Robin Diederen wrote:
Hello all,
We're trying to get a combination of Apache (webserver), Tomcat and mod_jk to
work flawlessly with NTLM authentication.
We're using mod_jk to loadbalance two Tomcat / LifeRay installations. We're
using the latest versions of Apache 2.2, Tomcat 6 and mod_jk.
Our setup works fine on FireFox, but on IE this gives some troubles. When I
bypass mod_jk by connecting directly to a Tomcat node, it all works fine in IE
too. The problem appears on IE 6, 7 and 8.
The problem:
- I surf to http://portal
- IE recognizes the site as trusted / in the intranet zone
- I click the sign in link and get redirected to http://portal/c/portal/login;
IE now thinks I'm in the _internet_zone_ (thus NTLM auth doesn't work)
- From the Apache logs, I find that a 401 error occurred
My guess would be that IE detects the redirect and concludes the wrong zone.
Is there any way to configure this from the server side?
I don't think so. I must say that it does not seem to make sense. If IE
recognises http://portal as an intranet host the first time, it should
still do so the second time. So this behaviour, if true, looks like
an(other) IE bug.
But do yourself a favor : get an IE add-on like Fiddler2, that allows
you to examine really what is going on between the browser and the
server (HTTP headers etc..), and try again.
You may be missing something in the exchange.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
