william lai wrote:
*Hi speeves, i'm trying Apache::AuthenNTLM 2.07 modules with a NT PDC, mod_perl-1.19_12, Apache/2.0.51., After
Hi!
Just a note, the newest version of mod_perl is 1.99_17, and Apache 2.0.51 had a security hole that is fixed in 2.0.52. (Though I have been seeing a mention of a new vulnerability in 2.0.52 on bugtraq, though haven't seen it confirmed yet).
configuration, i browsers the page that protect by AuthenNTLM and it prompt me for password/user, however it always said the user/passwordis wrong.
is it true that NTLM don't need to enter password/user when user login in the domain?
**and i also set keepalive= on in httpd.conf. I have
searched for a week why it prompt me for password/user, but
stil can't solve.
*
If I am understanding this correctly, AuthenNTLM doesn't check for existing credentials from IE. It simply checks a local cache to see if the user already has a session, then throws a 401 Unauthorized if a cached session is not found.
thanks,
--
Shannon Eric Peevey
President - EriKin Corporation
[EMAIL PROTECTED]
(940) 391-6777
http://www.erikin.com
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
