Hi, i have a huge problem. Some of our Users get randomly the Basic Auth Box, some get it ALWAYS.
I sniffed the HTTP Trafic: " GET /edv HTTP/1.0^M Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*^M Accept-Language: de-ch^M User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)^M Host: gandalf^M Connection: Keep-Alive^M ^M HTTP/1.1 401 Authorization Required^M Date: Tue, 12 Jun 2007 07:22:07 GMT^M Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6 PHP/5.1.1 mod_auth_kerb/5.3^M WWW-Authenticate: Negotiate^M WWW-Authenticate: Basic realm="^M Content-Length: 540^M Keep-Alive: timeout=15, max=100^M Connection: Keep-Alive^M Content-Type: text/html; charset=iso-8859-1^M ^M <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Authorization Required</title> </head><body> <h1>Authorization Required</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> <hr> <address>Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6 PHP/5.1.1 mod_auth_kerb/5.3 Server at gandalf Port 80</address> </body></html> GET /edv HTTP/1.0^M Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*^M Accept-Language: de-ch^M User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)^M Host: gandalf^M Connection: Keep-Alive^M Authorization: Negotiate TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==^M ^M HTTP/1.1 401 Authorization Required^M Date: Tue, 12 Jun 2007 07:22:07 GMT^M Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6 PHP/5.1.1 mod_auth_kerb/5.3^M WWW-Authenticate: Basic realm="^M Content-Length: 540^M Keep-Alive: timeout=15, max=99^M Connection: Keep-Alive^M Content-Type: text/html; charset=iso-8859-1^M " So the interesting line is "Authorization: Negotiate TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==" That doesnt look like a Kerberos Service Ticket? Is that NTLM? With best regards M.Djihangiroff persona service Verwaltungs AG & Co. KG Freisenbergstraße 31 58513 Lüdenscheid Tel.: (02351) 950-0 Fax: (02351) 950-222 Sitz Lüdenscheid Registergericht Iserlohn, HRA Nr. 2930 persönlich haftende Gesellschafterin: persona service AG Gartenstraße 93 CH-4002 Basel Handelsregister Basel, Nr. CH-270.3.012.836-8 diese vertreten durch den Verwaltungsrat: Dipl.-Ing. Werner Müller (Präsident) und Dr. Sebastian Burckhardt www.persona.de
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
