I believe there is code to look for Authorization headers. Does that prevent
origin sharing ? If so, is there an easy way to know that a session has been
NTLM authenticated ? Alternatively, would it make sense to add a new plugin API
which would allow a READ_RESPONSE hook to signal that a session can not be
shared and/or returned to a session pool ?
On Mar 13, 2014, at 3:47 PM, Bryan Call (JIRA) j...@apache.org wrote:
[
https://issues.apache.org/jira/browse/TS-2626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13934146#comment-13934146
]
Bryan Call commented on TS-2626:
Sure
Problem with TS-312 - Always share Keep Alive + NTLM Authorization
--
Key: TS-2626
URL: https://issues.apache.org/jira/browse/TS-2626
Project: Traffic Server
Issue Type: Bug
Components: HTTP
Reporter: Tommy Lee
Assignee: Bryan Call
Fix For: 5.0.0
Attachments: tcpdump.txt
We are noted that ATS-5.0.0 from GIT master couldn't authenticate with some
websites that uses Authorization Header.
We always get 401 ( Unauthorized ) response.
I'm attaching two debug files. One with ATS-3.2.2 that's working and one
with ATS-5.0.0 that's broken.
Almost the same records.config for both tests.
I'm looking for changes in source code too. I'll update the issue if I find
an answer.
To devs: Could the question mark after the exchange can cause that ? This
is the only modification between these two versions.
ATS-3.2.2 GET - GET http://webmail.candidomendes.edu.br/exchange?
ATS-5.0.0 GET - GET http://webmail.candidomendes.edu.br/exchange
Thanks.
--
This message was sent by Atlassian JIRA
(v6.2#6252)