Gary Poster wrote:, the problem is that the 4 way handshake has to happen *within a single connection*. Apparently MS abuses HTTP to perform this.

Hmmm, I'm not sure this is true. One project I work on has 10,000+ users a day authenticating via NTLM and I'm not convinced we maintain an http connection for the whole dance.

Where you will run into problems is if you have a high volume of users. The DCs can be slow to respond and so you end up with lots of app server threads tied up waiting for them. Since Zope has a limited number of threads, this is an issue. Someone on the project is currently building a mod_python thingy to do this auth and bounce back with a cookie that Zope then trusts since Apache can spawn off new threads at will...



Simplistix - Content Management, Zope & Python Consulting

Zope3-users mailing list

Reply via email to