Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AuthenticationType Negotiate vs NTLM

Tags:

asp.net

iis

I have the same code base used on 2 different sites hosted on the same server (IIS 7.5).

For some reason, when I check the Identity.AuthenticationType property on the code behind of an http handler I see NTLM for 1 site and Negotiate for the other. This is causing some problems and I need both of them to use NTLM.

Could you help me to figure out why this difference? So far I see both IIS sites are configured on the same way but of course there is at least 1 difference that I couldn't detect. Thanks!

EDIT
I've used this link that provides instructions to remove "Negotiate" provider from IIS. It didn't work for me. I executed

appcmd.exe set config "Contoso" -section:system.webServer/security/authentication/windowsAuthentication /-"providers.[value='Negotiate']" /commit:apphost

Maybe I did something wrong, but it didn't help. I still see "Negotiate" as AuthenticationType

The problem I have is that I'm setting on web.config impersonation credentials but it's not using them. Instead of using credentials I provide, it uses the anonymous user.

And something weird is that windowsAuthentication is disabled. I thought "Negotiate" was only used by windowsAuthentication.

like image 247
Claudio Redi Avatar asked Jan 10 '11 13:01

Claudio Redi

2 Answers

Negotiate will choose either Ntlm or Kerberos authentication internally. If the site says Ntlm only Ntlm authentication would be choosen. Please check both the site and make the authentication has same.

like image 56
Vijay Avatar answered Sep 28 '22 05:09

Vijay

Windows Authentication will need to be enabled and Anonymous Authentication disabled to get the logged in user (I am assuming here that you are on authenticating on a domain and don't want to fall back to an anonymous user if the user doesn't have authorised credentials using windows auth).

In IIS7.5, to see the providers being used, click on Authentication, right-click on Windows Authentication and select providers. You will have a list of enabled providers, the order is important. Try making sure they are both the same (in your case have NTLM at the top of the list).

Sorry for the late response!

like image 20
BlackBeak Avatar answered Sep 28 '22 05:09

BlackBeak
Sign in to Comment

Related questions

Web service refuses to receive parameters and reply in JSON
Can ASP.Net 4.0 Set up as a sub application/Virtual Directory of a root site which is using ASP.Net 2.0?
Need help setting up ASP.net 3.5 (Screenshots)
I need to write a sql query to display top 25 records with a catch
How do I disable or remove unnecessary form elements before an ASP.NET asynchronous postback?
Asp.Net App Pool Overlapped Recycling Timing?
jquery disable post back on button Asp.net
Unit test or runtime ActionResult string output response via ExecuteResult?
Make encrypted string same length as input string?
ASP.Net CacheDependency object question
Handling ENTER button in TextBox, ASP.NET
NUnit Error: Not a test assembly
Sending multiple HTTP Response to a single HTTP Request in .NET
Can a WCF service be consumed as if it were an ASP.NET Web Service?
REST WCF service and Session‏ in ASP.NET
Swedish text in Web.config
Software Design & Web Service Design
Is it possible that Request.ServerVariables["HTTP_HOST"].ToString() can return a different host than what I see in the url bar
How to get object using Httpclient with response Ok in Web Api
ASP.NET IIS 7.5 HTTP 500.21 error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!