perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brett Beaumont" <brett.beaum...@sytec.co.nz>
Subject AuthCookieNTLM and browser hangs
Date Wed, 02 Jun 2004 03:19:19 GMT
All,

We are testing AuthCookieNTLM to secure our Intranet. We are running Apache 1.3, mod_perl,
and AuthCookieNTLM. Our requests are also rewritten using mod_rewrite. If we hit the server
quickly enough, and with enough requests, the browsers start to hang. This problem only occurs
in our UAT environment, while the module works really well in dev.

Some of our users are logged into a different domain and do get prompted for their credentials
on the domain we authenticate against. However, if enough of these users attempt to log in
to the intranet at once, the browsers start to hang during the authentication process. Once
one browser is hung, I can point a new browser window at our intranet and the first browser
window kicks back into life, and the new browser window hangs. 

It seems like the lock is getting stuck somewhere. Once the authentication is complete, and
the authentication cookie issued, the user can continue to browse the intranet successfully.

Has anybody else experienced a similar problem with this module?

Many thanks,

Brett Beaumont


Relevant KeepAlive and server settings:

ServerType standalone
Timeout 300
#
# Keepalives must be on for NTLM auth
# Unlimited number of keep alive requests, 5 minute timeout
KeepAlive On
MaxKeepAliveRequests 0
KeepAliveTimeout 5
#
StartServers 20
MinSpareServers 10
MaxSpareServers 40
MaxClients 255
MaxRequestsPerChild 1000


#----------------------------------------
# /intranet is NTLM Authenticated
# Unauthenticated access is allowed from
# localhost and 1 remote IP Address
#----------------------------------------
<Location /intranet>
  PerlAuthenHandler Apache::AuthCookieNTLM
  AuthType ntlm,basic
  AuthName DOMAIN

  PerlAddVar ntdomain "DOMAIN DC1"

  PerlSetVar ntlmauthoritative on
  PerlSetVar basicauthoritative on

  PerlSetVar defaultdomain DOMAIN
  PerlSetVar fallbackdomain DOMAIN
  PerlSetVar splitdomainprefix 1
  PerlSetVar ntlmdebug 1
  Require valid-user

  RewriteEngine On
  RewriteRule ^/.*/$ /target%{REQUEST_URI} [P]
  RewriteRule ^/.*$ /target%{REQUEST_URI} [P]

  order Allow,Deny
  allow from 127.0.0.1
  Satisfy any
</Location>

Important:  This electronic mail message and attachments (if any) are confidential and may
be legally privileged.  If you are not the intended recipient please contact us immediately
and destroy this message.  You may not legally copy, disclose, disseminate or use the contents
in any way.  Thank you.


Mime
View raw message