Hi Henrik,
At 01.01 17/10/2005, Henrik Nordstrom wrote:
>On Mon, 17 Oct 2005, Serassio Guido wrote:
>
>>Yes, I get a blob and it's returned to the browser.
>>The strange thing is that ISA Server doesn't return anything .... :-(
>>So I don't know if it's really used from the browser.
>
>More interestingly, why is the SPNEGO returning such blob if it's
>apparently not needed?
>
>Or maybe it's just Microsoft who again got things wrong and causes
>extra burden on the KDC due to not returning this in ISA.. but I'm a
>little clueless on how Kerberos tokens works so I really should not
>speculate here.. It is entirely possible this blob is only required
>for the client to authenticate the server (which I doubt MSIE cares
>about doing, especially considering the request has already been
>sent making it somewhat pointless to verify..).
Another hypothesis:
Currently Internet Explorer doesn't support Negotiate for Proxy Auth,
so I have used Firefox 1.5 beta 2. I don't know how its Negotiate
implementation is fully correct.
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Mon Oct 17 2005 - 04:54:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:07 MST