I believe there is code to look for Authorization headers. Does that prevent
origin sharing ? If so, is there an easy way to know that a session has been
NTLM authenticated ? Alternatively, would it make sense to add a new plugin API
which would allow a READ_RESPONSE hook to signal that a
[
https://issues.apache.org/jira/browse/TS-2626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13934146#comment-13934146
]
Bryan Call commented on TS-2626:
Sure
Problem with TS-312 - Always share Keep Alive + NTLM