Dear Wiki user, You have subscribed to a wiki page or wiki category on "Jakarta-httpclient Wiki" for change notification.
The following page has been changed by RolandWeber: http://wiki.apache.org/jakarta-httpclient/ConnectionManagementDesign The comment on the change is: added a few words about NTLM authentication ------------------------------------------------------------------------------ tunnelled via proxy:: The connection is tunnelled via a proxy to a target, typically for communication with TLS/SSL. It can be re-used for exactly this route. Reusability can also be affected by the authentication state of a connection. - If TLS/SSL with client authentication is used, a connection identifies the user to the server. + If TLS/SSL with client authentication is used, a connection identifies the user to the target. - [[BR]] - ''NTLM authentication is connection based too, in some way at least. Details?'' + With NTLM authentication, the connection identifies the user to the proxy or target. + Re-use of an authenticated connection for requests from a different user is a security breach. + While TLS/SSL client authentication is out of scope for !HttpComponents, NTLM authentication is not and needs to be considered. + == Implementations == --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
