How to find out what type of authentication is used by the server?

Question

How to find out what type of authentication is used by the server?

I need to access the web server at http: // someserver and requires some authentication. How can I determine if it uses NTLM, Kerberos, or anything else that could be?

+5

authentication kerberos ntlm

Matt Jan 27 '10 at 23:01

source share

3 answers

Another way to do this is to look at the first few bytes of the header.

Negotiate TlR, SPNEGO NTLM

Negotiate YII, SPNEGO Kerberos.

+11

Grant Cermak 13 . '10 23:25

Cermak:

WWW-Authenticate base64. TlR, , NTLMSSP (http://msdn.microsoft.com/en-us/library/cc236641.aspx), , NTLM.

YII, , 0x60, 0x82 (.. Application Constructed Object), , : 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 (.. OID SPNEGO: 1.3.6.1.5.5.2). (http://msdn.microsoft.com/en-us/library/ms995330.aspx). , SPNEGO.

Depending on the length of the spnego token, the WWW-Authenticate header may start from YA to YP.

Camil and SPL

+3

greenmarker Feb 04 '14 at 10:35

source share

David · Accepted Answer · 2010-01-27T23:04:20+0000

Use a tool like Fiddler to view response headers. The server will send some WWW-Authenticate headers listing the various supported security protocols.

How to find out what type of authentication is used by the server?

More articles: