NTLM Auth in FireFox and Chrome
Hello.
I'm trying your solution with network.automatic-ntlm-auth.trusted-uris parameter.
But here is one very big problem with security.
Just for example - then you logout from SD and reopen it in FireFox, you will get an authentification window from FF. In wich you must type your domain login and password. So where is NTLM? Why I had to type it? FF must take it from my system by NTLM password hash.
But using simple wireshark util I get nomber of http-packets with NTLM falses and as a resoult simple "GET" http-packet from my PC with my credentials in PLAIN TEXT!
In IE it looks perfect without any credentials.
Given all the above, will you fix it? Does it work's correctly in build 7605?
I'm trying your solution with network.automatic-ntlm-auth.trusted-uris parameter.
But here is one very big problem with security.
Just for example - then you logout from SD and reopen it in FireFox, you will get an authentification window from FF. In wich you must type your domain login and password. So where is NTLM? Why I had to type it? FF must take it from my system by NTLM password hash.
But using simple wireshark util I get nomber of http-packets with NTLM falses and as a resoult simple "GET" http-packet from my PC with my credentials in PLAIN TEXT!
In IE it looks perfect without any credentials.
Given all the above, will you fix it? Does it work's correctly in build 7605?