如何从WWW身份验证中查找是否使用NTLM或Kerberos:协商标头 [英] How to find if NTLM or Kerberos is used from WWW-Authenticate: Negotiate header
问题描述
我正在用.Net编写一个客户端应用程序,该应用程序通过HTTP与服务器通信.
I am programming a client application in .Net that communicates with server via HTTP.
在NTLM和Kerberos授权的情况下,我需要设置不同的请求缓冲选项.
I need to set different request buffering options in case of NTLM and Kerberos authorization.
如何确定是否使用NTLM或Kerberos?是否可以通过某种方式解码"WWW-Authenticate:Negotiate"标头?
How to find out if NTLM or Kerberos is used? Is it possible to somehow decode 'WWW-Authenticate: Negotiate' header?
推荐答案
您将找到答案最简单的答案是:
1.Capture some successfully authorized request using Fiddler tool.
2.Choose "Inspectors" -> "Headers" tab.
3.Pay attention at "Cookies / Login" section, "Authorization" header.
如果授权令牌以"YII"开头,则使用Kerberos,但如果授权令牌以"TlR"开头,则不使用Kerberos.
If the Authorization token begins with "YII" then Kerberos is used, but if it begins with "TlR" then Kerberos is not used.
例如Kerberos:
For example Kerberos:
Authorization: Negotiate YIIVDAYGKwYBE...
不是Kerberos:
Not Kerberos:
Authorization: Negotiate TlRMTVNTUA...
这篇关于如何从WWW身份验证中查找是否使用NTLM或Kerberos:协商标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!