Gary Poster wrote:
http://www.innovation.ch/personal/ronald/ntlm.html), the problem is that
the 4 way handshake has to happen *within a single connection*.
Apparently MS abuses HTTP to perform this.
Hmmm, I'm not sure this is true. One project I work on has 10,000+ users
a day authenticating via NTLM and I'm not convinced we maintain an http
connection for the whole dance.
Where you will run into problems is if you have a high volume of users.
The DCs can be slow to respond and so you end up with lots of app server
threads tied up waiting for them. Since Zope has a limited number of
threads, this is an issue. Someone on the project is currently building
a mod_python thingy to do this auth and bounce back with a cookie that
Zope then trusts since Apache can spawn off new threads at will...
Simplistix - Content Management, Zope & Python Consulting
Zope3-users mailing list