RE: form based auth using kerberos ?

  • From: "Mulnick, Al" <Al.Mulnick@xxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 27 Aug 2004 13:57:02 -0400

No, forms-based auth is cookie based.  You authenticate via the form, which
uses the host server's resources to get you authenticated.  I.E. Since
Exchange FE server requires a domain member, the authentication is handled
by the FE server and Active Directory through it's means of authentication
normally Kerberos. 

SSL protects the transmission of sensitive information, such as your
username and password, from being sniffed on the wire, since it encrypts the
transport level of the conversation.  Your username and password are
clear-text inside the SSL conversation, but they're on a protected
communication channel. 


-----Original Message-----
From: m1r4cle_26@xxxxxxxxx [mailto:m1r4cle_26@xxxxxxxxx] 
Sent: Friday, August 27, 2004 2:34 PM
To: [ExchangeList]
Subject: [exchangelist] form based auth using kerberos ?


How does form-based authentication of OWA 2003 authenticate users actually ?
Is it by basic authentication where username & password are sent in clear ?
Will kerberos work with form-based authentication ?

thank you

List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
World of Windows Networking: Leading
Network Software Directory:
No.1 ISA Server Resource Site: Windows Security
Resource Site: Network Security Library: Windows 2000/NT Fax Solutions:
You are currently subscribed to this Discussion List as:
al.mulnick@xxxxxxxxxx To unsubscribe visit
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts: