I'm having a application which has Windows Integrated Authentication, for internet users we are having a reverse proxy which has a IIS server which will authenticate using basic authentication then redirected to the actual application, every thing works as expected in IE and firefox but in safari there is a second login dialog box appers.
When I did a packet capture using wireshark I noticed that in IE and FF the basic authetication which is carried forwared to the actual application from IIS server but in Safari there is a NTLM negotion in between because of this my application asks for one more login dialog. Dose any one knows why safari is behaving like this?
It seems like there is an issue with basic authentication and HTTP redirection
Related
I want to capture traffic from a host using HTTP, but I do not see a response coming back. If I close fiddler, my application runs as normal.
I see '-' in the Result section, where it should have been an HTTP response code. If I manually execute the request using Composer, I get a 200 response. Fiddler is able to capture traffic from all other web applications without issue.
I have installed Fiddler certificate. Troubleshooting Mode returns 200. The host does not use HTTPS, but I have enabled Capture HTTPS Connects anyways.
I am using Fiddler v5.0.20182
Some applications performs certificate pinning. Also web applications can perform certificate pinning e.g. via HTTP Public Key Pinning (HPKP). If you have ever used the web application in your browser without Fiddler, the web app public key has been downloaded and cached in the web-browser.
Afterwards the Fiddler root certificate is no longer accepted for that site/app even it it has been installed correctly. You should be able to identify such problematic connections in Fiddler if you only see a CONNECT request but no subsequent requests to the same domain.
To delete the HPKP in your web browser you should use a fresh profile or clear the complete browser cache. Afterwards only use it with activated Fiddler proxy and SSL decryption. As far as I know Fiddler will remove HPKP data from responses so that the web application should also work with Fiddler in between.
I think you should be able to uncheck the options for https, uncheck the boxes which appear checked here? Or you might be able to skip decryption by adding the host in the box below where it says Skip decryption for the following hosts
I need to integrate Microsoft Dynamics NAV web services on the website. They provided me with a list of services URLs to access in a browser to see the XML structure. When I open, I see Sign In window, I enter username and password but window still prompts me to enter details. My IP is whitelisted, server IP as well and I send SOAP requests from server's specific IP. But no results.
I asked them and they told that they can see the XML in a browser. For me, I can imagine why I cannot get any results because if in browser the authentication is not working, it will not work for the server requests too.
I tried to turn off antivirus, restart the internet, tried with other PC,etc...but nothing, same result - looped sign in window
(see the attachment).
Any ideas please? Thanks
This is also not working for me in Chrome. It works in IE/Edge with the credential manager from windows and in Firefox with basic credentials.
You could try to use the Boomerang SOAP and REST Client for Chrome.
I use Web Services only with IE/Edge.
In the background of your Screenshot the page says that you are not authorized (HTTP 401). Is your user also a user in Dynamics NAV/Business Central?
We recently changed the IP-address on a server hosting one of our services based on .NET Web API 2.
The service is using OAuth2, providing external logins via Facebook/Google.
We're still using the same server and the same host name for our services, only the IP-address has changed. Now I'm getting back my login URL with "&error=access_denied" whenever I try to login using Facebook/Google.
I have checked every setting in both Facebook's and Google's developer consoles but nothing seems to apply. If I remove the OAuth redirect URI, I get an error that the URL is blocked, so the settings seems to take effect.
What have I missed?
Funny how asking a question makes you think even more outside of the box. The culprit was that wrong DNS-server was set on the web host.
I'll see myself out...
i have a weird thing going on. I have configured a website to use windows authentication. Now when i check on a client in a domain or on my domain controller i can access the website after entering my credentials. But on the webserver itself i can't login with these same credentials. Is this normal behaviour or what can cause this to happen ?
IIS Media Services 4.1:
I have a dedicated website setup on my win 7 dev box. I'm testing the REST service with Windows Auth turned on from both calls from a browser as well as a test C# winform app. Using the browser I try to hit http://iismediatestsite/services/smoothstreaming/publishingpoints.isml I get challeneged (good) but when I put in my domain creds I get into a loop where it keeps prompting for creds. My domain account is an admin on this box. If I use my test app I set UseDefaultCredentials to true but I get a 401 returned.
Using Basic Auth works fine with both clients.
Any ideas?
TIA
Okay apparently this is caused by an issue when authenticating by NTLM via a loopback address. It is better explained and a workaround provided here:
http://support.microsoft.com/kb/896861