Title: RE: NTLM module

Adam,

I am not sure if you have resolved this issue.  I have had the same issue with our system where post data would dissappear.  I ended up creating a Cookie add on module for Apache::AuthenNTLM that would write a cookie once authenticated and use that before re-authenticating them.  This allowed me to lower the keepalive timeout setting and has almost completely eliminated this loss of data.  I created it for a semi friendly environment so the security is somewhat lacking.  If you would like to take a look at it I can send you the code.  I have not tried the latest version of AuthenNTLM yet.  But it should still work.

Joseph Harnish



-----Original Message-----
From: Kaye-Smith Adam [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 02, 2002 9:48 PM
To: Gerald Richter
Cc: [EMAIL PROTECTED]
Subject: RE: NTLM module


Hello Gerald,


I believe I am on top of my issues with NTLM. Everything seems to work
fine when httpd is in single user mode as the 1 process has an
understanding of what has been authenticated before hand & whethor it
needs to re-authenticate subsequent requests from the same browser/user.
ie with the request for one page there may be many items that need to be
sent  by the server (images, html,etc).


When we go to several httpd process, it appears that the response to one
request from a browser which may be made up of many files that need to
be sent back, these requests can be handled by any of the http processes
(which is ok by itself ) but when this occurs, a password request(and
perhaps an SMB query) is made for each of the httpd process. The httpd
processes appear to operate independently of each other, unless the
browser sends all its requests down the 1 tcp channel.

I have started to add to the code to log authentications to disc, so
that each httpd process can also reference this disc file to verify if
it has authenticated a user beforehand from another process.

I hope I am going about this the right way..


My more immediate problem is that I am currently losing the contents of
posted variables in a request packet whenever I use the AuthenNTLM
module, but when I choose to use the standard mod_auth,  my posted
variables get through everytime. This problem occured with the
AuthenNTLM code without any alterations. This problem is also
intermittant. 4 out of 5 time the problem will occur. By inserting the
line at the top of handler sub ' $printme = $r -> content ' I can see
the posted variables get though to the perl module .


Any ideas


Thanks

Adam









************************************************************************
The information in this e-mail together with any attachments is
intended only for the person or entity to which it is addressed
and may contain confidential and/or privileged material.

Any form of review, disclosure, modification, distribution
and/or publication of this e-mail message is prohibited. 

If you have received this message in error, you are asked to
inform the sender as quickly as possible and delete this message
and any copies of this message from your computer and/or your
computer system network. 
************************************************************************

Reply via email to