how to use fiddler to debug ntlm protocol with chrome?
Question
this is a question related to how to use express-ntlm to get windows user name without authentication using NODE.js?
I am trying to find a way to grab visitor windows user name without going through real ntlm authentication, and I just want to extract the user name from browser http response using express-ntlm.
My understanding about the process is:
- browser sends a request to node.js without authorization header
- express-ntlm makes a 401 reply
- browser sends a request to node.js with authorization header
- express-ntlm makes a 401 reply with a challenge
- browser shall send a reply containing user name information
I am stuck at step 4) above. I just installed Fiddler to log down the communication trace of the page loading.
1st handshake:
GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"
==== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0
2nd handshake:
GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: NTLM
TlRMTVNTUAABAAAAB7IIogQABAA0AAAADAAMACgAAAAGAbEdAAAAD1hBUEVOR0xJQU4zMFhMTlg=
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"
=== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM
TlRMTVNTUAACAAAAAAAAAAAoAAABggAAASNFZ4mrze8AAAAAAAAAAA==
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0
is there anything I need to pay attention in the fiddler trace?
I am using win7 + chrome. ( I also tried IE and firefox, but with no luck).
thanks.
1 answers
solution1
1 2015-03-26 15:39:26
It is a good thing you use Fiddler to follow the Ntlm challenge/response flow. On the Inspectors tab there is an Auth section with extensive information. You will find the username there on the Ntlm type 3 request when it is send by the client. It is encoded but Fiddler will decode it for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.