When it is not your application, when it is not the HTTP server, it is the BROWSER!!!
The following explains what the IE optimization I was not aware of: http://lists.samba.org/archive/jcifs/2006-September/006554.html http://dreamweaverforum.info/flex/118349-ntlm-filereference.html The following explains two different solutions: http://lists.samba.org/archive/jcifs/2004-December/004459.html (Solution 2 but in our case no need for a filter: the proposed logic will perfectly fit in the NTLM Authenticator) I will program and test them next week. Patches will be republished after few weeks of testing: current one support "GET" correctly and "POST" if the Registry of each user is modified (HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Internet Settings/DisableNTLMPreAuth to be set to 1). Wishing you a very nice day, Christophe Dupriez Centre Antipoisons-Antigifcentrum C/o Hôpital Central de la Base Reine Astrid Rue Bruyn 1120 Bruxelles Belgique tel 32-(0)2.264.96.36 fax 32-(0)2.264.96.46 ----- Original Message ----- From: Christophe Dupriez [mailto:[EMAIL PROTECTED] To: dev@tomcat.apache.org [mailto:[EMAIL PROTECTED] Subject: Tomcat 6.0.18, POST request.ContentLength() is 0 when entering the Authenticator > Hi Tomcat Developpers! > > Few days ago I provided an NTLM Authenticator. My users reported that their > POST requests are now without content. > I traced and I can confirm that, when entering the > NtlmAuthenticator.authenticate method, request.ContentLength() is -1 for GET > transactions (and it works) but it is 0 for POST. > At the very entrance of BasicAuthenticator.authenticate, > request.ContentLength() is -1 for GET transactions (and it works) but the > real length is there for POST. > > So I can have 50 GET transactions without any problems : the NTLM > authentication is done once with the first transaction. Then, if a POST > comes, it will be 0 length. > > Any idea of what may be happening? As I did not found any real dependency on > the word "BASIC" within Tomcat source, I am wondering if lower level Java > Run Time could test explicitely the authentication method and "forget" to > manage the ContentLength? It seems that some people have problem with FORM > authentication. Could it be a similar problem? > > The patch file is accessible: > http://www.destin.be/tomcat/NtlmAuthentication.patch > > The new authenticator class is accessible: > http://www.destin.be/tomcat/NtlmAuthenticator.java > > Wishing you a very nice week, > > Christophe Dupriez > Centre Antipoisons - Antigifcentrum > C/o Hôpital Central de la Base Reine Astrid > Rue Bruyn - 1120 Bruxelles - Belgique > tel 32-(0)2.264.96.36 fax 32-(0)2.264.96.46 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
