Apache AuthenNTLM(keepalive) IE and Post

Apache AuthenNTLM(keepalive) IE and Post

Post by Joseph Harni » Sat, 15 Jun 2002 03:02:19


I have been searching all over for an answer to this issue.  

I am in the process of migrating our intranet site from Windows
NT(IIS) to a Linux (Apache) server.  When the site was created on
NT(IIS) using the built in NT Authentication.  My supervisors told me
that I could not change that part.  So I started digging into Apaches
modules and found mod_perl module call Apache::AuthenNTLM.  This works
great.  Just like the Authentication mechanism that is builtin to IIS.
 I got the entire site(Perl Scripts) working running it through Opera.
 Then I went to test on a Windows box with IE (which is what all the
end users are currently using) and the scripts started to have issues.

The issue I am having is the first "post" of a script will work but
any subsequent posts will fail.  Unless I wait for the KeepAlive
timeout to expire.  When I lower that number the authentication popup
window starts showing up repeadedly until the account gets locked.

I have been playing with a test script that looks like this:

#!/usr/bin/perl -wT

use strict;
use CGI;

my $q = new CGI;

print $q->header;
print <<EODUMP;


<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="0">

<form method=post action=test_post.pl>
        <input type=text name=foo><br>
        <input type=submit value=Submit>

#foreach ($q->params){
#       print "$_ $q->param('$_')";
        print $q->param('foo');
print "</body></html>";

Attempting to find a way around this.    

My Authentication part of my httpd.conf file looks like:
<Location />
                AuthName "Warning you are entering a development server!!  (and
being logged)"
                AuthType ntlm,Basic
                PerlAddVar ntdomain "MYDOMAIN MyPDC "

                PerlAuthenHandler Apache::AuthenNTLM
                require valid-user
                PerlSetVar defaultdomain MYDOMAIN
                #PerlSetVar ntlmdebug 1

I have been reading through many news groups looking for a solution
and it looks similar to an issue that was happening with mod_ssl.  But
the solution was a mod_ssl solution.

Thanks for any information you can give me.



1. Apache/M$IE: IE doesn't send Authorization headers every time?


From what I can understand, IE doesn't send Authorization
headers with every request, but only in the first request
in a particular connection ... Netscape, on the other
hand, appears to send them every time. What I don't understand
is how Apache does authorization, since in http_protocol.c,
conn->user is set to NULL at the start of every *request*,
not just every connection. So the user information is lost
on subsequent requests ...

Anyone know what's going on?



Original message content Copyright ? 1999 Richard Jones

2. Embedded static links in httpd after building binaries??

3. mod-perl and Apache-AuthenNTLM

4. Ph server help needed

5. Apache 1.3.4 with IE4 keepalive

6. Ne3 sc&c problems

7. KeepAlive in Apache 1.3.19 Proxy

8. Must-do for Linux Evangelists

9. Broken POST commands by IE

10. KeepAlive requests on Apache 1.3.6

11. Keepalive results in poorer performance with Apache?

12. is keepalive buggy ? apache 1.3.19/linux

13. problem with keepalive (client SSL vs. Apache+mod_ssl)