28046 – When a user is logged into a Windows domain, Web sites and proxies in this domain shouldn't ask for credentials

Bug 28046 - When a user is logged into a Windows domain, Web sites and proxies in this domain shouldn't ask for credentials

Summary: When a user is logged into a Windows domain, Web sites and proxies in this do...

Status:	RESOLVED WONTFIX

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC Windows XP

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2009-08-06 06:52 PDT by Tim Dunne
Modified:	2022-06-23 11:25 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tim Dunne 2009-08-06 06:52:38 PDT

When using safari on system that has a proxy that requires ntlm authentication or the user tries to access a windows authenticated website the user is challenged for username and password.

I understand that this may be by design because ntlm over the internet is not secure.
Internet explorer gets around this by recognising the difference between local sites and internet sites.

This bug/feature is a bit blocker to having safari used in many enterprises.

Could safari/webkit be enhanced to allow windows credentials to be passed on when the destination site on a private ip range (192.188.. 10.0.. ip ranges) but challenge the user when going on to internet sites?

Comment 1 Mark Rowe (bdash) 2009-08-06 15:33:17 PDT

<rdar://problem/7124696>

Comment 2 Alexey Proskuryakov 2010-05-17 15:25:44 PDT

Re-titling to (hopefully) better describe the issue.

Comment 3 Brent Fulgham 2022-06-23 11:25:24 PDT

Safari is no longer supported on Windows.