Denied access to MS Web Server pages
Chris Adams
chris at improbable.org
Mon Feb 9 18:46:49 PST 2004
On Feb 9, 2004, at 14:07, Paul Tratnyek wrote:
> When I try the URL for these pages pages, Explorer gives me a dialog
> box which allows me to login. However, Omniweb says it is not able to
> connect (denied access). Same thing with Camino and Safari, using OS
> 10.3.2 or using OS 10.2.8 with Dave (and already logged into the
> Microsoft network).
>
> Apparently, there is security mechanism that Microsoft has created
> that is not fully compatible with non-Windows computers and/or
> non-Explorer browsers, such as my favorite browser: OmniWeb.
Yes - it's NTLM authentication. Basically IIS and Internet Explorer can
cooperate to use an existing login session so you don't need to login
to access a website (anyone who's had to support a large intranet can
appreciate the value in this). Unfortunately this is completely
proprietary black-art.
Fortunately, it's been reverse engineered:
http://davenport.sourceforge.net/ntlm.html
Mozilla 1.5 added NTLM support on Windows; 1.6 included support for
other platforms as well:
http://bugzilla.mozilla.org/show_bug.cgi?id=224653
It's certainly possible but I believe porting it would be non-trivial.
On the plus side I'm certain that a ton of people would find uses for
it if it became part of one of the Omni frameworks.
Chris
More information about the OmniWeb-l
mailing list