There is still no officially released version of CKFinder that would contain the changes described below.
If you want to use CKFinder for ASP in an environment with Windows Authentication and use ASP.NET to handle the images, then you might need to perform a little adjustment on your side.
The ASP code of CKFinder calls an ASP.NET page on the same server, so if the server is using some authentication method, we must forward the credentials to this new request. This is done automatically by CKFinder when Basic authentication is used, but for Windows Authentication we must rely on the configuration of the server as explained by Microsoft (see How to forward the Kerberos authentication).
That is the idea, but surely you do not want to read too much, and you want something that works, so this post shows an easy way.
proxycfg to see the current configuration. It should show that there is no proxy configured and there are no servers with direct access.
Now we want to add the domain to the list of direct access and that way the server will forward the authentication credentials. In order to achieve this, run this command:
proxycfg -d -p " " "*.domain.com"
(note that after the
-p the first parameter is a quoted space and the second one is your domain name).
After this step the wizard should be able to pass this test correctly.