On Apr 3, 2014, at 11:08 AM, Brendan Webb <[email protected]> wrote: > After upgrading from ATS 3.0.4 to 4.2.0, it appears that Authorization > headers are being stripped by ATS (or, at least, they aren't reaching the > origin servers). > > I've dug through the documentation and mailing list archives, but can't seem > to find anything conclusive. Anyone have insight on what may have changed? > > In case it matters, I'm using NTLM Authentication on the origin servers.
This sounds like it might be related to origin server session sharing. I have a vague recollection of something on the list about this with NTLM auth, but I could not find it in my archives. IIRC, NTLM auth requires that server sessions are not shared. J
