Hello, On Thu, Dec 16, 2010 at 5:00 PM, Arno Garrels <arno.garr...@gmx.de> wrote:
> Fastream Technologies wrote: > > So since we are talking about the web server, the NTLMDomain property > > should be of THttpConnection, NOT the THttpServer. In the > > OnGet/Head/PostDocument it should be set by the app coder or if it is > > not set then it will be null hence work as it is now. > > > I was talking about the web server but the client also needs some > > mechanism to indicate the NTLM domain so that it can send request to > > the web server in case of NTLM on the web server. But wait a minute, > > when there is reverse proxy sitting in front, web servers cannot > > authenticate with NTLM, can they? > > Important to know for readers was how exactly the NTLM authentication > is handled by your proxy _currently_ and in what way you want to change > that design, nobody nows that so far. > Adding a string property is a matter of two lines of code, even a BCB > developer should be able to do that in Delphi. > > You are right. When IQP receives the request, in the ProcessRequest() it scans the defined URL Rules set by the end user from top to bottom for a match to decide which target web server to route/redirect to. A URL Rule list could be like, 1. ssl://www.fastream.com/owa 2. http://www.fastream.com/path/file.htm ("URL Rule is file" flag set) 3. *://www.iqproxyserver.com [2] 4. *://www.iqproxyserver.com 5. *://* The last one must be *://* as a catch-all. We enabled 3. and 4. in the same list in from v4.5 on to let users route to different target server IP/port/path with respect to client location (country). See http://www.iqproxyserver.com (home page, bottom) for a screenshot example of this. Now, I want each URL Rule to be able to have one NTLM domain to authenticate against. I hope it is clearer now. Best Regards, SubZero -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be