9 messages in org.apache.httpd.bugsDO NOT REPLY [Bug 47167] Authenticate...| From | Sent On | Attachments |
|---|---|---|
| bugz...@apache.org | May 7, 2009 9:55 pm | |
| bugz...@apache.org | May 7, 2009 10:11 pm | |
| bugz...@apache.org | May 7, 2009 11:32 pm | |
| bugz...@apache.org | May 8, 2009 1:29 am | |
| bugz...@apache.org | May 8, 2009 2:12 am | |
| bugz...@apache.org | May 10, 2009 10:01 pm | |
| bugz...@apache.org | Sep 26, 2009 10:00 am | |
| bugz...@apache.org | Sep 26, 2009 10:00 am | |
| bugz...@apache.org | Sep 26, 2009 10:00 am |
| Subject: | DO NOT REPLY [Bug 47167] Authenticated sessions being switched by reverse proxy | |
|---|---|---|
| From: | bugz...@apache.org (bugz...@apache.org) | |
| Date: | May 10, 2009 10:01:12 pm | |
| List: | org.apache.httpd.bugs | |
https://issues.apache.org/bugzilla/show_bug.cgi?id=47167
--- Comment #5 from Duncan Fletcher <dunc...@dsto.defence.gov.au>
2009-05-10 22:01:30 PST ---
Okay, we just ran another test, this time using "AuthType Basic" instead of
"AuthType SSPI" and mod_auth_sspi (we are using v1.0.4 from
http://sourceforge.net/projects/mod-auth-sspi). The problem went away under
Apache 2.2.11.
So it looks like Ruediger is correct and that the problem is in an assumption
that mod_auth_sspi is (incorrectly) making about keep-alives being synonymous
with sessions.
We've been using pre-compiled binaries so although we can break out the compiler to try Nick's suggestion, it'll take time. i.e. I'd like confirmation that it will (likely) add valuable information before we chase that rabbit.
In the meantime, we'll look into using mod_authnz_ldap for Windows AD authentication as an alternative to mod_auth_sspi and also track down a copy of the latter's source code to see if its feasible to fix that.
-- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.