On Thu, Apr 16, 2009 at 12:24 PM, <apache@xxxxxxxxxxxxxx> wrote: > Server - RH5 httpd-2.2.3 > > I have setup a server that uses ssl ldap authentication. This all works > fine. I am trying to understand the connection from a client browser to > the server. I am sniffing the packets on the server with tcpdump and > also have tried wireshark. Since the server is using http not https I > assumed that all traffic from the client browser to the server would be > in clear text. So, when I connect to the server with the client browser > I get the authentication window. I enter a username and passwd. > Looking at the traffic on the server I see everything but the username > and passwd It's base64-encoded in the Authorization request header. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|