You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Bryan Call (JIRA)" <ji...@apache.org> on 2014/03/13 22:47:44 UTC

[jira] [Commented] (TS-2626) Problem with TS-312 - Always share Keep Alive + NTLM Authorization

    [ https://issues.apache.org/jira/browse/TS-2626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13934146#comment-13934146 ] 

Bryan Call commented on TS-2626:
--------------------------------

Sure

> Problem with TS-312 - Always share Keep Alive + NTLM Authorization
> ------------------------------------------------------------------
>
>                 Key: TS-2626
>                 URL: https://issues.apache.org/jira/browse/TS-2626
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>            Reporter: Tommy Lee
>            Assignee: Bryan Call
>             Fix For: 5.0.0
>
>         Attachments: tcpdump.txt
>
>
> We are noted that ATS-5.0.0 from GIT master couldn't authenticate with some websites that uses Authorization Header.
> We always get 401 ( Unauthorized ) response.
> I'm attaching two debug files. One with ATS-3.2.2 that's working and one with ATS-5.0.0 that's broken.
> Almost the same records.config for both tests.
> I'm looking for changes in source code too. I'll update the issue if I find an answer.
> To devs: Could the question mark after the "exchange"  can cause that ? This is the only modification between these two versions.
> ATS-3.2.2 GET - GET http://webmail.candidomendes.edu.br/exchange?
> ATS-5.0.0 GET -  GET http://webmail.candidomendes.edu.br/exchange
> Thanks.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Re: [jira] [Commented] (TS-2626) Problem with TS-312 - Always share Keep Alive + NTLM Authorization

Posted by Leif Hedstrom <zw...@apache.org>.

I believe there is code to look for Authorization headers. Does that prevent origin sharing ? If so, is there an easy way to know that a session has been NTLM authenticated ? Alternatively, would it make sense to add a new plugin API which would allow a READ_RESPONSE hook to signal that a session can not be shared and/or returned to a session pool ?


> On Mar 13, 2014, at 3:47 PM, "Bryan Call (JIRA)" <ji...@apache.org> wrote:
> 
> 
>    [ https://issues.apache.org/jira/browse/TS-2626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13934146#comment-13934146 ] 
> 
> Bryan Call commented on TS-2626:
> --------------------------------
> 
> Sure
> 
>> Problem with TS-312 - Always share Keep Alive + NTLM Authorization
>> ------------------------------------------------------------------
>> 
>>                Key: TS-2626
>>                URL: https://issues.apache.org/jira/browse/TS-2626
>>            Project: Traffic Server
>>         Issue Type: Bug
>>         Components: HTTP
>>           Reporter: Tommy Lee
>>           Assignee: Bryan Call
>>            Fix For: 5.0.0
>> 
>>        Attachments: tcpdump.txt
>> 
>> 
>> We are noted that ATS-5.0.0 from GIT master couldn't authenticate with some websites that uses Authorization Header.
>> We always get 401 ( Unauthorized ) response.
>> I'm attaching two debug files. One with ATS-3.2.2 that's working and one with ATS-5.0.0 that's broken.
>> Almost the same records.config for both tests.
>> I'm looking for changes in source code too. I'll update the issue if I find an answer.
>> To devs: Could the question mark after the "exchange"  can cause that ? This is the only modification between these two versions.
>> ATS-3.2.2 GET - GET http://webmail.candidomendes.edu.br/exchange?
>> ATS-5.0.0 GET -  GET http://webmail.candidomendes.edu.br/exchange
>> Thanks.
> 
> 
> 
> --
> This message was sent by Atlassian JIRA
> (v6.2#6252)