Bug 202379

Summary:	Bad way of performaing NTLM authentication
Product:	[Applications] konqueror	Reporter:	Vincent Panel <bugs.kde.org>
Component:	general	Assignee:	Konqueror Developers <konq-bugs>
Status:	RESOLVED DUPLICATE
Severity:	normal	CC:	adawit
Priority:	NOR
Version:	unspecified
Target Milestone:	---
Platform:	Compiled Sources
OS:	Linux
Latest Commit:		Version Fixed In:
Attachments:	konqueror and firefox HTTP session

Description Vincent Panel 2009-08-03 12:11:15 UTC

Version:            (using Devel)
OS:                Linux
Installed from:    Compiled sources

Since KDE 4.1, I am not able to access an internal site here using NTLM authentication. Firefox is able to access to it. I thought it was due to NTLMv2 not being supported, but I was wrong.

I've finally decided to run wireshark and discovered NTMLv1 is being used to authenticate to the website and konqueror does actually try to authenticate but with wrong credentials, hence the website denies access.

Inside the packet sniff, wireshark is not able to find the correct username when I use konqueror (only the first letter of the username seems to be sent over the wire). I've also sniffed the firefox NTLM auth and wireshark is displaying the full correct username.

I would like to attach the pcap so that you can see yourself, but need to sanitize it before sending it online. I try to find a method, unless I can send it to you in private.

Comment 1 Vincent Panel 2009-08-03 12:33:08 UTC

Created attachment 35809 [details]
konqueror and firefox HTTP session

Arf, I attach the not-sanitized pcap, nothing is confidential anyway...

Comment 2 Dawit Alemayehu 2011-10-25 07:47:48 UTC

Is this still the case with KDE v4.7 and up ? A lot of fixes went on to address NTLM related authentication issues prior to KDE 4.4 or 4.5 release.

Comment 3 Dawit Alemayehu 2011-10-28 17:04:07 UTC

This has been fixed in KDE 4.7.3 [1]. Thanks for the report.

[1] https://bugs.kde.org/show_bug.cgi?id=284870#c9.

*** This bug has been marked as a duplicate of bug 284870 ***