Hello, On Thu, Dec 16, 2010 at 7:04 PM, Arno Garrels <arno.garr...@gmx.de> wrote:
> Fastream Technologies wrote: > > Hello, > > > > On Thu, Dec 16, 2010 at 5:00 PM, Arno Garrels <arno.garr...@gmx.de> > > wrote: > > > >> Fastream Technologies wrote: > >>> So since we are talking about the web server, the NTLMDomain > >>> property should be of THttpConnection, NOT the THttpServer. In the > >>> OnGet/Head/PostDocument it should be set by the app coder or if it > >>> is not set then it will be null hence work as it is now. > >> > >>> I was talking about the web server but the client also needs some > >>> mechanism to indicate the NTLM domain so that it can send request to > >>> the web server in case of NTLM on the web server. But wait a minute, > >>> when there is reverse proxy sitting in front, web servers cannot > >>> authenticate with NTLM, can they? > >> > >> Important to know for readers was how exactly the NTLM authentication > >> is handled by your proxy _currently_ and in what way you want to > >> change that design, nobody nows that so far. > >> Adding a string property is a matter of two lines of code, even a BCB > >> developer should be able to do that in Delphi. > >> > >> > > You are right. When IQP receives the request, in the ProcessRequest() > > it scans the defined URL Rules set by the end user from top to bottom > > for a match to decide which target web server to route/redirect to. A > > URL Rule list could be like, > > > > 1. ssl://www.fastream.com/owa > > 2. http://www.fastream.com/path/file.htm ("URL Rule is file" flag set) > > 3. *://www.iqproxyserver.com [2] > > 4. *://www.iqproxyserver.com > > 5. *://* > > > > The last one must be *://* as a catch-all. We enabled 3. and 4. in > > the same list in from v4.5 on to let users route to different target > > server IP/port/path with respect to client location (country). See > > http://www.iqproxyserver.com (home page, bottom) for a screenshot > > example of this. > > > > Now, I want each URL Rule to be able to have one NTLM domain to > > authenticate against. > > For what reason? What does currently not work? > Give us an example please. > > Personally I never needed such feature but customers who use reverse proxy as SSL VPN they say they need it. Regards, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
