Hi, I'm working with the following setup : Client <-- internet--> apache reverse proxy <--lan--> owa 2003 with NTLM & basic authenticaton activated When using this setup the NTLM authentication is chosen by a browser on the client instead of the basic authentication. My goal is to use basic authentication and to disable NTLM authentication. Unfortunalty due to circumstances I cannot disable it on the owa server itself. Hence I was searching for a way to achief the same result using the reverse proxy. In the apache doc I found the Header directive which allows modification of headers if they exist. So I'm getting the following headers from the IIS : WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="x.x.x.x" And I want to only comminicate the basic one to the client. When using Header unset WWW-Authenticate all headers are removed resulting in an error since no authentication is performed. So I wanted to use the Header edit option which allows modification in the header exists Header edit WWW-Authenticate: ^NTLM dummy Unfortunatly doing this results in removal of all WWW-Authenticate headers except for the Negotiate instead of modification of the headers. Headers sent to client : WWW-Authenticate: Negotiate Can anyone help me and tell me what I'm doing wrong? Kind regards Pieter --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|