[TS-1491] Browser always prompts for authentication (NTLM) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.2.4
Component/s: Core
Labels:
None

Description

When the client surf through the ATS to a site of SharedPoint, the user get NTLM prompt message again and again.
This is because of the reuse option that is turned on by default (u can turn it off with the proxy.config.http.share_server_sessions option).
My attached patch turns on the private_session flag when the ATS gets auth connection, and then it will not use the reuse option for this connection.

For further reading on this global bug in proxies:

http://blogs.msdn.com/b/asiatech/archive/2012/03/28/ie-always-prompts-for-authentication-when-browsing-through-proxy-server.aspx

Microsoft recommend at (http://technet.microsoft.com/en-us/library/cc995189.aspx):

“we recommend that you use SSL encryption for the traffic between Forefront TMG and the client. NTLM authentication is per connection, and encryption prevents improper reuse of connections by legacy proxy devices on the Internet.”

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

private.diff
07/Nov/12 11:16
3 kB
Yakov Kopel

Activity

People

Assignee:: Leif Hedstrom

Reporter:: Yakov Kopel

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 23/Sep/12 06:58

Updated:: 05/Jun/13 22:42

Resolved:: 20/Nov/12 16:10

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified