How to use chrome with Windows authentication? - windows

I am trying to perform HTTP get & put operations on a intranet URL which is authenticated using Microsoft active directory domain accounts. This is working fine with IE but not using chrome. My chrome version is 49.0.2623.108.
Accessing the URL throws up a dialog for username and password and upon filling details, it fails with ERR_INVALID_HANDLE. Following are the things that I tried and failed(Please excuse for the lack of brevity):
I tried adding the URL and the Active directory server to Local intranet zones but still chrome returns the same error.
This link https://serverfault.com/questions/19914/google-chrome-passthrough-windows-authentication says we need to use authserverwhitelist for chrome. It is not working. Apparently, this feature of setting parameters has been moved from commandline to policy settings as per https://bugs.chromium.org/p/chromium/issues/detail?id=472145
I tried using policy settings like using chrome policy template. I imported the policy template on local computer policies\Administrative templates in gpedit.msc and set the parameters AuthServerWhitelist and AuthNegotiateDelegateWhitelist. I restarted the machine as well. It didnt help. Chrome still throws the same error.
I tried setting AuthserverWhitelist and AuthNegotiateDelegateWhitelist parameters on registry as well under path: HKLM\Software\Policies\Google\Chrome.
Is there a way to get this working on google chrome(version 49.0.2623.108)?
PS: Also after development, I am looking to package these web pages into a chrome app. Would chrome allow usage of windows active directory authentication in its app environment? Is there any way to fix it?

Related

401 Unauthorized accessing Web API withing Javascript

I have web api that uses windows authentication. I've created my own Active Directory Server and a separate IIS Server. I have registered the IIS server to the domain but for some reason I'm getting a 401 issue when I use the API URL in my Javascript.
But works when using it directly from web browser
Please note that this is the same code (javascript, SQL Server, and ASP.NET Web Api) I'm developing at work. The only difference are the url for LDAP and domain. I have tried everything from changing Windows Authentication Providers. I'm just curious if I need to add my machine as a trusted to the Active Directory which I'm not sure how. I have added the Active Directory User to the IIS with Full Control but still no luck.

Flask / CSRF Missing/Expired Token for users with a Proxy on Heroku

Using Python/Flask hosted on Heroku (using SSL with some other additional security features) I'm having an issue where users using a proxy browser extension proxy (usually regular proxy servers that are on before the browser is open are fine) are causing missing CSRF token errors when users submit forms.
The only thing I can find online about this issue is https://nickjanetakis.com/blog/fix-missing-csrf-token-issues-with-flask but I can't mess with the config as referenced here.
Everything works fine if the proxy is on your machine (not a chrome web browser proxy).
Has anyone had this issue before? The only information I can find references if your server is on a proxy, not your user...
Thanks for your insights and help!

Katalon browser authentication on Mac

Im trying to automate a site (using Katalon) that uses browser authentication on a Mac.
I can see that Windows users can use the Authenticate keyword, but is there a similar keyword or setting / configuration option for Mac users?
A way i was able to solve this was by adding credentials via the url as seen in Can you pass user/pass for HTTP Basic Authentication in URL parameters?
Changing the url to the following format solved the problem:
WebUI.navigateToUrl('https://username:password#example.com/')

Joomla https certificate expired. Need to undo https

Here's my situation:
I recently inherited a website from someone else who's MIA.
Recently the SSL certificate expired.
Website now can't be accessed properly. It first gives me NET::ERR_CERT_DATE_INVALID and when I bypass it, all UI elements look distorted and don't work.
Tried disabling SSL through Joomla admin page and I can't access the option that's embedded under a "server" tab in the settings page...because the UI elements don't work there as well. (Even joomla admin page is forced through https)
Tried disabling SSL or HTTPS through .htaccess and I don't see that https was enabled through that. In other words, no code for me to disable there.
Anyone has suggestions on how to get this page up and running properly again?

Firefox MAC v30 with proxy needs authenticate"Cache Access Denied"

Firefox was working perfectly before we've updated it to version 30.0. It seems that the new version does not like our Proxy setting which needs users to auth with their AD accounts.
In the past version, Firefox will pop-up a box that allow you to type in the username and password, which works perfect. However, it does not pop-up anymore and gives me this error message.
The following error was encountered:
Cache Access Denied.
Sorry, you are not currently allowed to request:
http://www.google.com.au/url?
from this cache until you have authenticated yourself.
I try to manually set up the username in key chain and allow firefox to access it but Firefox seems do not access that key chain at all.
Is anyone have the issue with the proxy which needs authenticate in Firefox30.0? Does anyone know the possible solutions?
Many thanks!
Shuopan
trouble shoot update-----------------------------------------
Quite interestingly, Firefox will work for 1 minute after I am using Safari with that Auth proxy. However, if I am not touching Safari for 1 or 2 minutes, Firefox will stop working and pop up the similar error message.
tried network.http.use-cache = false but not work
Thanks
We find Philipp's solution is helpful.
This might be due to the disabling of certain insecure authentication protocols in firefox 30: https://www.mozilla.org/en-US/firefox/30.0/releasenotes/#whatsnew
You can do the following:
Enter about:config into the Firefox address bar (confirm the info message in case it shows up)
Search for the preference named network.negotiate-auth.allow-insecure-ntlm-v1. Double-click it and change its value to true.
https://www.mozilla.org/en-US/firefox/30.0/releasenotes/#whatsnew

Resources