SWG, Kerberos Auth and identify users by credentials
Published Feb 27, 2019
Version 1.0Was this article helpful?
Hi Niels,
I've found your snipped in the hope to find a method to reuse existing APM sessions in the case that Negotiate authentication was used across multiple connections and the client is unable to process http-cookies.
Can you please further elaborate on how the offsets are choosen to differentiate individual clients?
set krbTicketPart [string range [findstr [TCP::payload] "Proxy-Authorization: Negotiate YII" 35 " "] 0 30]
If I b64/ASN.1 decode the krbTicketPart, it includes just the SPNEGO-OID which should be the same for every single client?
Application 0 (2 elem)
OBJECT IDENTIFIER 1.3.6.1.5.5.2
[0] (1 elem)
SEQUENCE (2 elem)
[0] (1 elem)
SEQUENCE (4 elem)
OBJECT IDENTIFIER
Cheers, Kai