Hi @Marco Paglioni ,
When logging in using integrated authentication in Internet Explorer or Edge, the password is not accepted and after a few attempts, the error message 401 Unauthorized appears.
This is a known issue due to enabling the NEGOTIATE protocol for Windows Integrated Authentication It happens when trying to access with a computer that's either not connected to the same Windows domain as the servers running OutSystems or a computer with intermittent connectivity to said domain.
The NEGOTIATE protocol uses Kerberos tickets for authentication. This requires that all involved computers be able to communicate with the Windows domain controller. In cases where such communication is not possible, the NEGOTIATE protocol cannot be used.
By default, Internet Explorer and Microsoft Edge prefer NEGOTIATE over NTLM for Windows Integrated Authentication; this means that IIS activity with the NEGOTIATE protocol causes this misbehavior.
Other browsers (Chrome, Safari, Firefox) usually don't have NEGOTIATE activated, so they default to NTLM - which causes authentication to work.
Confirm the cause
Disable NEGOTIATE protocol in the client workstation to confirm the issue is the one described.
- Open the Registry Editor (start - run - regedit.exe)
- Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
- Locate the registry entry EnableNegotiate
- Change the value to 0
- Restart the client workstation.
After performing the steps above, authentication should start working in Internet Explorer / Microsoft Edge in the client workstation where the change was performed.
Solution: disable the NEGOTIATE protocol in IIS
In sporadic situations, or to confirm the problem, you may want to disable NEGOTIATE in the client workstation.**
- Access IIS Manager;
- Expand <server> Sites Default Web Site;
- In the IIS group, choose Authentication;
- Click Windows Authentication. On the side bar, option Providers shows up; if not, first activate Windows Authentication so it does show up;
- Remove NEGOTIATE provider.
- If you added Windows Authentication on step 4, deactivate it again;
- Do an IISReset
After performing the steps above, authentication should start working in Internet Explorer / Microsoft Edge.
The above content comes from public document. In order to prevent the content of document links from becoming invalid, I extracted some content. For more detailed information, please refer to this link. I hope this helps you.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the email notification for this thread.
Best regards, Yurong Dai