Re: Integrated Windows Authentication
- From: mail747097@xxxxxxxxxxxx
- Date: 30 Jan 2007 03:55:37 -0800
Yes you are correct. I found it here as well that Mozilla supports
NTLM:
http://www.mozilla.org/status/2003-11-24.html
On 30 Jan, 11:20, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Basic Auth sends passwords in clear text, integrated sends them hashed (this
is only slightly better).
In any case you need SSL to protect the credentials on the wire.
Integrated auth is really 2 protocols - NTLM and Kerberos.
Some browsers like FF support NTLM - thats probably the reason why you could
log on...
-----
Dominick Baier (http://www.leastprivilege.com)
I have read somewhere that Basic Authentication should be avoided
because it sends passwords in clear text and that Integrated Windows
Authentication only works with Internet Explorer on a Windows
computer. I have a website in IIS with only Integrated Windows
Authentication enabled and not anonymous or Basic Authentication
enabled. I have installed Mozilla on the computed and could log on
with no problem. I then booted from a Knoppix Live CD on another
computer and again logged on using Firefox with no problem. I then did
a TCP/IP trace of the network traffic while I logged onto the site in
Knoppix and could not find any password. Why is this?- Dölj citerad text -- Visa citerad text -
.
- References:
- Integrated Windows Authentication
- From: mail747097
- Re: Integrated Windows Authentication
- From: Dominick Baier
- Integrated Windows Authentication
- Prev by Date: Re: Custom Membership Provider FullTrust Problem
- Next by Date: Re: Custom Membership Provider FullTrust Problem
- Previous by thread: Re: Integrated Windows Authentication
- Next by thread: Customizing windows authentication
- Index(es):
Relevant Pages
|
|
