Skip to content

Implementation of Microsoft NTLM in javascript. Allows you to do that NTLM ajax you've always wanted.

Notifications You must be signed in to change notification settings

chrisbottin/ntlm.js

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 

Repository files navigation

ntlm.js

Javascript implementation of Microsoft NTLM authentication over HTTP. Gives you the possibility to do that AJAX NTLM you've always wanted.

Usage

Ntlm.setCredentials('domain', 'username', 'password');
var url = 'http://myserver.com/secret.txt';

if (Ntlm.authenticate(url)) {
    var request = new XMLHttpRequest();
    request.open('GET', url, false);
    request.send(null);
    console.log(request.responseText);
    // => My super secret message stored on server.
}

Setup

On the server side, the following CORS HTTP Response headers are required:

  • Access-Control-Allow-Headers: Authorization
  • Access-Control-Allow-Methods: GET, OPTIONS
  • Access-Control-Allow-Origin: *
  • Access-Control-Expose-Headers: WWW-Authenticate

Known issues

Since the IIS isn't built (??) to support CORS, it will react in a most unfortunate way when receiving a preflight OPTION request (HTTP 401). The remedy for this is to use your own module or disable security checks in the browser.

References

About

Implementation of Microsoft NTLM in javascript. Allows you to do that NTLM ajax you've always wanted.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published