We are troubleshooting some performance issues on a CRM Online instance.
The site has ADFS configured single sign on and without fiddler running this works fine.
The site also has a proxy server to access the internet which users are authenticated against using their internal AD network credentials.
Once fiddler is turned on and capturing traffic the SSO to the online instance no longer works and users are presented with a series of ADFS login boxes to our internal ADFS urls - it seems like running fiddler interrupts the exchange of credentials that underpins SSO. Entering the user's domain credentials allows the user to view the CRM Online instance (they can enter domain\username and their password to proceed). Once entered the user is not prompted again for that session.
we have also seen occasional prompts for credentials from other random internet sites while fiddler is running - public websites that should not need authentication. It is unclear to me whether it is our internal proxy that is requesting the credentials but claiming that the website needs authentication - see attached screen cap. In this case, entering a user's network credentials to authenticate to the proxy allows access
Are there any tips for :-
a) running fiddler on CRM Online instances (beyond decrypting the traffic so fiddler can see it)
b) running fiddler on applications that use federated SSO solutions
c) tuning Fiddler to not interrupt authentication traffic
Thanks