IIS Authenticating with IIS using Windows Integrated

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

IIS Authenticating with IIS using Windows Integrated

Message

21/06/2005 14:11:44

Victor Campos
Rowland Heights, Californie, États-Unis

Tous

Information générale

Forum:

ASP.NET

Catégorie:

Securité

Titre:

IIS Authenticating with IIS using Windows Integrated

Versions des environnements

Environment:

C# 1.1

OS:

Windows Server 2003

Network:

Windows 2003 Server

Database:

MS SQL Server

Divers

Thread ID:

01025229

Message ID:

01025229

Vues:

Alright, we figured out that using Windows Integrated security will not send plain text over the wire under certain conditions:

* Anon. Access is disabled
* Basic Auth is disabled
* Client is I.E. 2.0 or above
* IIS is on W2K or above

Negotiation is actually done in two forms:

* NTLM
* Kerberos

However, does anyone know if the 1st IIS is a client to a web server on another 2nd IIS box where the 2nd is using Windows Integrated Security and all the above conditions apply will NTLM and Kerberos still apply?

Do you have any links or sources to back up the claim?

-vic
My Personal Site

Répondre

Fil

Voir

Click here to load this message in the networking platform