tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: NTLM / Connection: Keep-Alive / HTTP 1.0
Date Fri, 03 Jan 2003 05:05:03 GMT
There is a problem with HTTP/1.0 Keep-Alive in 4.1.12.  See for more
information.  If this looks like your problem, then upgrading to 4.1.18
should fix it.

"Endre Stølsvik" <> wrote in message
> We're having a problem surrounding Tomcat when using NTLM authentication
> (Windows NT/2000 "single sign-on" through IE), when Internet Explorer
> decides that it should use HTTP 1.0.
> The problem is that NTLM _must_ go three times "back-and-forth" on the
> same connection. It is a connection-level authentication mechanism, rather
> than a session-oriented mechanism, probably violating a dozen RFCs.
> However, this requires that the server does "Keep-Alive" connections.
> The whole system works like a charm with HTTP 1.1, where Tomcat is eager
> to do keep-alive. But, if the browser is set up to do HTTP 1.0 only (as
> you can with IE, also through the policy system for windows, as a company
> here have done!), then Tomcat refuses to do keep-alive. A RFC out there
> (http:1.0 2068) states that if the client adds the string "Connection:
> Keep-Alive", then the server should still do keep-alive, even on 1.0. This
> is not the fact with Tomcat (4.1.12); it always and still closes the
> connection if the client requests HTTP 1.0 _with_ "Connection:
> Keep-alive" (as verified using telnet).
> We've banged our heads against this for some time now, and would like to
> know if anyone have any ideas for solutions.
> One idea that haven't been exhausted yet is whether any of the connectors
> available between apache httpd and tomcat will behave differently that
> tomcat's native http connector? Is this an probable avenue?
> Any help would be greatly apreciated!
> PS: Check out the excellent jcifs project for more background on NTLM and
> --
> Mvh,
> Endre Stølsvik               M[+47 93054050] F[+47 51625182]
> Developer @ CoreTrek AS         -
> CoreTrek corporate portal / EIP -

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message