Re: Automatically Authenticate in Fiddler Composer does not used the Credential Manager

[EricLaw]

Yes, Fiddler's X-AutoAuth (default) feature uses the current Windows logon user's credentials. If you want to use different credentials, you can set X-AutoAuth to a string of the form: domain\\username:password. To do the same with the Request Composer, set the preference

fiddler.composer.AutoAuthCreds

to that latter string.

 

-Eric

On Tuesday, July 31, 2012 12:10:05 AM UTC-7, Jason Stangroome wrote:

Hi,

If I configure Fiddler 2.4.0.0 to capture and decrypt HTTPS and use IE 10 on Windows 8 RC on my non-domain-joined laptop I can browse to an Internet-facing SharePoint server and I am automatically authenticated without prompting. Fiddler's capture shows the 401 handshake followed by the successful response.

If I reproduce the initial request to the SharePoint server from IE in Fiddler's Composer, and enable the Automatically Authenticate option, I just end up with a series of repeatedly failing 401s.

If I use the Auth Inspector for the request captured from IE I can see from the hex representation of the NTLM Authorization Header that IE is including my domain user name (saved in the Windows Credential Manager) in the auth token sent to the server. Viewing the same information for the request composed by Fiddler shows that my laptop's local user name is being used instead.

Is this something I can fix by trying a different approach, or is this a bug in Fiddler's Automatic Authenticate option?

Regards,

Jason