Re: Persistent proxied connections with Apache 2.4.x?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





From: o haya <ohaya@xxxxxxxxx.INVALID>
To: "users@xxxxxxxxxxxxxxxx" <users@xxxxxxxxxxxxxxxx>; o haya <ohaya@xxxxxxxxx>
Sent: Friday, October 23, 2015 8:03 PM
Subject: Re: Persistent proxied connections with Apache 2.4.x?





From: o haya <ohaya@xxxxxxxxx.INVALID>
To: "users@xxxxxxxxxxxxxxxx" <users@xxxxxxxxxxxxxxxx>
Cc: O. Haya <ohaya@xxxxxxxxx>
Sent: Friday, October 23, 2015 5:02 PM
Subject: Re: Persistent proxied connections with Apache 2.4.x?





From: Eric Covener <covener@xxxxxxxxx>
To: users@xxxxxxxxxxxxxxxx; o haya <ohaya@xxxxxxxxx>
Sent: Friday, October 23, 2015 8:14 AM
Subject: Re: Persistent proxied connections with Apache 2.4.x?

On Thu, Oct 22, 2015 at 12:28 PM, o haya <ohaya@xxxxxxxxx.invalid> wrote:



> So I am wondering if there is a way to do this (make all the backend
> connections persistent with the "Connection: keepalive")?



There's a patch in thread "mod_proxy's aside connections proposal"

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



Hi Eric,

Thanks for that reference!

Googling that, and looking at Yann's thread about his patch, and also the bug report that preceded that patch, am I understanding things correctly, that the problem with NTLM is that all the requests involved in "an" NTLM authentication have to go down the same persistent connection (from Apache to the target (e.g., SharePoint) machine?


The thing is that I thought that I've been able to get NTLM working, proxying through Apache, using "ProxySet keepalive=On" in a <Proxy> section, e.g.:

ProxySet keepalive=On
SetEnv proxy-initial-not-pooled
</Proxy>

So does the "same persistent connection" requirement mean that if I was doing a bunch of simultaneous NTLM logins through the Apache (e.g., to http://sharepoint) that some of the login attempts would kind of randomly not work (because requests not going down same connection to the SharePoint)?

Thanks,
Jim



Hi,

I've been told that, because we use that "SetEnv proxy-initial-not-pooled", that that prevents the problem that I mentioned above.  However, the only explanations of what that parameter does seem to be unrelated to this situation (they mostly refer to 502 errors?), so I don't quite understand "why?" having that setting solves the (potential) problem that I'm asking about with proxying NTLM?  

Can someone here explain that?

Thanks,
Jim




Hi,

No one has responded to the above yet, but maybe to be clearer, what I am curious about at this point is:

- With respect to proxying NTLM authentication, does the "aside connections" functionality that was mentioned earlier accomplish the same thing as using the "Proxy keepalive=On and SetEnv proxy-initial-not-pooled"?

- If not, what are the differences?

Thanks,
Jim

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux