Hello, I've been working on adding NTLM authentication to a mongrel web server. I'm fairly far along, and have the scheme basically working, but I noticed an odd behavior from firefox.
I get a connection from firefox, and do the NTLM protocol dance until things are authenticated. Then firefox connects with a second socket (which is new, and thus not authenticated), so I return a 401 along with WWW-Authenticate set. firefox then issues the request again, this time on the first socket. Since the first connection was already authenticated, I can short-circuit the process and serve up the resource. This ping-pong continues with each additional resource: first a request on the unauthenticated socket, which I have to reject, then a follow up on the first socket which is accepted. firefox never follows through with the authentication on the second socket. Ultimately, everything works, it's just silly and slow. Is this expected behavior? Is there anything I can do to counter it? I'm willing to believe that there's something I doing wrong since I had to hack mongrel to handle keep-alive connections and I'll admit I'm pretty much a newbie at this. Thanks, Eric Wallace _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
