You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Intro

Sometimes it happens that accessing Gerrit, Subversion (SVN) or some other services behind Apache or NGINX reverse proxy with basic authentication shows empty page and 401 unauthorized error. Apart from other reasons one of the most frequent reasons why it happens is actually setting in the browser, which prohibits usage of basic authentication. If there are no other authentication options on server available, then server actually delivers empty page or shows 401 (Unauthorized) status code and error message.

Latest version of Edge no longer shows basic authentication login dialog when some server offers that option:

https://answers.microsoft.com/en-us/microsoftedge/forum/all/latest-version-of-edge-no-longer-shows-basic/3601252b-e56b-46c0-a088-0f6084eabe47

Checking basic authentication status in Edge browser

  • Go to edge://policy URL
  • Filter/search by "AuthSchemes"
  • Original could be for example "ntlm,negotiate"
  • Expected value shall contain "basic", for example "basic,ntlm,negotiate"
    • If basic is already present:
      • make sure you closed and re-opened all instances of Edge (or whole computer just to be sure)
      • if issue with 401 unauthorized error message persists even afterwards, issue is most probably lack of permissions/authorization to access related resource as error message suggests
    • If basic is not present, continue with steps in XXX

Workaround for Edge browser to allow support for basic authentication

  • on Windows we need to import registry entry
    • Import following Registry Entry (.reg) files into Windows registry:
      EnableBasicAuthenticationInEdgeSettingsRegistry.reg

    • Import it simply by double clicking on reg file in Windows and confirm import.

    • Then close and restart Edge browser completely and you shall be asked for password.

    • Basic authentication for Edge browser shall be now enabled.
  • on Linux we need to create managed policy
    • make sure your account is in sudoers or you run those commands under root

    • make sure folder exists:

      sudo ls -lah /etc/opt/edge/policies/managed/
    • If folder does not exist, make sure you are using Edge and find out proper location on your system

    • If folder exists then create policy as in this example, including "z" prefix (or other one suitable for your setup) to make sure our policy is potentially overriding other existing policies by being alphabetically after whatever policy files you have present:

      echo '{"AuthSchemes":"basic,ntlm,negotiate"}' | sudo tee /etc/opt/edge/policies/managed/z-authschemes-policy.json

# Our policy must be in the end of list to have a good chance to override other policy files:
sudo ls -lah /etc/opt/edge/policies/managed/

# Now just checking that it was written properly:
sudo cat /etc/opt/edge/policies/managed/z-authschemes-policy.json
    • Then close and restart Edge browser completely


  • No labels