Fiddler To Prove Kerberos

Fiddler To Prove Kerberos September 1, 2010

Filed under: Fiddler,Fiddler Kerberos Authentication,HTTPS,Kerberos,Kerberos Checking,SSL — sladescross @ 10:40 pm

http://blogs.technet.com/b/tristank/archive/2006/08/02/negotiate-this.aspx

Not counting the initial anonymous GET request:

•Kerberos uses one round trip to authenticate a client
•NTLM has a “challenge” phase that adds a second round trip

http://blogs.msdn.com/b/crminthefield/archive/2012/10/10/using-fiddler-to-check-for-kerberos-auth.aspx

◦If you have SSL enabled (HTTPS) on the website your testing make sure to enable Fiddler to Decrypt SSL, this can be done by clicking the Tools Menu, then Fiddler Options, then click the HTTPS tab, then select the “Decrypt HTTPS Traffic” checkbox.

If you see the Authorization token begin with “YII” Kerberos is functioning, if you see “TlR” then Kerberos did not function – here are images of each scenario:

About these ads

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Twitter

RT @Fact: Depression is the result of over thinking. The mind creates problems that didn't even exist. 7 hours ago
RT @DrGrumble: So gnomes are being allowed at Chelsea. Is this a ploy to park the swivel-eyed loons somewhere out of the way? 17 hours ago
SQLServerCentral Hosts AdventureWorks on Azure - SQLServerCentral sqlservercentral.com/articles/Adven… 1 day ago
@thegunmakers then I may purchase today :-) 1 day ago
@thegunmakers when will the tetley mild be on? 1 day ago

Sladescross's Blog

Blogging about Sharepoint related stuff