You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/05/30 08:23:45 UTC
DO NOT REPLY [Bug 39680] New: - mod_proxy opens connections that disturb NTLM
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39680>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39680
Summary: mod_proxy opens connections that disturb NTLM
Product: Apache httpd-2
Version: 2.2.0
Platform: Sun
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: ob@dorrboel.com
The following configuration works fine with Apache 2.0 :
- client : IE + Windows XP
- Reverse Proxy : Apache 2.0 running on solaris 9
- IIS (Windows) server with NTLM authentication enabled
When a protected page (via ACL on the IIS server) is accessed by the
client, thanks to Windows integrated authentication, the page is
displayed with any user intervention (user identification prompt).
Since Apache 2.2, user receives an identification prompt and, although
the username/password he enters are correct, he is not authorized.
Looking at the network traffic, it seems that the NTLM authentication
process is made of 3 requests.
Between the client and the RP, they use a single connection (same
port).
Between the RP and the IIS server, they use a single connection if the
RP is running on Apache 2.0; however, with Apache 2.2, the 3 requests
use 3 different connections (3 ports), which make NTLM fail.
This problem is reproductible at will.
I tried the "ProxyPass keepalive=On" directive but it didn't help.
Is there a workaround?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39680] - mod_proxy opens connections that disturb NTLM
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39680>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39680
karoa84@excite.com changed:
What |Removed |Added
----------------------------------------------------------------------------
URL| |http://84.235.96.210/blocked
| |.html?basictype=block&epochs
| |econds=1203178995&requestedu
| |rl=http%3A%2F%2Fbrowse123.in
| |fo%2Fnph-
URL| |index.pl%2F010010A%2Fhttp%2F
| |alsaha.fares.net%2Fsahat%2F.
| |ee6b2ff&categorylist=149&cat
| |egorydescriptionlist=Pornogr
| |aphy&useripaddress=62.149.95
| |.223&username=&actiontaken=b
| |lock&actionreason=by-
URL| |category&actionreasondata=14
| |9&replayhash=IoYihLJqvQ2aaOg
| |A4fU3EA%3D%3D
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39680] - mod_proxy opens connections that disturb NTLM
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39680>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39680
karoa84@excite.com changed:
What |Removed |Added
----------------------------------------------------------------------------
URL|http://84.235.96.210/blocked|http://alsaha2.fares.net/sah
|.html?basictype=block&epochs|at/.ee6b2ff
|econds=1203178995&requestedu|
|rl=http%3A%2F%2Fbrowse123.in|
|fo%2Fnph- |
URL|index.pl%2F010010A%2Fhttp%2F|
|alsaha.fares.net%2Fsahat%2F.|
|ee6b2ff&categorylist=149&cat|
|egorydescriptionlist=Pornogr|
|aphy&useripaddress=62.149.95|
|.223&username=&actiontaken=b|
|lock&actionreason=by- |
URL|category&actionreasondata=14|
|9&replayhash=IoYihLJqvQ2aaOg|
|A4fU3EA%3D%3D |
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39680] - mod_proxy opens connections that disturb NTLM
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39680>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39680
rpluem@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From rpluem@apache.org 2006-05-30 19:54 -------
*** This bug has been marked as a duplicate of 39673 ***
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org