Hi Brett,
I have a similar problem. We are running Apache 1.3, mod_perl and AuthenNTLM.
I don't use AuthCookieNTLM, but I have written a simple module (based on
SessionManager) to manage cookie.
Stefano
On Wed, 2 Jun 2004 15:19:19 +1200
Brett Beaumont wrote:
> All,
>
> We are testing AuthCookieNTLM to secure our Intranet. We are running Apache
> 1.3, mod_perl, and AuthCookieNTLM. Our requests are also rewritten using
> mod_rewrite. If we hit the server quickly enough, and with enough requests,
> the browsers start to hang. This problem only occurs in our UAT environment,
> while the module works really well in dev.
>
> Some of our users are logged into a different domain and do get prompted for
> their credentials on the domain we authenticate against. However, if enough of
> these users attempt to log in to the intranet at once, the browsers start to
> hang during the authentication process. Once one browser is hung, I can point
> a new browser window at our intranet and the first browser window kicks back
> into life, and the new browser window hangs.
>
> It seems like the lock is getting stuck somewhere. Once the authentication is
> complete, and the authentication cookie issued, the user can continue to
> browse the intranet successfully.
>
> Has anybody else experienced a similar problem with this module?
>
> Many thanks,
>
> Brett Beaumont
>
>
> Relevant KeepAlive and server settings:
>
> ServerType standalone
> Timeout 300
> #
> # Keepalives must be on for NTLM auth
> # Unlimited number of keep alive requests, 5 minute timeout
> KeepAlive On
> MaxKeepAliveRequests 0
> KeepAliveTimeout 5
> #
> StartServers 20
> MinSpareServers 10
> MaxSpareServers 40
> MaxClients 255
> MaxRequestsPerChild 1000
>
>
> #----------------------------------------
> # /intranet is NTLM Authenticated
> # Unauthenticated access is allowed from
> # localhost and 1 remote IP Address
> #----------------------------------------
> <Location /intranet>
> PerlAuthenHandler Apache::AuthCookieNTLM
> AuthType ntlm,basic
> AuthName DOMAIN
>
> PerlAddVar ntdomain "DOMAIN DC1"
>
> PerlSetVar ntlmauthoritative on
> PerlSetVar basicauthoritative on
>
> PerlSetVar defaultdomain DOMAIN
> PerlSetVar fallbackdomain DOMAIN
> PerlSetVar splitdomainprefix 1
> PerlSetVar ntlmdebug 1
> Require valid-user
>
> RewriteEngine On
> RewriteRule ^/.*/$ /target%{REQUEST_URI} [P]
> RewriteRule ^/.*$ /target%{REQUEST_URI} [P]
>
> order Allow,Deny
> allow from 127.0.0.1
> Satisfy any
> </Location>
>
> Important: This electronic mail message and attachments (if any) are
> confidential and may be legally privileged. If you are not the intended
> recipient please contact us immediately and destroy this message. You may not
> legally copy, disclose, disseminate or use the contents in any way. Thank
> you.
>
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
