On Fri, 19 Aug 2005, Tay Teck Wee wrote:
2.4 does not know about the HTTP breakage introduced by Microsoft in
their NTLM & Negotiate authentication schemes, and will happily forward
the messages as seen resulting in total caos after a while (including
major security issues on the server).
What kind of chaos can we expect?
Users getting other users data, random authentication popups,
communication failures etc.
Also newer versions of MSIE and IIS also knows this and will
automatically disable the use of NTLM and Negotiate when a proxy is
detected.
How does one auth then?
By using one of the standard HTTP authentication mechanisms (Basic or
Digest).
Regards
Henrik
