Why there are three rounds of message exchanges for integrated windows authentication for IE
Posted
by
user197658
on Server Fault
See other posts from Server Fault
or by user197658
Published on 2013-11-08T00:16:41Z
Indexed on
2013/11/08
3:58 UTC
Read the original article
Hit count: 436
According to the result monitored by fiddler, there are totally 3 handshakes for integrated windows authentication for IE.
GET /home
-
401 Unauthorized
WWW-Authenticate: Negotiate, NTLM
GET /home
Authorization: Negotiate UYTYGHGYKHKJPPP-===
-
401 Unauthorized
WWW-Authenticate: Negotiate UYUGKJKJKJ+++766==
Get /home
Authorization: Negotiate HJGKJLJLJ+++===
-
200 OK
WWW-Authenticate: Negotiate UHLKJKJKJJLK===
Who knows what concrete things are done for the three, especially the 2nd one.
P.S. The network environment is work group mode, other than domain mode, and the server is a website hosted on my local PC. In other words, the client (IE) & the server are both in the same machine.
© Server Fault or respective owner