Determine if your browser supports integrated Windows authentication

Question

Determine if your browser supports integrated Windows authentication

Is there a way to determine if the NTLM browser supports without enabling NTLM for a specific site or directory in IIS and without displaying the login / popup dialog? Preferably, this is determined using ColdFusion or, possibly, with some combination of JS and CF. I would prefer not to restrict it to just IE, as other browsers (such as FF) support NTLM authentication.

+6

javascript coldfusion iis ntlm

illvm Jun 22 '09 at 20:51

source share

3 answers

Lou franco · Answer 1 · 2009-06-22T20:58:18+0000

If you request a page and the page returns 401 and says that it only accepts NTLM, and then the browser sends another HTTP packet trying to respond to it, then it supports NTLM. You do not need to force IIS to do this - you can have any page on which you can set response codes and NTLM header requests. If you did not receive another request, this means that the client was unable to authenticate this method.

You can detect this on the client by placing this request in an IFrame and then on the external page to check what happened in the iframe.

Steve-Cutter-Blades · Answer 2 · 2009-06-22T21:22:57+0000

Based on Lou's answer, you can make a cfhttp request in a try / catch block. Then you check the response headers to determine the next steps.

Adam tuttle · Answer 3 · 2009-06-23T15:02:36+0000

Unfortunately, you can use browser sniffing and whitelisting.

Determine if your browser supports integrated Windows authentication

More articles: