Category: Security

Secure channel compatibility support with SSL and TLS

Security Cyber Benjamin Perkins

I wrote 2 previous blogs about NTLM and Negotiate/Kerberos which discussed briefly about how those authentication packages work within the context of Integrated Windows Authentication. Another authentication package supported in Windows is called Secure Channel, also known as Schannel. This blog will not discuss the details of Schannel because the detail can be found here. […]

Read More →

Kerberos authPersistNonNTLM authentication, request based vs. session based authentication

IIS Benjamin Perkins

Kerberos is a request based authentication protocol. That means with each request, there is a resulting authentication step. See the following figure 1 where you notice a Ticket request for each GET Http Command. Figure 1, Network Monitor log for request based authentication This article covers the implementation of the authPersistNonNTLM attribute, that when set […]

Read More →

Integrated Windows Authentication with NTLM

IIS Benjamin Perkins

IIS provides a number of different authentication techniques. One of which is Integrated Windows Authentication. Integrated Windows Authentication utilizes Negotiate/Kerberos or NTLM to authenticate users based on an encrypted ticket/message passed between a browser and a server. The preceding image shows a standard communication flow between Internet Explorer and IIS version 6+. The initial request […]

Read More →

Integrated Windows Authentication with Negotiate

IIS Benjamin Perkins

IIS provides a number of different authentication techniques. One of which is Integrated Windows Authentication. Integrated Windows Authentication utilizes Negotiate/Kerberos or NTLM to authenticate users based on an encrypted ticket/message passed between a browser and a server. The preceding image shows a standard communication flow between Internet Explorer and IIS version 6+. The initial request […]

Read More →