Sladescross's Blog

Blogging about Sharepoint related stuff

Fiddler To Prove Kerberos September 1, 2010

Not counting the initial anonymous GET request:

•Kerberos uses one round trip to authenticate a client
•NTLM has a “challenge” phase that adds a second round trip

◦If you have SSL enabled (HTTPS) on the website your testing make sure to enable Fiddler to Decrypt SSL, this can be done by clicking the Tools Menu, then Fiddler Options, then click the HTTPS tab, then select the “Decrypt HTTPS Traffic” checkbox.

If you see the Authorization token begin with “YII” Kerberos is functioning, if you see “TlR” then Kerberos did not function – here are images of each scenario:

About these ads

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 63 other followers