Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
930 views
in Technique[技术] by (71.8m points)

header - Authentication issues with WWW-Authenticate: Negotiate

I am trying to access a site that is password protected. It is not using basic authentication (even though the same user/pass box pops up in firefox) as the response header is WWW-Authenticate: Negotiate.

I want to automate the login process by sending the correct header.

In basic you would use something like:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

What would I use for negotiate?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Putting this information here for future readers' benefit.

  • WWW-Authenticate: Basic-> Authorization: Basic + token - Use for basic authentication
  • WWW-Authenticate: NTLM-> Authorization: NTLM + token (2 challenges)
  • WWW-Authenticate: Negotiate -> Authorization: Negotiate + token - used for Kerberos authentication
    • By the way: IANA has this angry remark about Negotiate: This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field syntax).

You can set the Authorization: Basic header only when you also have the WWW-Authenticate: Basic header on your 401 challenge.

But since you have WWW-Authenticate: Negotiate this should be the case for Kerberos based authentication.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...