[
https://issues.apache.org/jira/browse/TS-3866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14730016#comment-14730016
]
Aaron McClimont commented on TS-3866:
-------------------------------------
Lief,
I have tested against the 5.3.0 and 5.3.1 LTS release builds provided via the
trafficserver website in .tar.bz2 format. I will work on testing against the
6.0.x branch and provide feedback.
The source server we are using is IIS 7.5 on MS Server 2008 R2 if this helps.
The application being accessed doesn't appear relevant, as all that require
NTLM authentication are affected. The application's Authentication typically
has Anonymous Authentication disabled, and Windows Authentication enabled with
the providers Negotiate and NTLM. Given this, a simple site in IIS configured
with Windows Authentication containing a single index page should be sufficient
to test the scenario. I will double check this when testing against the 6.0.x
branch.
As for bisecting the code, I am not familiar enough with the language to
effectively manage this.
Regards,
Aaron.
> Browser always prompts for authentication (NTLM) - Regression?
> --------------------------------------------------------------
>
> Key: TS-3866
> URL: https://issues.apache.org/jira/browse/TS-3866
> Project: Traffic Server
> Issue Type: Bug
> Affects Versions: 5.3.0, 5.3.1
> Environment: RHEL 6.5 64-bit
> Reporter: Aaron McClimont
> Fix For: 6.1.0
>
>
> NTLM authentication through Apache TrafficServer version 5.3.1 appears to be
> broken, with the authentication prompt being displayed repeatedly.
> Version 4.1.2 (using the same configuration files) works successfully.
> Notes:
> * HTTPS does not resolve the issue in version 5.3.1 like it does with version
> 4.1.2
> * proxy.config.http.share_server_sessions is set to 0 (default: 2)
> * proxy.config.http.auth_server_session_private is set to 1
> This issue appears to be related to TS-1491 identified in the 3.2 releases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
