Some Users get Basic Auth?

Djihangiroff, Matthias (KC-DD) Matthias.Djihangiroff at persona.de
Tue Jun 12 04:10:15 EDT 2007 

Hi, i have a huge problem.

Some of our Users get randomly the Basic Auth Box, some get it ALWAYS.

I sniffed the HTTP Trafic:

"
GET /edv HTTP/1.0^M
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/msword,
application/vnd.ms-excel, application/vnd.ms-powerpoint, */*^M
Accept-Language: de-ch^M
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)^M
Host: gandalf^M
Connection: Keep-Alive^M
^M

HTTP/1.1 401 Authorization Required^M
Date: Tue, 12 Jun 2007 07:22:07 GMT^M
Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6
PHP/5.1.1 mod_auth_kerb/5.3^M
WWW-Authenticate: Negotiate^M
WWW-Authenticate: Basic realm="^M
Content-Length: 540^M
Keep-Alive: timeout=15, max=100^M
Connection: Keep-Alive^M
Content-Type: text/html; charset=iso-8859-1^M
^M
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6
PHP/5.1.1 mod_auth_kerb/5.3 Server at gandalf Port 80</address>
</body></html>

GET /edv HTTP/1.0^M
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/msword,
application/vnd.ms-excel, application/vnd.ms-powerpoint, */*^M
Accept-Language: de-ch^M
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)^M
Host: gandalf^M
Connection: Keep-Alive^M
Authorization: Negotiate
TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==^M
^M

HTTP/1.1 401 Authorization Required^M
Date: Tue, 12 Jun 2007 07:22:07 GMT^M
Server: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a PHP/4.4.6
PHP/5.1.1 mod_auth_kerb/5.3^M
WWW-Authenticate: Basic realm="^M
Content-Length: 540^M
Keep-Alive: timeout=15, max=99^M
Connection: Keep-Alive^M
Content-Type: text/html; charset=iso-8859-1^M

"

So the interesting line is "Authorization: Negotiate
TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw=="

That doesnt look like a Kerberos Service Ticket? Is that NTLM?
With best regards

M.Djihangiroff
persona service Verwaltungs AG & Co. KG 
Freisenbergstraße 31 • 58513 Lüdenscheid  
Tel.: (02351) 950-0 • Fax: (02351) 950-222 
Sitz Lüdenscheid • Registergericht Iserlohn, HRA Nr. 2930

persönlich haftende Gesellschafterin: persona service AG
Gartenstraße 93 • CH-4002 Basel
Handelsregister Basel, Nr. CH-270.3.012.836-8
diese vertreten durch den Verwaltungsrat:
Dipl.-Ing. Werner Müller (Präsident) und Dr. Sebastian Burckhardt
www.persona.de

More information about the Kerberos mailing list