Enabling FIPS in Firefox prevents NTLM authentication?

Posted on 2008-06-16
Medium Priority
Last Modified: 2013-12-07
In an NTLM authentication handshake, first the browser tries to access the server and gets a 401 Unauthorized response with a WWW-Authenticate header of "NTLM."  The browser can then optionally respond by sending an NTLM Type-1 message to initiate the NTLM handshake.  Normally, Firefox exercises this option, prompts me for a username and password and authenticates just fine.  But I find that when I enable the FIPS security device rather than the default Software Security Device, Firefox will neglect to respond to the initial 401 response with a Type-1 NTLM message and I just get a blank white screen.  Does anyone know why this is or how to get around it?
Question by:Ditchdigger
1 Comment

Accepted Solution

Ditchdigger earned 0 total points
ID: 21811717
Nevermind, I found the solution by poring over the Firefox source code.  Turns out Firefox decides NTLM is not secure enough to be FIPS-compliant, so when FIPS is on it refuses to use NTLM authentication.  Oh well, back to the drawing board.

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question