Developer-specific resources include:
MSDN IE Development Forum (post such questions here instead)
Tip: When posting in Developer forums, always include a link to your web
site or test pages in your first post.
IE Developer Center
Timothy Jewett wrote:
> I am writing a WEB Service that is using Negotiate protocol with the MS
> AcceptSecurityContext. If the browser is not logged into the domain but a
> group and tries to access the service the browser will respond with a
> WWW-Negotiate header passing a token to the service. However the browser
> will return a Page Cannot be displayed if the output of the
> AcceptSecurityContext returned a SEC_I_CONTINUE_NEEDED and the output
> buffer is sent back. I would have expected the browser to prompt for
> credentials or make a new request and choose another option when the cycle
> repeats. If this is the desired operation of the browser should I not
> return the output from the SEC_I_CONTINUE_NEEDED and resend the 401
> the Negotiate as an option ? By the way if I do a good NTLM the kerboros
> will succeed when tried again.
> Just looking for the correct approach.