Fabio Poloni
Fabio Poloni
Do you have any additional information? Like code you used? Or debugging information?
Interesting, I can't really tell if there's a connection or not. It looks like the domain controller returns no result but no error either. Maybe it's a configuration issue, as...
Internally `express-ntlm` uses [`net`](https://nodejs.org/dist/latest-v16.x/docs/api/net.html) for unencrypted and [`tls`](https://nodejs.org/dist/latest-v16.x/docs/api/tls.html) for encrypted communication to the LDAP server, and that's the only difference: https://github.com/einfallstoll/express-ntlm/blob/master/lib/NTLM_Proxy.js#L19,L23 There's also no other layer between, so we're talking...
I never heard about this behavior before. What browser are you using? Can you show a screenshot of the login screen that pops up? Where and how is the TLS...
Are you running the application behind a reverse proxy?
@lublak Why don't you use NTLM authentication on IIS instead?
I'm not sure whether I'm happy with this. The package yields a 500 Internal Server Error whenever something unexpected happens. If I would accept this PR, I would probably have...
From [[MS-NTHT]: NTLM Over HTTP Protocol](https://msdn.microsoft.com/en-us/library/cc237488.aspx): > Any return code other than a client error HTTP 401 status code (for more information, see [RFC2616] section 10.4.2), represents successful authentication. If...
If the implementation is strictly "Any return code other than a client error HTTP 401 status code, [...] represents successful authentication." (as you stated with the example in Chrome), then...
True! I will sleep over this, but I will probably merge your PR and remove `internalservererror` entirely. Still have to think about the impact.