suppress login dialog with XMLHttpRequest object & NTLM auth

Discussion in 'Javascript' started by samir.kuthiala@gmail.com, May 12, 2006.

  1. Guest

    I do some requests in the background on a page using the XMLHttpRequest
    object. My site uses NTLM Authentication. However if the user is not
    logged in, it throws up an ugly dialog box. Is there any way to
    suppress this? I am ok with the object throwing an error which I can
    catch.

    What I want to do is to make a request. Instead of it popping up a
    dialog box, I want to be able to suppress this dialog and instead
    forward him to a separate login page.

    Thanks
     
    , May 12, 2006
    #1
    1. Advertising

  2. wrote:

    > I do some requests in the background on a page using the XMLHttpRequest
    > object. My site uses NTLM Authentication. However if the user is not
    > logged in, it throws up an ugly dialog box. Is there any way to
    > suppress this? I am ok with the object throwing an error which I can
    > catch.
    >
    > What I want to do is to make a request. Instead of it popping up a
    > dialog box, I want to be able to suppress this dialog and instead
    > forward him to a separate login page.


    See

    http://jibbering.com/2002/4/httprequest.html

    Just request the header in stead of the full page:

    xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
    xmlhttp.onreadystatechange=function() {
    if (xmlhttp.readyState==4) {
    alert(xmlhttp.getAllResponseHeaders())
    }
    }
    xmlhttp.send(null)

    Then check the returned HTTP numeric status code whether NTLM
    Authentication is required or not:

    HTTP/1.1 200 OK
    [...headers...]

    I believe that this status code would be 401.2 when the message should
    be negotiated using NTLM authentication.

    Then replace your current location to the login page depending on that
    status code.

    I'm not sure you can use getResponseHeader('headername'); because the
    returned status code is actually not a part of the headers.

    Hope this helps,

    --
    Bart
     
    Bart Van der Donck, May 12, 2006
    #2
    1. Advertising

  3. Bart Van der Donck wrote:

    > wrote:
    >
    > > I do some requests in the background on a page using the XMLHttpRequest
    > > object. My site uses NTLM Authentication. However if the user is not
    > > logged in, it throws up an ugly dialog box. Is there any way to
    > > suppress this? I am ok with the object throwing an error which I can
    > > catch.
    > >
    > > What I want to do is to make a request. Instead of it popping up a
    > > dialog box, I want to be able to suppress this dialog and instead
    > > forward him to a separate login page.

    >
    > See
    >
    > http://jibbering.com/2002/4/httprequest.html
    >
    > Just request the header in stead of the full page:
    >
    > xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
    > xmlhttp.onreadystatechange=function() {
    > if (xmlhttp.readyState==4) {
    > alert(xmlhttp.getAllResponseHeaders())
    > }
    > }
    > xmlhttp.send(null)
    >
    > Then check the returned HTTP numeric status code whether NTLM
    > Authentication is required or not:


    On second thought, the header request would perhaps also require this
    NTLM authentication (thus still showing the authentication box). I'm
    not sure it is possible to use XMLHttpRequest so that it only returns
    the HTTP status code and nothing else.

    --
    Bart
     
    Bart Van der Donck, May 12, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Q2hyaXMgTW9oYW4=?=

    Configuring Windows Auth & Forms Auth in Asp.Net

    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=, Apr 28, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    726
    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=
    Apr 28, 2004
  2. Matthijs
    Replies:
    0
    Views:
    872
    Matthijs
    Dec 10, 2008
  3. Raj
    Replies:
    0
    Views:
    398
  4. Gary H.

    Suppress login dialog when impersonation on?

    Gary H., Jul 14, 2003, in forum: ASP .Net Security
    Replies:
    1
    Views:
    148
    Felix Wu [MSFT]
    Jul 17, 2003
  5. Andrew_Revinsky

    Forcing Reauthentication for a Webform with NTLM auth..ion

    Andrew_Revinsky, Jul 9, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    279
    Ian Ringrose
    Jul 14, 2004
Loading...

Share This Page