svn commit: lorikeet r479 - in trunk/mod_ntlm_winbind: .
abartlet at samba.org
abartlet at samba.org
Mon Oct 3 23:33:38 GMT 2005
Author: abartlet
Date: 2005-10-03 23:33:37 +0000 (Mon, 03 Oct 2005)
New Revision: 479
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=479
Log:
Working with Todd Garrison <frameloss at gmail.com> it appears that IE6
will do a new NTLM authentication request for a POST. This seems to
be to avoid sending the POST data twice, as it sets a content-length
of 0.
It should only need to do this at the start of a TCP connection, but
if the client wants to re-authenticate we should allow it to.
Andrew Bartlett
Modified:
trunk/mod_ntlm_winbind/mod_ntlm_winbind.c
Changeset:
Modified: trunk/mod_ntlm_winbind/mod_ntlm_winbind.c
===================================================================
--- trunk/mod_ntlm_winbind/mod_ntlm_winbind.c 2005-09-29 03:00:15 UTC (rev 478)
+++ trunk/mod_ntlm_winbind/mod_ntlm_winbind.c 2005-10-03 23:33:37 UTC (rev 479)
@@ -701,10 +701,15 @@
/* Trust the authentication on an existing connection */
if (connected_user_authenticated && connected_user_authenticated->user) {
- /* silently accept login with same credentials */
- r->connection->user = connected_user_authenticated->user;
- r->connection->ap_auth_type = connected_user_authenticated->auth_type;
- return OK;
+ if (!auth_line) {
+ /* silently accept login with same credentials */
+ r->connection->user = connected_user_authenticated->user;
+ r->connection->ap_auth_type = connected_user_authenticated->auth_type;
+ return OK;
+ } else {
+ /* client wishes to re-authenticate this TCP socket */
+ ap_destroy_pool(connected_user_authenticated->pool);
+ }
}
/* No authentication line given. Return a 401 and a WWW-Authenticate
More information about the samba-cvs
mailing list