-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dave,
On 9/11/20 16:29, Dave Ford wrote: > We've set up out Tomcat Manager to use LDAP for authentication - > (note, this is not MS AD, but linux-based LDAP server). The OS our > tomcat servers are running on is Linux and they're not intergrated > with our AD domain in any way at all. > > Our users have been happily logging into the Tomcat manager app > using various web browsers for some time - they get prompted for a > username and password, they provide their credentials (which is the > same user name and password as they're currently logged onto > windows with, but with no domain\ or @domain info in the username), > they're checked against LDAP servers, and are let into the app > assuming they're allowed. > > However, we've recently received reports that some of our users > who have had their Windows machines copies of Edge upgraded to the > latest version are no longer being prompted for credentials. > Instead, they're directly immediately to a 401 unauthorised > message. Other browsers, including Chrome, still prompt. > > We've changed nothing at the tomcat end, so this is clearly a > problem with the behaviour of Edge - but I'm keep to try and > understand it. Are you using HTTP or HTTPS? > I can't find any useful information in the tomcat logs - is it > possible to turn up the logging for the manager app to see exactly > what credentials (well, username) is being passed by Edge to it? This may be a bug in Edge or something having to do with authentication policies. Microsoft has been actively trying to kill HTTP Basic authentication for a while. https://answers.microsoft.com/en-us/microsoftedge/forum/all/latest-versi on-of-edge-no-longer-shows-basic/3601252b-e56b-46c0-a088-0f6084eabe47 TLDR: visit edge://policy in Edge and look for AuthSchemes. If the value doesn't include "basic", add it and re-try. Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9fbDkACgkQHPApP6U8 pFh4pQ/9HtWwtRtewO0l6pvR2voItW6CUwHBm/pag4O2KuyjGzkjEgV+WIOaOGGO GHy/e9TaxQL97elFXbenbcT+/5dTmYWJtodBuBACD927AqdNKRygDiAig2xfmkBT DryhT6BHuHV3XkQmdIPDCHc/Vqw5UJ+6Wzz5iehCroQ+FPi2XrOHGCyEjUtokoiB dt7acgo6ElDf7k/YSXIdfJD+EEs/JNSx5ufEW/Jid4LPCTkUCxVrK3Nu6kdt5JRv 24udU+Any2Cw/O0iDSjhcGBM2nDl8nP2rtdiwfyqxbsJMxIi/yhLfECsWzXzkjBY jVBYFiYprN7wc8227DDlu/GR5K2CjqSSr/Dl185mQkrHNAXCCM9PEFAk1bJE0H2b uEewE0ZOLAYvSViC655uKDXDxh8i6UIG9n685YAMqeIByNPbrNF/2JLvzTN7gjxE qChWIrOqZnDC2ZSb5sTt5oFSZ3zgzXMe5+alZKOAgffBoyWHM43OExdTa33YQ3xS GslTxjxbD+aI73mNINTjpPxe4l41s4mnOiylG/4uIk88Eh+bS8SnHF0YYi5oAxO+ oEegLBKK/eGBaZ4F7JoUFu29EPW4A5g+NEekLSoELUVYph5Hpbb9v9OdSL1ou/K0 z69wt7gORqGo3NpAWUJhPC8VQOWtM+BZLUb+Q3cy/Jqn5EJF8AU= =9X49 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org