tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: NTLM / Connection: Keep-Alive / HTTP 1.0
Date Fri, 03 Jan 2003 05:05:03 GMT
There is a problem with HTTP/1.0 Keep-Alive in 4.1.12.  See
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12783 for more
information.  If this looks like your problem, then upgrading to 4.1.18
should fix it.

"Endre Stølsvik" <Endre@Stolsvik.com> wrote in message
news:Pine.LNX.4.44.0301021343560.5535-100000@gekko.stud.ntnu.no...
> We're having a problem surrounding Tomcat when using NTLM authentication
> (Windows NT/2000 "single sign-on" through IE), when Internet Explorer
> decides that it should use HTTP 1.0.
>
> The problem is that NTLM _must_ go three times "back-and-forth" on the
> same connection. It is a connection-level authentication mechanism, rather
> than a session-oriented mechanism, probably violating a dozen RFCs.
> However, this requires that the server does "Keep-Alive" connections.
>
> The whole system works like a charm with HTTP 1.1, where Tomcat is eager
> to do keep-alive. But, if the browser is set up to do HTTP 1.0 only (as
> you can with IE, also through the policy system for windows, as a company
> here have done!), then Tomcat refuses to do keep-alive. A RFC out there
> (http:1.0 2068) states that if the client adds the string "Connection:
> Keep-Alive", then the server should still do keep-alive, even on 1.0. This
> is not the fact with Tomcat (4.1.12); it always and still closes the
> connection if the client requests HTTP 1.0 _with_ "Connection:
> Keep-alive" (as verified using telnet).
>
> We've banged our heads against this for some time now, and would like to
> know if anyone have any ideas for solutions.
>
> One idea that haven't been exhausted yet is whether any of the connectors
> available between apache httpd and tomcat will behave differently that
> tomcat's native http connector? Is this an probable avenue?
>
> Any help would be greatly apreciated!
>
> PS: Check out the excellent jcifs project for more background on NTLM and
> CIFS, http://jcifs.samba.org/
>
> --
> Mvh,
> Endre Stølsvik               M[+47 93054050] F[+47 51625182]
> Developer @ CoreTrek AS         -  http://www.coretrek.com/
> CoreTrek corporate portal / EIP -  http://www.corelets.com/





--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message