Topic: Integrated Windows Authentication

Message

   Integrated Windows Authentication 

Integrated Windows Authentication (IWA), formerly known as NTLM (NT
LAN Manager), is a computer networking security protocol which operates
in a variety of Microsoft Windows network protocols for authentication
purposes.

Like certain other protocols, IWA sits on top of HTTP. Web-browsing
software uses it as a single sign-on mechanism, so browsing users can
transparently log-on to web services using their Microsoft Windows
credentials.

Microsoft developed IWA, and it occurs mostly in Microsoft
products, though other sets of software have implemented it as well, as
in the Mozilla Firefox web-browser, the Apache web-server and the shell
utility cURL.

The protocol

The protocol uses a challenge-response sequence requiring the
transmission of three messages between the client (wishing to
authenticate) and the server (requesting authentication):

1. The client first sends a Type 1 message containing a set of
flags of features supported or requested (such as encryption key sizes,
request for mutual authentication, etc.) to the server. 

2. The server responds with a Type 2 message containing a similar set
of flags supported or required by the server (thus enabling an
agreement on the authentication parameters between the server and the
client) and, more importantly, a random challenge (8 bytes). 

3. Finally, the client uses the challenge obtained from the Type 2
message and the user's credentials to calculate the response. The
calculation methods differ based on the NTLM authentication parameters
negotiated previously, but in general they apply MD4/MD5 hashing
algorithms and DES encryption to compute the response. The client then
sends the response to the server in a Type 3 message.
_________________

Author	Message
surabhi Newbie Joined: 03Apr2007 Online Status: Offline Posts: 1	Topic: Integrated Windows Authentication Posted: 04Apr2007 at 12:07am
	Integrated Windows Authentication Integrated Windows Authentication (IWA), formerly known as NTLM (NT LAN Manager), is a computer networking security protocol which operates in a variety of Microsoft Windows network protocols for authentication purposes. Like certain other protocols, IWA sits on top of HTTP. Web-browsing software uses it as a single sign-on mechanism, so browsing users can transparently log-on to web services using their Microsoft Windows credentials. Microsoft developed IWA, and it occurs mostly in Microsoft products, though other sets of software have implemented it as well, as in the Mozilla Firefox web-browser, the Apache web-server and the shell utility cURL. The protocol The protocol uses a challenge-response sequence requiring the transmission of three messages between the client (wishing to authenticate) and the server (requesting authentication): 1. The client first sends a Type 1 message containing a set of flags of features supported or requested (such as encryption key sizes, request for mutual authentication, etc.) to the server. 2. The server responds with a Type 2 message containing a similar set of flags supported or required by the server (thus enabling an agreement on the authentication parameters between the server and the client) and, more importantly, a random challenge (8 bytes). 3. Finally, the client uses the challenge obtained from the Type 2 message and the user's credentials to calculate the response. The calculation methods differ based on the NTLM authentication parameters negotiated previously, but in general they apply MD4/MD5 hashing algorithms and DES encryption to compute the response. The client then sends the response to the server in a Type 3 message. _________________ Post Resume: Click here to Upload your Resume & Apply for Jobs

	IP Logged


One Stop Testing Forum : Types Of Software Testing @ OneStopTesting : Functional Testing @ OneStopTesting