is it possible to do NTLM Authentication in HTTP mode?
I have the following cfg:
global
log 127.0.0.1 local2 debug
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend http_in
bind *:80
mode http
option http-keep-alive
default_backend launchpad
backend launchpad
mode http
balance roundrobin
acl p_root path -i /
http-request set-path /ords/f?p=164 if p_root
server app1 server01.mydomain.com:9502/ords/ check
option http-keep-alive
option prefer-last-server
timeout server 30s
timeout connect 5s
however, every time I try to access the host server of haproxy port 80, I get prompted to enter my window credentials.
If I go directly to server01.mydomain.com:9502/ords I’m authenticated automatically (no need to enter credentials).
any ideas? I believe NTLM only works in mode tcp but I need to use mode http in order to setup the url path in the header.
1 post - 1 participant