On Thu, Dec 16, 2010 at 5:00 PM, Arno Garrels <arno.garr...@gmx.de> wrote:

> Fastream Technologies wrote:
> > So since we are talking about the web server, the NTLMDomain property
> > should be of THttpConnection, NOT the THttpServer. In the
> > OnGet/Head/PostDocument it should be set by the app coder or if it is
> > not set then it will be null hence work as it is now.
> > I was talking about the web server but the client also needs some
> > mechanism to indicate the NTLM domain so that it can send request to
> > the web server in case of NTLM on the web server. But wait a minute,
> > when there is reverse proxy sitting in front, web servers cannot
> > authenticate with NTLM, can they?
> Important to know for readers was how exactly the NTLM authentication
> is handled by your proxy _currently_ and in what way you want to change
> that design, nobody nows that so far.
> Adding a string property is a matter of two lines of code, even a BCB
> developer should be able to do that in Delphi.
You are right. When IQP receives the request, in the ProcessRequest() it
scans the defined URL Rules set by the end user from top to bottom for a
match to decide which target web server to route/redirect to. A URL Rule
list could be like,

1. ssl://www.fastream.com/owa
2. http://www.fastream.com/path/file.htm ("URL Rule is file" flag set)
3. *://www.iqproxyserver.com [2]
4. *://www.iqproxyserver.com
5. *://*

The last one must be *://* as a catch-all. We enabled 3. and 4. in the same
list in from v4.5 on to let users route to different target server
IP/port/path with respect to client location (country). See
http://www.iqproxyserver.com (home page, bottom) for a screenshot example of

Now, I want each URL Rule to be able to have one NTLM domain to authenticate

I hope it is clearer now.

Best Regards,

To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to