Enabling FIPS in Firefox prevents NTLM authentication?

In an NTLM authentication handshake, first the browser tries to access the server and gets a 401 Unauthorized response with a WWW-Authenticate header of "NTLM."  The browser can then optionally respond by sending an NTLM Type-1 message to initiate the NTLM handshake.  Normally, Firefox exercises this option, prompts me for a username and password and authenticates just fine.  But I find that when I enable the FIPS security device rather than the default Software Security Device, Firefox will neglect to respond to the initial 401 response with a Type-1 NTLM message and I just get a blank white screen.  Does anyone know why this is or how to get around it?
DitchdiggerAsked:
Who is Participating?
 
DitchdiggerConnect With a Mentor Author Commented:
Nevermind, I found the solution by poring over the Firefox source code.  Turns out Firefox decides NTLM is not secure enough to be FIPS-compliant, so when FIPS is on it refuses to use NTLM authentication.  Oh well, back to the drawing board.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.