How to use nginx to proxy to a host requiring NTLM authentication?

nginx iis ntlm

Basically the same issue as How to use nginx to proxy to a host requiring authentication? but this time using NTLM authentication. Unfortunately the company IIS doesn't accept basic authentication.

I need to configure nginx to use a single user domain account for all proxy requests. As a result client should not receive any credential prompt.


The Nginx customer service confirmied that nginx currently does not authenticate ntlm, only proxy that authentication to the upstream server with NGINX Plus


According to nginx documentation:

upstream http_backend {
    server 127.0.0.1:8080;

    ntlm;
}

Allows proxying requests with NTLM Authentication. The upstream connection is bound to the client connection once the client sends a request with the “Authorization” header field value starting with “Negotiate” or “NTLM”. Further client requests will be proxied through the same upstream connection, keeping the authentication context.

The "ntlm" option is available only for Nginx Plus. I created a custom module that is able to provide a similar functionality

gabihodoroaga/nginx-ntlm-module

There is also a blog post about this at hodo.dev

Related

Why is port 587 preferred over port 465 in SMTP?
How can I get docker build to overwrite a file?
How to enable debug logging for GRE?
Corrupted index cache file in Dovecot
Update sudoers file in multiple servers with a bash script
How do I delete/remove a SUSE 10.3 user?
How can I set up my own VPN service that looks like in another country?
Grafana behind AWS ALB
Share gcp external load balancer across multiple projects
Trying a VNC for the first time
Are there security problems with storing public ssh keys in a database?
Google Cloud VPN connection degradation