ntlm_auth and bad apache behavior (raw html displayed)
Many, many hours of work has paid off in a CentOS 5 machine with apache 2.2 serving up secured folders that require logged-in Active Directory users to access.
This is for a corporate intranet, which I am VERY much looking forward to getting off of Windows 2003 Server!
I've run into a wall, however, one which appears pretty rare, if my Google searches are any indication.
The secured folder (/pvt) is very puzzling to apache. For instance, it doesn't serve up a default index page, giving a 404 error when the folder is accessed directly (http://arweb5/pvt). The access log shows the AD user's id, as it should.
If I specify a (html) web page, it renders as raw html in Firefox. It renders okay in IE7, due (I know) to IE's mangling of www code standards. If I specify a php web page in either browser, I get the raw php code.
These behaviors are all absent if I turn ntlm_auth off on the folder. The default index page suddenly gets served up, the php is translated at the server level, providing a nice finished product in the browser (Firefox or IE).
Here's the appropriate httpd.conf code:
AuthName "NTLM Authentication thingy"
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"