I ran into a new problem today. In developing an in-house application using Windows Authentication, I wanted to make sure it functions correctly on all the popular browsers as well as the iPhone.
When enabling Windows Authentication there are two providers that are used to authenticate credentials: NEGOTIATE and NTLM. After searching around the internet, it appears Safari 5.x has a problem with the NEGOTIATE provider.
The following instructions were performed to resolve the issue:
- On the IIS Server (version 7 in my case), open NotePad as an administrator.
- From NotePad, choose FILE -> OPEN.
- Browse to: C:\Windows\System32\inetsrv\config\ and open the ‘applicationHost.config’ file.
- Search for ‘windowsauthentication’ until you come across the key that starts with:
- If both providers are listed, remove the NEGOTIATE one. The key should look like this:
<windowsAuthentication enabled="true"> <providers> <add value="NTLM" /> </providers> </windowsAuthentication>
- Save the ‘applicationHost.config’ file.
After making the changes, Safari now works as expected.