TechQA.

How NTLM works for webservice to authenticate users?

9.3k views Asked by At

I gone through some websites for better understanding of ntlm like http://www.innovation.ch/personal/ronald/ntlm.html. And I started to create a demo which authenticate users in nodejs application using ntlm. In this demo I created application with expressjs and express-ntlm modules. But still I didn't understood that, how ntlm works with nodejs webservices?

I am having some questions in my mind about ntlm authentication.

  • How ntlm works for webservice?
  • How can I customize login page while using ntlm? currently I am getting input box for login credentials.
  • Which users can I use to authenticate? currently the application accepting anything as username and password. So I am not clear that which username and password it will use.

Here is my code.

var app, express, ntlm;

express = require('express');

ntlm = require('express-ntlm');

app = express();

app.all('/', ntlm());

app.get('/', function(request, response) {
  response.send(request.ntlm);
});

app.listen(3000);
node.js rest http express ntlm
Original Q&A
3

There are 3 answers

3
Brian Shamblen On BEST ANSWER

There is a Passport.js authentication strategy that supports NTLM authentication and has a method for allowing a custom login screen. How to configure it will depend on which type of server you're using, but they do a good job of explaining the concepts within their examples.

Look at the section Non-Integrated authentication

https://www.npmjs.org/package/passport-windowsauth

0
Naeem Shaikh On

I think you are looking for this answer. Read the answer by josh3736, he explains the flow in NTLM.

Also as suggested by Brian Shamblen, you dont really need to get into all this stuff, passport.js can efficiently handle all this for you. here is a tutorial http://passportjs.org/guide/

0
KARTHIKEYAN.A On

NTLM PROCESS FOR GET REQUESTS:

 STEP 1: The Client requests a protected resource from the server
 STEP 2: The Server responds with a 401 status, with a header indicating that the client must authenticate
 STEP 3: The Client resubmits the request with an Authorization header containing a Base-64 encoded Type 1 message.  From this point forward, the connection is kept open; closing the connection requires reauthentication of subsequent requests.
 STEP 4: The Server replies with a 401 status containing a Base-64 encoded Type 2 message in the WWW-Authenticate header
 STEP 5: The Client responds to the Type 2 message by resubmitting the request with an Authorization header containing a Base-64 encoded Type 3 message
 STEP 6: Finally, the Server validates the responses in the client's Type 3 message and allows access to the resource.

NTLM PROCESS FOR POST REQUESTS:

 STEP 1: The Client submit an empty POST request with a Type 1 message in the "Authorization" header
 STEP 2: The Server replies with a 401 status containing a Base-64 encoded Type 2 message in the WWW-Authenticate header
 STEP 3: The Client resubmits the POST with a Base-64 encoded Type 3 message Type 3 message, sending the data payload with the request.

Related Questions in NODE.JS

Related Questions in REST

Related Questions in HTTP

Related Questions in EXPRESS

Related Questions in NTLM

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions