ntlm

The 'ntlm' directive is designated to facilitate NTLM (NT LAN Manager) authentication within NGINX when proxying requests to upstream servers. When a client initiates a request with the 'Authorization' header containing 'Negotiate' or 'NTLM', the connection to the upstream server becomes bound to that client connection. This behavior ensures that subsequent requests from the same client utilize the same upstream connection, thereby retaining the authentication context and mitigating the overhead of repeated authentication processes.

The extensibility of the 'ntlm' directive is further enhanced by its ability to accept an optional parameter that specifies the maximum connections to upstream servers that should be cached, improving resource efficiency and performance under load. By leveraging the persistence of the authenticated connection, NGINX can effectively manage resources and maintain seamless continuity in client-server interactions. Additionally, the directive supports configurations for timeouts, ensuring that idle connections are appropriately managed based on configured thresholds, which can help optimize the use of backend resources and maintain responsiveness for users.

Consequently, implementing the 'ntlm' directive involves careful configuration to define the expected connection behavior and performance metrics. The directive can be paired with other relevant parameters—like 'ntlm_timeout'—to tailor its behavior even further according to the specific application requirements. Overall, proper utilization of the 'ntlm' directive provides a robust solution for handling authenticated requests in NGINX-based proxy setups.