Thunderstone Support Forums

You've also verified that Results Auth is set to Basic/NTLM/File in the Live Search (not just Test), which is (presumably) what you are submitting rauser and rauser too?

I did verify that it is set in the live search.

This is the url that is submitted:

http://appliance.name.here/texis/search ... mit=Submit

I get a page with a login returned that says:

"Please login to continue searching:

Username:
Password:

Search for this:
Search these answers"

"Basic/NTLM/file - prompt via form" is selected and available for the live search.

And you're filling in the URL-encoded user/pass for rauser and rapass in the actual query string submitted?

Also, if you fill out that login form yourself, directly from a browser, do you get the expected results (only the ones that user can see)?

Yes, when I send the rauser and rapass in the query string I have tried with a null value and with an bogus name, in both of these instances I am prompted for a username and password to continue.

I tried filling in my username and password at the login prompt and I was not able to get access, I was prompted over and over as if my account was not valid. My account has permissions to see everything.

When I pass the query string with my username and password, I was returned all the results.

Passing a query string with rauser/rapass set to empty or bogus values will prompt for login, because the credentials are invalid.

When you logged in at the login prompt with your credentials and it failed to login, does your account have perms to see the Login Verification URL? That is what it is checking to get pass the login prompt. Does the Appliance (from its IP/domain) have perms to login to the Login Verification URL? Is the Login Verification URL authentication HTTP Basic, Windows NTLM, or a file:// URL?

Hi

In this thread you state : 'Single-sign-on NTLM auth (ie. forwarding the user's credentials from their workstation Windows login without another Appliance login) is not yet supported; we are working on it'.

This was nearly 2 years ago. it looks like it is not yet there yet.

Any news when it will be implemente, because it's something we would like to have

We are currently testing an ISAPI plugin helper for the Appliance that enables the single sign on. We should be able to get you a version to test the first week of the New Year.

That sounds great.

Hi

Any news about this?

It's going through some final reviews, a test version should be available in the next couple days.

Note that the automatic credentials system requires a Windows 2003 server and an Active Directory environment to work, a normal domain with NTLM auth won't allow for the "pass through" authorization.