I believe there is code to look for Authorization headers. Does that prevent origin sharing ? If so, is there an easy way to know that a session has been NTLM authenticated ? Alternatively, would it make sense to add a new plugin API which would allow a READ_RESPONSE hook to signal that a session can not be shared and/or returned to a session pool ?
> On Mar 13, 2014, at 3:47 PM, "Bryan Call (JIRA)" <[email protected]> wrote: > > > [ > https://issues.apache.org/jira/browse/TS-2626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13934146#comment-13934146 > ] > > Bryan Call commented on TS-2626: > -------------------------------- > > Sure > >> Problem with TS-312 - Always share Keep Alive + NTLM Authorization >> ------------------------------------------------------------------ >> >> Key: TS-2626 >> URL: https://issues.apache.org/jira/browse/TS-2626 >> Project: Traffic Server >> Issue Type: Bug >> Components: HTTP >> Reporter: Tommy Lee >> Assignee: Bryan Call >> Fix For: 5.0.0 >> >> Attachments: tcpdump.txt >> >> >> We are noted that ATS-5.0.0 from GIT master couldn't authenticate with some >> websites that uses Authorization Header. >> We always get 401 ( Unauthorized ) response. >> I'm attaching two debug files. One with ATS-3.2.2 that's working and one >> with ATS-5.0.0 that's broken. >> Almost the same records.config for both tests. >> I'm looking for changes in source code too. I'll update the issue if I find >> an answer. >> To devs: Could the question mark after the "exchange" can cause that ? This >> is the only modification between these two versions. >> ATS-3.2.2 GET - GET http://webmail.candidomendes.edu.br/exchange? >> ATS-5.0.0 GET - GET http://webmail.candidomendes.edu.br/exchange >> Thanks. > > > > -- > This message was sent by Atlassian JIRA > (v6.2#6252)
