httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 39673] mod_proxy opens connections that disturb NTLM
Date Sat, 10 Jan 2009 20:51:47 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=39673


Ryan Malayter <rmalayter@bai.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |rmalayter@bai.org
             Status|NEEDINFO                    |NEW




--- Comment #8 from Ryan Malayter <rmalayter@bai.org>  2009-01-10 12:51:46 PST ---
I noticed there has been no activity for over a year, so I figured I would
provide an update.

I am experiencing the same issue in a forward-proxy scenario using mod_proxy
(so the issue is not limited to reverse-proxy setups). NTLM authentication over
a non-HTTP connection using mod_proxy fails. Interestingly, NTLM authentication
over a tunneled SSL connection using mod_proxy_connect seems to work just fine.

This is using version 2.2.11. None of the environment variables for
mod_proxy_http or ProxyPass options seem to help.

I know that NTLM authentication may be requiring some non-RFC behavior (reusing
the same connection). However, there are many other places in httpd where
options are provided to work around bugs in non-RFC-compliant software. Is it
possible to do that here?

What other information might be helpful to provide to get a workaround
documented or a patch in place that lets us use NTLM? I am not much of a C/C++
jockey anymore, but I can certainly help with packet traces, testing different
options, whatever.

I will try to have a look at the Squid bug tracker to see if there were any
NTLM issues for their code and if so, how they resolved them. Because I know
NTLM works in Squid proxies (somehow).


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message