NTLM authentication [1]

rakesh_mittal.8061 · June 14, 2007, 10:37am

When I try to remove the auth.scheme.default from the Form Authentication, it says portalAdmin cannot delete this alias.

I have requirement to change the authentication to NTLM, so the user logged into windows should not have to login again to portal.

Please let me know one more thing, that if I use NTLM authentication , then how can I restrict the access to some particular pages.

Thanks,
Rakesh

rakesh_mittal.8061 · June 14, 2007, 10:38am

I forgot to mention the version of webMethods portal. I am using 6.5.

mark.imel.5496 · June 19, 2007, 3:48pm

You won’t be able to remove that alias. Instead you should use the Alias Management Admin Portlet and change the target of where the alias.

The Alias Management Portlet is in the Admin Dashboard → Portal Configuration. Perform a search for “auth.scheme.default” and edit the alias to point at your new AuthScheme “auth.scheme.ntlm”.

As far as restricting access goes, please remember that Authentication is completely independent of Authorization. Just because a user is authenticated or Identified using the NTLM authentication scheme, doesn’t give the user any more access rights to a page. You can still fully administer what users, groups and roles have permissions to see what pages using Portal 6.5.2 ACL management.

Regards,
–mark

rakesh_mittal.8061 · June 20, 2007, 10:07am

I have changed the Authentication to NTLM. But after that, whenever I am trying to login to portal, I am getting the below error:

007-06-20 15:58:58 GMT+05:30 (Framework : INFO) [RID:12] - Processing request [3bhjjep9j6k93:Portal Guest] http://blrkec36746d:8080/meta/default/schedule/0000005799 (GET) {}
HttpHeaderHandler Auth Handler is not enabled.

Please let me know how to resolve this one.

ronw.6421 · June 20, 2007, 4:18pm

That is a benign informational message generated by one of the the other authentication handlers.

rakesh_mittal.8061 · June 21, 2007, 4:14am

After changing the Authentication, whenever I am trying to login to everest server, it pages throws an error “This page cannot be displayed” in the IE. When I looked in the portal server log, I see the error
007-06-20 15:58:58 GMT+05:30 (Framework : INFO) [RID:12] - Processing request [3bhjjep9j6k93:Portal Guest] http://blrkec36746d:8080/meta/default/schedule/0000005799 (GET) {}
HttpHeaderHandler Auth Handler is not enabled

alex.oleynikov.6141 · June 21, 2007, 3:44pm

This error reported does not make a lot of sense. Now we could try to do following things:

could you please start your mws in debug mode (append -d command line switch to it) to collect some additional logs when you hit your page
you did mention IE, does it mean it works in FireFox (if you have not tried, could you please?)
could you please confirm that resetting authentication back it will not experience this problem. I believe you may have trouble logging into the portal though, as a workaround you could pass credentials in the url directly:

http:///?username=portaladmin&password=a;admin

We will let you know if we have any other suggestions on this problem

Alex