization with the WWW-Authenticate: NTLM HTTP-Headers.
I’ve enabled these settings in Firefox 4:
network.negotiate-auth.trusted-uris = http://localhost
network.negotiate-auth.delegation-uris = http://localhost
network.automatic-ntlm-auth.trusted-uris = http://localhost
network.ntlm.send-lm-response = true
But I don’t get the Authorization Header in Firebug or in my app (using Request.Headers).
I’ve also tried with IE 9, but it doesn’t send it either.
Am I missing something here?
I thought they get send automatically with each request once I’ve enabled it for the trusted uris and they are send automatically in IE, too, at least in intranets.
The ASP app uses forms authentication and it should stay this way as a fallback.
Browser sends NTLM/Negotiate headers only when he gets 401 error with a corresponding
WWW-Authenticateheader (NTLM and/or Negoriate). Then browser silently makes one more request with a headers your are looking for:NTLMbefore this silent request you will be asked for login/pwd. Then if browser receive 401 error again, login/pwd prompt window pop-ups again. And this will repeate until either correct credentials or Cancel would pressed. Each request from the second, the application will get authentication headers.Negotiateyou will be asked for login/pwd only if browser were unable to authorize you. The rest is the same as that for NTLM.In any other requests these headers are not sent. As well as when anonymous authentication enabled and/or windows one disabled for requested resource.