如何从WWW身份验证中查找是否使用NTLM或Kerberos:协商标头 [英] How to find if NTLM or Kerberos is used from WWW-Authenticate: Negotiate header

问题描述

我正在用.Net编写一个客户端应用程序，该应用程序通过HTTP与服务器通信.

I am programming a client application in .Net that communicates with server via HTTP.

在NTLM和Kerberos授权的情况下，我需要设置不同的请求缓冲选项.

I need to set different request buffering options in case of NTLM and Kerberos authorization.

如何确定是否使用NTLM或Kerberos?是否可以通过某种方式解码"WWW-Authenticate:Negotiate"标头?

How to find out if NTLM or Kerberos is used? Is it possible to somehow decode 'WWW-Authenticate: Negotiate' header?

推荐答案

您将找到答案最简单的答案是:

1.Capture some successfully authorized request using Fiddler tool.
2.Choose "Inspectors" -> "Headers" tab.
3.Pay attention at "Cookies / Login" section, "Authorization" header.

如果授权令牌以"YII"开头，则使用Kerberos，但如果授权令牌以"TlR"开头，则不使用Kerberos.

If the Authorization token begins with "YII" then Kerberos is used, but if it begins with "TlR" then Kerberos is not used.

例如Kerberos:

For example Kerberos:

Authorization: Negotiate YIIVDAYGKwYBE...

不是Kerberos:

Not Kerberos:

Authorization: Negotiate TlRMTVNTUA...

这篇关于如何从WWW身份验证中查找是否使用NTLM或Kerberos:协商标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！