RFC 4559

SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows, June 2006

Canonical URL:
https://www.rfc-editor.org/rfc/rfc4559.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Authors:
K. Jaganathan
L. Zhu
J. Brezak
Stream:
INDEPENDENT

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC4559

Discuss this RFC: Send questions or comments to rfc-ise@rfc-editor.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document describes how the Microsoft Internet Explorer (MSIE) and Internet Information Services (IIS) incorporated in Microsoft Windows 2000 use Kerberos for security enhancements of web transactions. The Hypertext Transport Protocol (HTTP) auth-scheme of "negotiate" is defined here; when the negotiation results in the selection of Kerberos, the security services of authentication and, optionally, impersonation (the IIS server assumes the windows identity of the principal that has been authenticated) are performed. This document explains how HTTP authentication utilizes the Simple and Protected GSS-API Negotiation mechanism. Details of Simple And Protected Negotiate (SPNEGO) implementation are not provided in this document. This memo provides information for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×