Re: How does IIS handle user impersonation token?
From: Gery D. Dorazio (gdorazio_at_enque.net)
Date: Tue, 11 Oct 2005 13:56:46 -0400
Thanks Ken...this helps a great deal.
I also took your advice from the post on the aspnet.security newsgroup and
installed fiddler. I ran it on both an online SharePoint machine and my
development SharePoint server and can see the NTLM sequencing that you
describe here. It's quite interesting how this works and it makes sense when
I close the browser after being logged onto SharePoint....I have to logon
again. Also, I can see the browser respond to 401s for every visit to the
site (for authorization required pages)...showing the 'automatic' NTLM
authorization sequence for each request.
Thanks for your help in this matter.