Welcome to WebmasterWorld Guest from 54.163.84.187

Forum Moderators: incrediBILL

NTLM login via Chrome can kill the IIS server

Chrome can cause authentication loop in IIS, killing the server

   
1:14 pm on Jan 13, 2010 (gmt 0)

5+ Year Member



If you try to access a NTLM secured website on IIS via Chrome you will have to authenticate.

If you use the following structure user@domain the server is getting in an authentication loop or something, and will continue to produce like 1500 401 errors per second till your disk is full. After restarting the service you can get out of the loop.

Question:

How do I prevent for now Chrome brouwsers to be able to login? Block the browser?

3:14 pm on Jan 13, 2010 (gmt 0)

WebmasterWorld Senior Member fotiman is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



It appears to be a known issue [google.com] that Google Chrome doesn't work with NTLM authentication.
Google writes:

We're investigating this issue and will announce updates in the help forum when we have more information.

Note, there is a button on the Known Issues page to report that you are having this issue.

I don't know enough about configuring IIS to block Chrome browsers, though.

5:12 pm on Jan 13, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Here is an option, the URLScan tool:
[support.microsoft.com...]

You can block User Agents under the [DenyHeaders] section. (I haven't tried this myself though)

11:04 pm on Jan 13, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



What version of Chrome are we dealing with? I know the latest version I just downloaded (3.0.195.38) doesn't seem to have any problems. I tested it against an internal website (sharepoint) which uses NTLM to secure it. Could it be an older version that is causing the problems or a Chrome spoof?

What version of IIS, and OS?

 

Featured Threads

Hot Threads This Week

Hot Threads This Month