I think you need to change the setting on IIS webserver. Navigate as follow
virtual directory of your website -> Directory Security ->edit. Check the basic 
Authentication and uncheck the Integrated Window Authentication. Restart the 
webserver.

Neelam Kumar Sharma
PSPL PUNE INDIA


----- Original Message -----
From: "Pieter Vanmeerbeek" <[EMAIL PROTECTED]>
To: <users@httpd.apache.org>
Sent: Wednesday, September 26, 2007 3:30 PM
Subject: [EMAIL PROTECTED] Header set & WWW-Authenticate


> Hi,
>
> I'm working with the following setup :
>
> Client <-- internet--> apache reverse proxy <--lan--> owa 2003 with NTLM &
> basic  authenticaton activated
>
> When using this setup the NTLM authentication is chosen by a browser on the
> client instead of the basic authentication.
> My goal is to use basic authentication and to disable NTLM authentication.
> Unfortunalty due to circumstances I cannot disable it on the owa server
> itself.
> Hence I was searching for a way to achief the same result using the reverse
> proxy.
>
> In the apache doc I found the Header directive which allows modification of
> headers if they exist.
> So I'm getting the following headers from  the IIS :
>
> WWW-Authenticate: Negotiate
> WWW-Authenticate: NTLM
> WWW-Authenticate: Basic realm="x.x.x.x"
>
> And I want to only comminicate the basic one to the client.
>
> When using Header unset WWW-Authenticate all headers are removed resulting
> in an error since no authentication is performed.
> So I wanted to use the Header edit option which allows modification in the
> header exists
>
> Header edit WWW-Authenticate: ^NTLM dummy
>
>
> Unfortunatly doing this results in removal of all WWW-Authenticate headers
> except for the Negotiate instead of modification of the headers.
> Headers sent to client :
> WWW-Authenticate: Negotiate
>
>
> Can anyone help me and tell me what I'm doing wrong?
>
> Kind regards
> Pieter
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>    "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Pvt. Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Pvt. Ltd. does not accept any liability for virus infected mails.

Reply via email to