httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 39673] mod_proxy opens connections that disturb NTLM
Date Sat, 10 Jan 2009 20:51:47 GMT

Ryan Malayter <> changed:

           What    |Removed                     |Added
                 CC|                            |
             Status|NEEDINFO                    |NEW

--- Comment #8 from Ryan Malayter <>  2009-01-10 12:51:46 PST ---
I noticed there has been no activity for over a year, so I figured I would
provide an update.

I am experiencing the same issue in a forward-proxy scenario using mod_proxy
(so the issue is not limited to reverse-proxy setups). NTLM authentication over
a non-HTTP connection using mod_proxy fails. Interestingly, NTLM authentication
over a tunneled SSL connection using mod_proxy_connect seems to work just fine.

This is using version 2.2.11. None of the environment variables for
mod_proxy_http or ProxyPass options seem to help.

I know that NTLM authentication may be requiring some non-RFC behavior (reusing
the same connection). However, there are many other places in httpd where
options are provided to work around bugs in non-RFC-compliant software. Is it
possible to do that here?

What other information might be helpful to provide to get a workaround
documented or a patch in place that lets us use NTLM? I am not much of a C/C++
jockey anymore, but I can certainly help with packet traces, testing different
options, whatever.

I will try to have a look at the Squid bug tracker to see if there were any
NTLM issues for their code and if so, how they resolved them. Because I know
NTLM works in Squid proxies (somehow).

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message