Windows Authentication and Safari 5.1.7

I ran into a new problem today.  In developing an in-house application using Windows Authentication, I wanted to make sure it functions correctly on all the popular browsers as well as the iPhone.

When I went to test the application, it worked fine on IE, Firefox, Opera, and Chrome.  Safari on the other hand would ask for login credentials over and over.  It turns out these login boxes were popping up for each resource that was attempting to load (such as JavaScript files or images).

When enabling Windows Authentication there are two providers that are used to authenticate credentials: NEGOTIATE and NTLM.  After searching around the internet, it appears Safari 5.x has a problem with the NEGOTIATE provider.

The following instructions were performed to resolve the issue:

  • On the IIS Server (version 7 in my case), open NotePad as an administrator.
  • From NotePad, choose FILE -> OPEN.
  • Browse to: C:\Windows\System32\inetsrv\config\ and open the ‘applicationHost.config’ file.
  • Search for ‘windowsauthentication’ until you come across the key that starts with:
    <windowsAuthentication enabled=”true”>
  • If both providers are listed, remove the NEGOTIATE one.  The key should look like this:
     <windowsAuthentication enabled="true">
       <providers>
         <add value="NTLM" />
       </providers>
     </windowsAuthentication>
     
  • Save the ‘applicationHost.config’ file.

After making the changes, Safari now works as expected.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *