Hi Tomcat Developpers! Few days ago I provided an NTLM Authenticator. My users reported that their POST requests are now without content. I traced and I can confirm that, when entering the NtlmAuthenticator.authenticate method, request.ContentLength() is -1 for GET transactions (and it works) but it is 0 for POST. At the very entrance of BasicAuthenticator.authenticate, request.ContentLength() is -1 for GET transactions (and it works) but the real length is there for POST.
So I can have 50 GET transactions without any problems : the NTLM authentication is done once with the first transaction. Then, if a POST comes, it will be 0 length. Any idea of what may be happening? As I did not found any real dependency on the word "BASIC" within Tomcat source, I am wondering if lower level Java Run Time could test explicitely the authentication method and "forget" to manage the ContentLength? It seems that some people have problem with FORM authentication. Could it be a similar problem? The patch file is accessible: http://www.destin.be/tomcat/NtlmAuthentication.patch The new authenticator class is accessible: http://www.destin.be/tomcat/NtlmAuthenticator.java Wishing you a very nice week, Christophe Dupriez Centre Antipoisons - Antigifcentrum C/o Hôpital Central de la Base Reine Astrid Rue Bruyn - 1120 Bruxelles - Belgique tel 32-(0)2.264.96.36 fax 32-(0)2.264.96.46
