We were trying to simulate NTLM Authentication feature with the on-premise local Jira server using the EasySSO plugin. We have done the required configurations for the expected behaviour(Sync with Active directory) and tried to consume the service with the NTLM authorization header using the apache HTTP Client. We ended up with 401 Authorization issue for the request directed there – Below is the request header and response header details:
Request header name: Authorization
Request header value: NTLM TlRMTVNTUAABAAAAAYIIogAHXCAoAAAAAAAAACgAAAAFASgKAAAADw==
Status Code while processing is 401
Response header name: WWW-Authenticate
Response header value: OAuth realm="https%3A%2F%2Fjira754.xyz.com"
We could also figure out in the response header which holds a value stating the “OAuth Realm” which again was an ambiguity to the configurations we made. We simulated the same in the POSTMAN and ended up with the below response from there.
{
"errorMessages": [
"You are not authenticated. Authentication required to perform this operation."
],
"errors": {}
}
To ratiocinate, we suspect that there needs some changes at the exposed rest API endpoints which would eventually digest NTLM mode of authentication. It would be really helpful, if we get a direction from here on for this query. Thanks.
