I have a site set up to authenticate users using NTLM in Apache on Linux using perl's Apache2::AuthenNTLM module. This works great when I require the authentication, but I want this to bypass the website's built-in login when the user can authenticate with NTLM and let them use the regular login if they can't. If users don't know their status, I think I need to make the NTLM authentication optional so that it is detected for users who have it, and everyone else sees the site as usual. I commented out 'require valid-user', but now the NTLM authentication isn't used at all. Is there a way to enable it without showing anything to users who don't authenticate?
This is the current htaccess:
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm
AuthName NTLMTest
#require valid-user
PerlAddVar ntdomain "DOMAIN ADMIN ADMIN2"
PerlSetVar defaultdomain DOMAIN
PerlSetVar splitdomainprefix 1
PerlSetVar ntlmdebug 0
PerlSetVar ntlmauthoritative off
Best Answer
A common pattern (used by Moodle) is to have a single second page that requires NTLM authentication, and have a first page that decides whether or not to direct you to that second page (based on your IP range, user agent, etc).