Andy Doran wrote:
> - The client replies with a base64 encoded, little endian 'struct
> ntlm_authenticate' in it's Proxy-Authentication field. This structure
> includes the username, domain name, workstation name, NT password hash,
> LM password hash and some flags.
Do you have any idea what is it that makes the NTLM authentication sheme
impossible to proxy? From my understanding of NTLM challenge/response
used in file access is possible to proxy to another authentication
server.
I perfectly understand why challenge encryption stops the authenticated
user credentials from being proxied to another server (like in a ISS
server proxying the user information to a SQL server or whatever), but
not why whole the authentication can't be proxied by a HTTP proxy to a
NTLM capable server..
/Henrik
Received on Sun Dec 12 1999 - 07:16:11 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:19 MST