Andrew Green wrote:
According to this Microsoft Knowledge Base Article, http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q198/1/16.ASP&NoWebContent=1 :Hi,
I've got a problem trying to set up Apache::AuthenNTLM to secure the administration area for our (mod_perl-based) CMS.
The server setup is as follows:
* A lightweight port-80 instance of Apache, which deals with
all requests for static content, and proxies everything else
over to...
* A mod_perl-centric, port-8080 instance of Apache, which
deals with all the dynamic, mod_perl-generated content
I've setup the authentication on the administration area in the httpd.conf file for the backend, port-8080 server to use AuthenNTLM. When I access a test script directly on the port:8080 server, the authentication works a dream. This seems to confirm, to me, that the settings are basically correct.
However, when I try to access the authenticated area through the frontend, port-80 server, the authentication doesn't work. The client gets a variation on the "little grey box" of Basic Authentication, this time with a "domain" field added. Entering details into the box only brings the box back, however.
<snip>
When a proxy server is inserted into the system, between the Web browser and the Web publishing server, NTLM authentication between the client browser and the WEB publishing server will no longer work. In fact any authentication method relying on implicit end-to-end state (such as NTLM) will cease working.
The HTTP 1.1 specification states that all state is hop-by-hop only. End- to-end state can be achieved using a cookie or some other token distinct from HTTP. The most obvious symptom of this failing is client browsers receiving a message about authentication failure, such as "Access Denied."
<snip>
Therefore, you will be limited to using Basic Authentication with AuthenNTLM :(
--
Shannon Eric Peevey President - EriKin Corporation [EMAIL PROTECTED] (940) 391-6777 http://www.erikin.com <https://support.erikin.com/horde/services/go.php?url=http%3A%2F%2Fwww.erikin.com>
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
