Re: form based auth using kerberos ?

  • From: <Paul_Lemonidis@xxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 27 Aug 2004 18:52:28 +0100


I do not claim to be an expert on this but I think I may be able to shed some light on the issue.

I think the strict answer to your question is yes it does but since the client would not have access to a Keberos Key Distribtion Centre (KDC) that is common to both client and server authentication would fail. A KDC server outside your internal netwoirk would be insecure for obvios reasons. Thus why basic authentication is normally used and thus SSL is required for secure communications without passwords being compormised as basic authentication does end passwords in the clear.

See the link below too. Hope this helps?;en-us;282805


Paul Lemonidis.

----- Original Message ----- From: <m1r4cle_26@xxxxxxxxx>
To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
Sent: Friday, August 27, 2004 7:33 PM
Subject: [exchangelist] form based auth using kerberos ?


How does form-based authentication of OWA 2003 authenticate users actually
Is it by basic authentication where username & password are sent in clear
Will kerberos work with form-based authentication ?

thank you

List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
World of Windows Networking:
Leading Network Software Directory:
No.1 ISA Server Resource Site:
Windows Security Resource Site:
Network Security Library:
Windows 2000/NT Fax Solutions:
You are currently subscribed to this Discussion List as: paul_lemonidis@xxxxxxxxxxx
To unsubscribe visit
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts: