Thursday, September 23, 2010

ERROR: Continuous authentication prompt when accessing intranet site from Windows 7

Symptoms:
When accessing a Tomcat website configured to use NTLM authentication from Windows Vista / 7, a user is prompted continually for authentication. Accessing this site would previously work seamlessly under Windows XP.

OR

Page not displayed after entering correct network credentials.

Issue:

Tomcat doesn't support (and won't support) NTLM 2.0 used in Windows Vista / 7. By default, Windows Vista and 7 use NTLM 2.0.

Solution:
Set a lower NTLM Compatibilty level

Under HKLM\SYSTEM\CurrentControlSet\Control\Lsa

Create DWORD entry
LmCompatibilityLevel and set to 2

Important:
This alters the security level of the computer. Make sure you are aware of the impact of this change before making it.

Further Reference:
http://technet.microsoft.com/en-us/library/cc960646.aspx

No comments: