RE: [users@httpd] Rewrite rule not forwarding HTTP/1.0 200 OK mes sage

["Wick, Daniel" <DP...@Mail.Donaldson.com>]

Thomas,

I'm just curious to know why you're using a rewrite instead of a proxy pass?

--DW

> -----Original Message-----
> From: Doherty, Thomas [mailto:thomas.doherty@acs-inc.com]
> Sent: Thursday, January 22, 2004 11:10 AM
> To: 'users@httpd.apache.org'
> Subject: [users@httpd] Rewrite rule not forwarding HTTP/1.0 200 OK
> message
> 
> 
> 	We have Apache 2.0.45 with the following rewrite rule:
> 
> 	RewriteRule ^/$ http://10.10.10.10:9254/default.htm [P]
> 	RewriteRule ^/(.+) http://10.10.10.10:9254/$1 [P]
> 	RewriteLog "/opt/hpws/apache/logs_privtest/mod_rewrite.log"
> 	RewriteLogLevel 5
> 
> 	The Apache server is on HP-UX 11i talking to a 
> Microsoft IIS (not
> sure of the version) server. The client software is not a web 
> browser but a
> client that the application vendor supplied that uses HTTP. The client
> authentication is done via NTLM using a "backward request 
> header". There is
> no authentication on the Apache server.
> 
> 	We have the following two issues:
> 
> 	1. Not every user can login. The vendor is saying that 
> the users who
> cannot login are sending less data than the users who can 
> login. Apparently
> there are different applications and the users who can't 
> login are in an
> application that has less data. They say the proxy (Apache) is not
> forwarding any packets less than 4KB...I don't know where 
> they got this
> number. I did a tcpdump on the Apache server to compare the 
> responses of a
> user who works and one that doesn't. They are correct about Apache not
> forwarding the packets for the users that don't work. The 
> communication is
> identical until the IIS responds with a HTTP/1.0 200 OK 
> message. In both
> instances Apache receives the reply from the IIS server but 
> does not forward
> it to the client in the case of the user that doesn't work. I 
> cannot see any
> difference between the two responses. Below are the HTTP 
> contents of the
> responses from both clients:
> 
> 	The HTTP message that Apache forwards
> 
> 	HTTP/1.0 200 OK..Connection:
> Keep-Alive..Content-Length:1000000000..C2GSERVERIP:
> 172.30.9.220..C2GSESSIONTOKEN:
> 	E7D08A74-5DF2-4348-8A9B-C4ED040F5D38..C2GERROR: 0..C2GROLE:
> 0..C2GUID: {B9FC3036-DDC0-4FF1-9B00-54A055E7C2FF}..
> 
> 	The HTTP message that Apache does not forward
> 
> 	HTTP/1.0 200 OK..Connection:
> Keep-Alive..Content-Length:1000000000..C2GSERVERIP:
> 172.30.9.220..C2GSESSIONTOKEN:
> 	617B6E2B-ECBE-43AB-A1FA-C69F7FCDB61B..C2GERROR: 0..C2GROLE:
> 0..C2GUID: {7C9B8675-0878-446F-BE92-C5AD566548E6}..
> 
> 	The rest of the trace, IP and TCP, are identical. There 
> is nothing
> in the error_log, mod_rewrite.log, or access_log that 
> indicate a problem.
> 
> 	2. The users that can login take 2-5 minutes to 
> authenticate. If you
> put in an incorrect ID the server responds immediately with 
> incorrect logon
> information. I know this problem has more to do with NTLM 
> "backward request
> header" authentication, I was just wondering if there is 
> something within
> Apache that might be slowing down the authentication.
> 
> 
>  Has anyone else seen this issue before?
> Thanks
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org