On Wednesday, August 12, 2020, bruceceng ***@***.***> wrote: In order to authenticate the server hostname must be a specific value (I have only tested "http://localhost:3000/"). If I try to authenticate with http://sspi.auth.local:3000/ (where sspi.auth.local redirects to localhost in the windows hosts file) then the authentication fails. I guess this is by the design of Kerberos and/or NTLM that the browser (client) must only generate correct credentials for a proper server name. It just seems like this could be better documented. I encountered the problem when testing a server with HTTPS, since many solutions suggest setting the fully qualified domain name specified in the certificate to a form like "[testname].local". After some investigation I found that the client can be called with setTargetName("localhost") even when connecting to http://sspi.auth.local:3000 and get the correct behavior. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#31>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAVV6TVKDD2T7MXDDRNMIDTSALJVFANCNFSM4P5B4LMQ> .