Windows Authentication not prompting on Firefox or iOS Safari

吃可爱长大的小学妹 提交于 2019-12-11 15:09:31

问题


I have two WCF WebHttpBinding-bound self-hosted services. One is set to WebHttpSecurityMode.TransportCredentialOnly and HttpClientCredentialType.Windows. The other is set to None and None.

This service is serving the exactly the intended authentication prompt behavior on Chrome and IE, with correct content types and content. Testing on localhost and remotely (not on a domain). In IE, the default settings for integrated authentication send my credentials immediately to the authenticated service. In Chrome, the default settings prompt me for my windows authentication credentials.

But in Firefox I get no such prompt - just an error in Firebug of 401 Unauthorized and a blank page otherwise. I assume iOS has the same 401 Unauthorized problem, although the debugger console doesn't show any errors - I just get a blank page.

I don't know how relevant the WCF WebHttpBinding is versus a standard IIS-hosted website, but all the other googles I find are about someone trying to STOP the Windows Auth prompt in favor of Integrated Security mode in non-IE browsers. I kind of have the opposite problem - it's not showing up for me.

Is there something nuanced about the webservice response that Firefox and Safari are sensitive to that Chrome and IE are not sensitive to?

I'm testing on Windows 8 with IE 10 and the latest releases of the other browsers at the time of writing.

Thanks!

If I set it to HttpClientCredentialType.NTLM then all browsers work. But as I understand it, NTLM disallows the more secure Kerberos domain credentials (if they're available). I don't want to force a less-secure option!


回答1:


Kerberos works well with IE and since Chrome shares stuff with IE, it works for Chrome too. For Firefox, you have to enable it. See here. Safari on Mac OS should work but not sure about other OS'.



来源:https://stackoverflow.com/questions/17356806/windows-authentication-not-prompting-on-firefox-or-ios-safari

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!