Re: Digest Authentication - IIS6




"DaveMo" <david.mowers@xxxxxxxxx> wrote in message news:1177082845.709855.179550@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Apr 19, 2:06 pm, "Pablo A. Allois" <pablo-lis...@xxxxxxxxxxxxx>
wrote:
Hi everybody,

First, I apology for my english.

I am fighting with a web site to setting up to use Digest
Authentication.
I set the domain correctly, DNS are ok, but I cant login to the
website.
If I setup the website with Basic authentication works fine (for the
server and for the sniffers).
I verify that the user password have a reversible encryption.

What does digest need to work ?

It happen on a Windows 2003 Server R2, IIS6, Application Pool was
running with System and with DomainGodCredentials ... and still not working.

Saludos y gracias!

Hola Pablo,

Your english is better then most people who were born in the US :)

Digest AuthN for domain accounts since Windows 2003 does not require
any settings or privilege levels different then what you would need to
configure in order to do regular Windows Integrated Authentication.

This is not entirely true. It depends on the functional level that your Active Directory domain is running as.

Cheers
Ken




Digest can be a difficult protocol to work with, however, because the
user name is part of the hash value. Using an unexpected name form,
random capitalization, or a mismatch between the client and server can
all cause problems.

Are you using a domain account?
What version is the server running AD?
What is the client OS and what version?
What name form are you using for the user account? NetBIOS (domain
\user) and UPN forms should work for sure.

HTH,
Dave


.



Relevant Pages

  • Re: Unable to authenticate with digest authentication...
    ... No, I have to access to this device, it's a sealed embedded web server type ... device, with no apparent logs. ... Somehow I think .NET is doing Digest authentication incorrectly. ...
    (microsoft.public.dotnet.security)
  • Re: Unable to authenticate with digest authentication...
    ... Somehow I think .NET is doing Digest authentication incorrectly. ... What I am connecting to is not a IIS server, ... I have verified through network traces that it is using Digest ...
    (microsoft.public.dotnet.security)
  • Re: Strange Digest Authentication behaviour
    ... > - request posted to server ... > - gets 401 back from server ... > - requested posted to server with digest info and nonce etc.> - gets back 100 Continue from server and expected response> ... > Which is not the way I understand digest authentication should work i.e. an> authentication session should be maintained after the initial> challenge/response. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Digest Authentication - IIS6
    ... I am fighting with a web site to setting up to use Digest ... If I setup the website with Basic authentication works fine (for the ... It happen on a Windows 2003 Server R2, IIS6, Application Pool was ... Your english is better then most people who were born in the US:) ...
    (microsoft.public.inetserver.iis.security)
  • [Full-disclosure] [GOATSE SECURITY] Clench: Goatses way to say "screw you" to certificate author
    ... Application layer authentication-inherent validation of public key ... Goatse Security’s new simple password-based authentication mechanism ... getting hundreds of thousands or millions of users to install a client ... client hashes locally and then sends the hash to the server. ...
    (Full-Disclosure)