tracker issue : CF-3175165

select a category, or use search below
(searches all categories and all time range)
Title:

NTLM Authentication Support

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Eric Shaffer / Eric Shaffer (e_shaffer_USN)

Created: 04/25/2012

Components: SharePoint Support

Versions: 9.0.1

Failure Type: Enhancement Request

Found In Build/Fixed In Build: 9.0.1 /

Priority/Frequency: Trivial / Unknown

Locale/System: English / Win 2008 Server R2

Vote Count: 18

Listed in the version 2016.0.0.297996 Issues Fixed doc 
Dept. of Defense clients are beginning to use Sharepoint HEAVILY.  The need to use CF's Sharepoint integration abilities is becoming a matter of "we have a job...we don't have a job".  The problem is that currently, CF can only connect to sharepoint via BASIC AUTHENTICATION.  DoD is hardening their servers and firewalls to the point where you can no longer use Basic Auth.  CAC authentication using NTLM is the requirement now, and they WILL NOT turn on basic authentication.  This effectively stops us from using CF's sharepoint integration, and customers are beginning to turn to others who CAN do it.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3175165

External Customer Info:
External Company:  
External Customer Name: e_shaffer_USN
External Customer Email:  
External Test Config: My Hardware and Environment details:

IIS 7 on Win 2008 R2; Server resides in DoD DMZ; Sharepoint Servers and Database (version 10) reside behind a hardened firewall and require NTLM authentication using CAC smart cards.  Basic authentication turned off, and by order of DISA, it cannot be turned on.

Attachments:

Comments:

Adobe needs to fix this ASAP (AND make it easy to understand/use) or ColdFusion will loose a HUGE customer base with the government!!!!!!!!!!!!!
Comment by External U.
19660 | April 25, 2012 10:00:10 AM GMT
This needs to be done and is over due. Also Digest authentication should be addressed as noted in bug id CF-3035879
Vote by External U.
19663 | March 24, 2013 10:48:15 PM GMT
CF is starting to be looked on in my organization as a security risk. either it gets fixed or we'll be looking to other technology platforms.
Vote by External U.
19664 | August 13, 2013 04:13:10 PM GMT
How is it that this feature is still not supported at it was reported back when CF9 first came out?
Vote by External U.
19665 | October 24, 2013 06:10:03 PM GMT
Most of my clients are requiring Sharepoint integration and it seems that everybody EXCEPT Adobe expected this problem with CF not allowing NTLM authentication to be fixed by CF11. They fixed CFHTTP to allow NTLM authentication, so why don't they fix CFSHAREPOINT ?
Vote by External U.
19666 | April 06, 2015 05:08:23 PM GMT
+1 - Voted for this multiple times over the years. This was discussed when <cfsharepoint> was released, and is still a problem.
Vote by External U.
19667 | May 14, 2015 08:00:32 PM GMT
NTLM, Digest Authentication etc. has been requested now for at least 7 years - please, please pull your collective fingers out and do something about this. As commented in other tickets, CF is starting to be seen as a security risk.
Vote by External U.
19668 | June 29, 2015 05:26:38 PM GMT
+1 Never could use sharepoint integration for DoD work due to the lack of NTLM auth.
Vote by External U.
19669 | June 29, 2015 06:05:52 PM GMT
........………..................
Vote by External U.
19670 | June 29, 2015 06:37:35 PM GMT
Security expectations have become more focused as a key application requirement. Basic authentication simply won't do any more. This is an area that ColdFusion needs to catch up to and even surpass other technologies for configuration ease and efficiency.
Vote by External U.
19671 | June 29, 2015 08:04:13 PM GMT
+1 ==========================
Vote by External U.
19672 | June 29, 2015 09:08:40 PM GMT
Seriously, how is this NOT fixed already????????????????
Vote by External U.
19673 | June 29, 2015 09:42:35 PM GMT
Seems like this would be a hot item for Adobe considering the amount of money they make from government customers.
Vote by External U.
19674 | June 29, 2015 09:48:45 PM GMT
We too also require NTLM authentication for services like Exchange too.
Vote by External U.
19675 | June 29, 2015 10:29:05 PM GMT
+1 Vote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 charactersVote must be between 25 and 4000 characters
Vote by External U.
19676 | June 30, 2015 12:10:55 AM GMT
This has been requested since CF9 came out. It's a major problem for anyone trying to integrate with SharePoint (not just DoD or federal clients), and should be addressed.
Vote by External U.
19677 | June 30, 2015 06:47:49 AM GMT
I agree that it is critical to be able to communicate securely with SharePoint. If there's a technical roadblock, I'm sure the community will rise to the challenge. At a minimum, though, I believe it's time to address it.
Vote by External U.
19678 | June 30, 2015 04:41:32 PM GMT
Please, and also make sure it's using at least v2 by default. Campus network has already blocked NTLM v1 from routing.
Vote by External U.
19679 | July 02, 2015 09:33:51 AM GMT
Can we get details on which ColdFusion versions have the fix and which version of NTLM was implemented?
Comment by External U.
19661 | October 15, 2015 11:52:05 AM GMT
NTLM authentication is important.
Vote by External U.
19680 | October 15, 2015 12:04:42 PM GMT
Hi Carl, This will be available with ColdFusion Raijin . NTLMv1 and NTLMv2 versions are implemented.
Comment by Mayur J.
19662 | October 16, 2015 02:41:22 AM GMT