[Mono-bugs] [Bug 536725] New: NTLM Authentication fails when KeepAlive is set to false
bugzilla_noreply at novell.com
bugzilla_noreply at novell.com
Thu Sep 3 19:51:03 EDT 2009
http://bugzilla.novell.com/show_bug.cgi?id=536725
Summary: NTLM Authentication fails when KeepAlive is set to
false
Classification: Mono
Product: Mono: Class Libraries
Version: SVN
Platform: x86-64
OS/Version: Ubuntu
Status: NEW
Severity: Normal
Priority: P5 - None
Component: CORLIB
AssignedTo: mono-bugs at lists.ximian.com
ReportedBy: greg.smolyn at strangeloopnetworks.com
QAContact: mono-bugs at lists.ximian.com
Found By: ---
Created an attachment (id=316737)
--> (http://bugzilla.novell.com/attachment.cgi?id=316737)
Test case to demonstrate NTLM + KeepAlive=false failure
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6; en-us)
AppleWebKit/531.9 (KHTML, like Gecko) Version/4.0.3 Safari/531.9
When you attempt to make an NTLM connection with the request.KeepAlive=false,
you end up with a 401 Unauthorized response, instead of a 200 OK.
NTLM ends up with 3 request/responses (the last 2 of which are the
authentication handshake).
Internally it looks like the KeepAlive is killing the second request/response
of the NTLM handshake, and since NTLM is connection-based, the 3rd request is
_not_ authenticated any longer.
This works fine in MS.NET, I assume they're actually only sending the
Connection:close header on the 1st and 3rd requests, but not the 2nd.
(Note: tested in r140267)
Reproducible: Always
Steps to Reproduce:
1. Set up an NTLM authenticated website
2. Set the username/password in the supplied solution (in Program.cs)
3. Run solution.
Actual Results:
The response you get for the request is a 401.
Expected Results:
You get a 200 OK.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the mono-bugs
mailing list