Advise for NTLM-Auth

Payam Chychi pchychi at
Mon Apr 18 21:28:19 UTC 2016

> Maxim Dounin:
>> Just a side note: NTLM auth is broken by design and violates HTTP
>> basic rules.  Avoid using it if you can.
> to be clear: I don't care if it's named NTLM or ugly_voodoo
> The goal is a nginx accesses by a IE/edge browser. Users should not be 
> bothered with authentication
> as they are already logged on into the windows account.
> possible?

Im not sure what you do not understand from the reply, NTLM auth is 
broken. This is not about "lets call it Voodoo_melt" and make it work, 
Windows utilizes NTLM, so... what you are trying to use will not work. 
why? because NGINX NTLM does not work.

Now, if you are looking for a solution... a solution you may have.

re-route your authentication to squid which does support NTLM auth . If 
this is not what you want to do then you are more than welcome to write 
a NTLM auth module that works.


More information about the nginx mailing list