Skip to content
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


An NTLM Handler for Mongrel

This handler will handle NTLM authentication and leave the user's credentials in the environment for the app to read.

Using the handler

Create a custom route for your login action:

  # Custom route for NTLM authentication to prevent IE from authenticating POSTs to user_controller
  map.connect 'ntlm/login', :controller => 'user', :action => 'login'

Copy the contents of config and lib into your app's config and lib directories respectively, and invoke mongrel with the -S config/mongrel_ntlm.conf:

  $ mongrel_rails -S config/mongrel_ntlm.conf

The handler will then clear and then set two headers that your app can read:

  request.params['REMOTE_USER'] will contain the user's identity
  request.params['HTTP_X_MONGREL_PID'] will contain the mongrel pid to be doubly sure that REMOTE_USER was not injected by the user


This project is no longer being updated, as I no longer use Windows. Please try the following alternatives if you are having problems:
  * Alexey (snaury) has made a few fixes in his fork, give it a shot:
  * Glenn has written a detailed log of his installation and use of the plugin in his blog:
  * for the project that spawned this plugin, we ended up using the ISAPI Rewrite filter on IIS as a reverse proxy for plain vanilla mongrels:
Something went wrong with that request. Please try again.