问题描述
这是与
我试图找到一种无需经过真正的ntlm身份验证即可获取访问者Windows用户名的方法,我只想使用express-ntlm从浏览器http响应中提取用户名.
I am trying to find a way to grab visitor windows user name without going through real ntlm authentication, and I just want to extract the user name from browser http response using express-ntlm.
我对该过程的理解是:
- 浏览器将请求发送到没有授权标头的node.js
- express-ntlm进行401回复
- 浏览器将带有授权标头的请求发送到node.js
- express-ntlm发出带有挑战的401回复
- 浏览器应发送包含用户名信息的回复
我被困在上面的步骤4)中.我刚刚安装了Fiddler来记录页面加载的通信轨迹.
I am stuck at step 4) above.I just installed Fiddler to log down the communication trace of the page loading.
第一次握手:
GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"
==== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0
第二次握手:
GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: NTLM
TlRMTVNTUAABAAAAB7IIogQABAA0AAAADAAMACgAAAAGAbEdAAAAD1hBUEVOR0xJQU4zMFhMTlg=
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"
=== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM
TlRMTVNTUAACAAAAAAAAAAAoAAABggAAASNFZ4mrze8AAAAAAAAAAA==
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0
在提琴手的痕迹中我需要注意什么?
is there anything I need to pay attention in the fiddler trace?
我正在使用Win7 + Chrome. (我也尝试过IE和Firefox,但没有运气.)
I am using win7 + chrome. ( I also tried IE and firefox, but with no luck).
谢谢.
推荐答案
使用Fiddler遵循Ntlm质询/响应流程是一件好事.在检查器选项卡上,有一个 Auth 部分,其中包含大量信息.当客户端发送用户名时,您会在Ntlm type 3请求上找到该用户名.它已编码,但Fiddler会为您解码.
It is a good thing you use Fiddler to follow the Ntlm challenge/response flow. On the Inspectors tab there is an Auth section with extensive information. You will find the username there on the Ntlm type 3 request when it is send by the client. It is encoded but Fiddler will decode it for you.
这篇关于如何使用提琴手来调试chrome的ntlm协议?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!