Hello, Actually there is no solution for time being, what I did was, I use digest authentication instead. But my case, if NTLM is abandoned the user need to enter password every time he log into the system, so you need to put that into your account. Should you have any further questions do not hesitate to come back to me. cn_nginxerby cn_nginxer - Nginx Mailing List - English
Hello Nginx Team, I finally get the idea about the connection. It is not a TCP connection, it is a persude connection in HTTP level. The NTLM will keep the authenticated HTTP connections info for subsequent connections, so in this case, it should be a bundle TCP authed connections. And for sure, if it works in this way, every proxy won't work with this evil!!! Since this is not the first timeby cn_nginxer - Nginx Mailing List - English
Hello Maxim, Many thanks for ur timely reply! But I am still not quite understand about term "connection-based". I checked with wireshark again, even NTLM auth schema, it did not just use one socket to transport the whole data, it also uses several sockets to transfer a HTML page in parallel. So it works just like Digest Authentication, at least, in the auth process, they are the sby cn_nginxer - Nginx Mailing List - English
Hello Ryan, May I ask an very stupide question, what do you mean by nginx is not supported back-end keep-alive? I checked with wireshark, both NTLM and MD authentication are using the same TCP connection, as far as I understand, nginx is just do a forward job, so the question is that why nginx could foward the MD request to the client but not NTLM request? I hope my dull mind will not botby cn_nginxer - Nginx Mailing List - English