With fiddler you can see the problem. One hacky solution is to catch this request and response with a fake answer. After this the IE will send the normal POST data.
To get the correct NTLM response use fiddle during a NTLM login. Switch the inspector to "Auth" and look for the "Type: 1" response and replace
$headers = apache_request_headers();
$auth = $headers['Authorization'];
if ($auth && substr($auth,0,5) == 'NTLM ')
{
$msg = base64_decode(substr($auth, 5));
if ($msg[8] == "\x01") {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM ' );
exit;
}
}
Note: This might be a security risk. Make sure to check the user Session and send him to your NTLM login is needed.
Keine Kommentare:
Kommentar veröffentlichen