NTLM Browser Support

Affected Versions

  • Liferay DXP 7.1
  • Liferay DXP 7.0
  • Liferay Portal 6.2 EE
  • Liferay Portal 6.1 EE

Integrating NTLM with Liferay products should only be done with Internet Explorer for these affected versions due to security vulnerabilities. Microsoft has not made any updates to NTLM with the advent of Microsoft Kerberos.

Resolution

As LPS-15559 points out, there is a security risk for using NTLM in non-Internet Explorer (IE) browsers. When NTLM was integrated in 6.0.x, there were various security issues when using Chrome and Firefox. Thus to address this security issue, starting from Liferay Portal 6.1 EE, NTLM Authentication is automatically disabled for non IE browsers.

To enable NTLM for other browsers, the code must be customized. The portion of code to modify is found in the NTLMFilter.java

NTLM is deprecated as of DXP 7.2.  We strongly suggest that customers move to Kerberos, which is supported for all DXP versions.  

Additional Information

Please note that Edge is not technically considered IE, and thus NTML is not supported on IE Edge

Microsoft NTLM

¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0