OpenSTA

Tracker: Bugs

5 Bad Windows Auth handling - ID: 730317

Last Update: Comment added ( sam_squarewave )

Details:

The script generated by the Modeler when the session
requires a login/password cannot be replayed
successfully.

The Server first challenges for a "Basic" authentification,
then it turns this auth. into a NTLM auth.

The generated script includes statements such as:

BUILD AUTHENTICATION BLOB &
FOR BASIC &
FROM USER "admin" PASSWORD "" DOMAIN ""
&
INTO blob_2_1

and further:

Load Response_Info Header on 3 &
Into blob_3_0 &
,WITH "WWW-Authenticate"

BUILD AUTHENTICATION BLOB &
FOR NTLM &
FROM BLOB blob_3_0 &
INTO blob_3_0

But requests are all denied by the Web server.
IIS server just require a valid user for itself, it does not
belong to a Windows Domain.

Submitted:

Jerome Delamarche ( trickyjer ) - 2003-04-30 17:24

Priority:

Status:

Open

Resolution:

None

Assigned:

Nobody/Anonymous

Category:

HTTP Capture

Group:

Design

Visibility:

Public

Comments ( 2 )

Date: 2008-08-20 21:22 Sender: sam_squarewave I would love to see this fixed. I know us windows folks aren't supposed to use open source products though...
Date: 2005-06-23 13:35 Sender: brianavid Logged In: YES user_id=1214182 Also note that the space declared for NTLM blobs is 256 CHARACTERS, but HTTP www-authenticate responses have been seen larger than this. I manually edit the generated declarations to 512 CHARACTERs to get it to work (mostly).

Attached File ( 1 )

Filename	Description	Download
BEADEV-ASP1.HTP	Sample of non working script	Download

Change ( 1 )

Field	Old Value	Date	By
File Added	49175: BEADEV-ASP1.HTP	2003-04-30 17:24	trickyjer

OpenSTA

Tracker: Bugs

Comments ( 2 )

Attached File ( 1 )

Change ( 1 )

About SourceForge

Find Software

Develop Software

Community

Help