On fre, 2007-08-24 at 21:23 -0300, Diego Woitasen wrote: > ok, is protocol specific, but I read the protocol and I can't > undertand why. The Client and the Server need to see themselves? Or Is > a conexion multiplexation problem in the proxy? HTTP is message oriented, based on self-contained messages being passed over unspecified transports, with transports being hop-by-hop (i.e. browser<->proxy and proxy<->server is independent transports). NTLM is connection oriented, based on connection state. Only masqueraded to look like an HTTP authentication scheme, not at all acting as one. Thus proxying of NTLM requires the proxy to 1. Detect that the NTLM scheme is being used. 2. Then make a strict association between client connection and server connection 3. and also remember that requests seen on this client connection is using authentication even if the messages themselves do not contain any authentication related information at all. Which is quite different from how an HTTP proxy normally operates. Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part