[proposed enhancement] Option to suppress NTLM (forceNegotiate)?
fusscreme opened this issue · comments
Hi,
Is there a possibility to suppress NTLM authentification and to only use Negotiate (Kerberos)? If someone brings their own device I cannot force a group policy object (GPO) to list the url in the intranet zone whitelist. And then they get this ugly popup in the browser, asking for credentials.
Therefore a option forceNegotiate
just like forceNTLM
would be useful.
Thank you.
I think this would be a good feature. node-sspi allows you to specify which SSPI packages to use with an array
sspiPackagesUsed:
default to ['NTLM']. An array of SSPI packages used. To obtain a list of all SSPI packages available on your server, download source code of mod-auth-sspi, then run bin\sspikgs.exe from your server's DOS console.