2

When presented with the Windows forms based authentication after entering the users credentials I am prompted again for a username and password. This just keeps prompting you, I see no errors in the logs that would help. I feel the Microsoft side may be seeing some errors but I do not have access to that server.

I am sure this is a common issue. Can anyone give me some pointers?

My config:

server {
        listen       x.x.x.x:443;
        server_name mle.x.x.co.uk;

        # Enable SSL
        ssl                     on;
        ssl_certificate         /etc/nginx/ssl/certs/x.x.co.uk-cert.pem;
        ssl_certificate_key     /etc/nginx/ssl/private/x.x.co.uk-key.pem;
        ssl_session_timeout     5m;

        # Set global proxy settings
        proxy_read_timeout      360;

        proxy_pass_header       Date;
        proxy_pass_header       Server;

        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        Authorization $http_authorization;
        proxy_pass_request_headers on;
        proxy_pass_header       Authorization;

        location / {
        proxy_pass         https://1.1.1.1/;
        allow all;
        }

        error_log /var/log/nginx/mle.x.x.co.uk-error.log;
        access_log /var/log/nginx/mle.x.x.co.uk-access.log;

        error_page 500 502 503 504  /500.html;
        location = /500.html {
        root  /var/www/errorpages;
        }
}
Dave M
  • 4,514
  • 22
  • 31
  • 30
user2405918
  • 21
  • 3

1 Answers1

0

I've wanted to achieve the same thing, and have been researching online as to why this occurs. From my understanding, nginx fails the authentication because it closes the proxied TCP/IP connection after each HTTP requests. Where NTLM requires a single instance TCP/IP connection for multiple HTTP requests for authentication to succeed.

TheUniquePaulSmith
  • 381
  • 1
  • 8