I am trying to determine how to do a health check against backend servers in HAProxy with NTLM authentication (Windows IIS servers). As I understand, it is 'multistage' in that it will do a 'basic' auth first, return a 401, and then try again with a NTLM Auth header to return the '200' code (assuming correct credentials).
This is baked into the http monitor in f5's BIGIP as I recently learned, it tries basic auth first, and then failing that attempts NTLM. Is there a way to mimick this in HA-Proxy?
I've tried configuring the http-check with a Basic authorization header but clearly this will not work. I can do a curl specifying '--ntlm' and '-H' specifying the host header and it returns the page, so I know what I have is correct.
