Issue with redirect in IIS8.5 and windows authentication

[newbie2005 Profile]

Hi,

We are using the rewrite module lite. We are using the IIS server in front of oracle Identity federation. We are using IIS to federate users to external sites. We use Windows Authentication to acheive that.

For one of the site, we need to enable deep link sharing. So, if a user clicks on a deep link,unauthorized, user should be automatically authenticated and land on the deep link.

Behind the scenes, the external site (Service Provider) would send us an authentication request when deep link is clicked which looks like this...

User clicks: https://www.SPCompany.com/Page/ViewIdea?ideaid=54
Response from SP: http://MyCompany.com/fed/idp/samlv20?Re ... ttps%3A%2F%www.SPCompany.com%2FPage%2FViewIdea%3Fideaid%3D44

Redirect from IIS: http://uat-idp.MyCompany.com/fed/idp/in ... ?ideaid=54

This was set up on IIS6 previously and we used Iconic rewrite filer to acheive the same. We had a rewrite filter that would look for RelayState, grab the URL after that and then redirect the user with new link and URL appended. In the whole process the user authentication is maintained. We see that the authorization header has NTLM information that stays with the redirect.

Using Helicon, it seems that information is not being passed at all. We are brought to Windows login page, which is not what we want. I have been looking at it for few days and could really use some help.

Example:
Authorization Header is present: NTLM
4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00 NTLMSSP.........
8C 00 00 00 18 00 18 00 A4 00 00 00 18 00 18 00 ?.......¤.......
58 00 00 00 0E 00 0E 00 70 00 00 00 0E 00 0E 00 X.......p.......
7E 00 00 00 00 00 00 00 BC 00 00 00 05 82 88 A2 ~.......¼....??¢
06 01 B1 1D 00 00 00 0F 98 A6 40 C6 8F 3B 53 D7 ..±.....?¦@Ə;S×
0A 31 9A 89 2A F5 A9 04 4D 00 54 00 53 00 41 00 .
4C 00 4C 00 53 00 54 00 52 00 45 00 41 00 4D 00 .
75 00 61 00 6E 00 61 00 6E 00 74 00 31 00 44 00 .
54 00 31 00 36 00 39 00 37 00 30 00 4E 8D 8F E7
83 5D E7 AC 00 00 00 00 00 00 00 00 00 00 00 00 ?]ç¬............
00 00 00 00 DA FB EC 69 86 D1 81 AE 4B 6F EB D5 ....Úûìi?с®KoëÕ
48 44 D9 3D 50 FF 2E F0 86 DF A2 99 HDÙ=Pÿ.ð?ߢ?


-[NTLM Type3: Authentication]------------------------------
Provider: NTLMSSP
Type: 3
OS Version: 6.1:7601
Flags: 0xa2888205
Unicode supported in security buffer.
Request server's authentication realm included in Type2 reply.
NTLM authentication.
Negotiate Always Sign.
Negotiate NTLM2 Key.
Target Information block provided for use in calculation of the NTLMv2 response.
Supports 56-bit encryption.
Supports 128-bit encryption.
lmresp_Offset: 140; lmresp_Length: 24; lmresp_Length2: 24
ntresp_Offset: 164; ntresp_Length: 24; ntresp_Length2: 24
Domain_Offset: 88; Domain_Length: 24; Domain_Length2: 24
User_Offset: 112; User_Length: 14; User_Length2: 14
Host_Offset: 126; Host_Length: 14; Host_Length2: 14
msg_len: 188
Domain: MYCOMPANY
User: MYLANID
Host: DT11111
lm_resp: 4E 8D 8F E7 83 5D E7 AC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
nt_resp: DA FB EC 69 86 D1 81 AE 4B 6F EB D5 48 44 D9 3D 50 FF 2E F0 86 DF A2 99
------------------------------------

Attaching the logs and configs.