Firefox Authentication with NTLM

July 22nd, 2005

I learned yesterday that you can access a website using NTLM authentication using Firefox, but you have to adjust the configuration outside of the normal options panel. This is useful when working locally with ASP.NET 2.0 which has NTLM enabled by default. Just right-click on a web project and select Property Pages. Then select Start Options. You will see the checkbox for NTLM is checked.

I use Firefox because of all of the useful tools for web development which you can install as extensions. As shown in the image below, simply enter "about:config" in the location box. Then use "auth" as your selection filter. You can place a comma delimited list of hostnames as it explains in The Integrated Authentication Documentation for Firefox. The policy is not to simply allow any website to share NTLM because at one point Microsoft used a very weak encryption on the authentication mechanism, so you will still want to just use it for specific hostnames. In the settings below you will notice I simply allow localhost which is what I want for doing local development with VS.NET 2005.

firefoxntlm.png

« ASP.NET Upgrade from Beta 1 to Beta 2: Part 3
New Google Maps Icons, Free! »

6 Responses to “Firefox Authentication with NTLM”

  1. seh0367 Says:
    July 13th, 2006 at 9:46 am

    Nice post. This worked great. I have a question though.

    We have PKI Certificates installed on our Microsoft IIS6 web server. Any ideas on how to import non-PKCS12 (openSSL) certificates into Firefox to stop the 403.7 errors (Forbidden: SSL client certificate is required) IIS returns.

  2. rib Says:
    July 18th, 2006 at 6:46 am

    helpful... very helpful!!!

    one question: what instead of "localhost" for remote access?

  3. Bohemian Says:
    September 12th, 2006 at 11:34 am

    My integrated security was working with VS2005 previously without making these changes but it suddenly stopped working for some unknown reason; this information worked for me, and resolved the issue thanks!

  4. Paul Says:
    June 2nd, 2007 at 8:02 am

    Thanks

  5. Mike Says:
    August 24th, 2007 at 3:54 am

    This information saved me a tonne of time but it still wasn't happening.

    I realised (from another google result) that it only works if you're not proxying - so adding the intranet to the sites that bypass the proxy server helped greatly!

    Cheers

  6. Keek Says:
    January 31st, 2008 at 4:20 am

    i really do love you! :o )

This entry was posted on Friday, July 22nd, 2005 at 7:41 am and is filed under dotnet. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.