suppress login dialog with XMLHttpRequest object & NTLM auth

S

samir.kuthiala

I do some requests in the background on a page using the XMLHttpRequest
object. My site uses NTLM Authentication. However if the user is not
logged in, it throws up an ugly dialog box. Is there any way to
suppress this? I am ok with the object throwing an error which I can
catch.

What I want to do is to make a request. Instead of it popping up a
dialog box, I want to be able to suppress this dialog and instead
forward him to a separate login page.

Thanks
 
B

Bart Van der Donck

I do some requests in the background on a page using the XMLHttpRequest
object. My site uses NTLM Authentication. However if the user is not
logged in, it throws up an ugly dialog box. Is there any way to
suppress this? I am ok with the object throwing an error which I can
catch.

What I want to do is to make a request. Instead of it popping up a
dialog box, I want to be able to suppress this dialog and instead
forward him to a separate login page.
Click to expand...

See

http://jibbering.com/2002/4/httprequest.html

Just request the header in stead of the full page:

xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4) {
alert(xmlhttp.getAllResponseHeaders())
}
}
xmlhttp.send(null)

Then check the returned HTTP numeric status code whether NTLM
Authentication is required or not:

HTTP/1.1 200 OK
[...headers...]

I believe that this status code would be 401.2 when the message should
be negotiated using NTLM authentication.

Then replace your current location to the login page depending on that
status code.

I'm not sure you can use getResponseHeader('headername'); because the
returned status code is actually not a part of the headers.

Hope this helps,
 
B

Bart Van der Donck

Bart said:
See

http://jibbering.com/2002/4/httprequest.html

Just request the header in stead of the full page:

xmlhttp.open("HEAD", "/aDir/aPage.htm",true);
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4) {
alert(xmlhttp.getAllResponseHeaders())
}
}
xmlhttp.send(null)

Then check the returned HTTP numeric status code whether NTLM
Authentication is required or not:
Click to expand...

On second thought, the header request would perhaps also require this
NTLM authentication (thus still showing the authentication box). I'm
not sure it is possible to use XMLHttpRequest so that it only returns
the HTTP status code and nothing else.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
HTMLDocument object from xmlHttpRequest 5
Suppress Browser Alert 1
NTLM APS python version 0.98 1
Suppress Form Action 1
XMLHttpRequest for *creating* XML documents? 8
Suppress login dialog when impersonation on? 1
Forcing Reauthentication for a Webform with NTLM auth..ion 3

Members online

Total: 26 (members: 4, guests: 22)
Robots: 389

Forum statistics

Threads
473,755
Messages
2,569,537
Members
45,020
Latest member
GenesisGai

Latest Threads

Top