search

Legrandin / PyAuthenNTLM2

PyAuthenNTLM2 is an authentication module for Apache. It validates a user by means of the NTLM protocol and a separate Domain Controller (or Active Directory server).
Other
57 stars 42 forks source link

"Unexpected NTLM message Type 3 in new connection" for POST requests after several seconds #12

Open Woodham opened 11 years ago

Woodham commented 11 years ago

I get the a "Unexpected NTLM message Type 3 in new connection" error when executing a POST request after an indeterminate amount of time on the same page.

The browser then requests a username and password, which doesn't work. (It just keeps requesting a username and password, and clicking cancel gives an unauthorized response).

This happens in Chrome, IE and Firefox.

GET requests all seem to work fine, however long you remain on the page before navigating to another one.

Example from logs:

[Thu Nov 08 10:11:42 2012] [info] [client 10.2.2.58] PYNTLM: Handling connection 0x4 from address 10.2.2.58 for POST URI /admin/general. 0 entries in connection cache., referer: http://iqa/admin/general [Thu Nov 08 10:11:42 2012] [info] [client 10.2.2.58] PYTNLM: Spurious authentication request on connection 0x4. Method = POST. Content-Length = 0. Headers = {OMITTED} [Thu Nov 08 10:11:42 2012] [info] [client 10.2.2.58] Unexpected NTLM message Type 3 in new connection from address 10.2.2.58 and URI /admin/general, referer: http://iqa/admin/general

nueces commented 11 years ago

I'm having the same problem with POST request, there is a workaround or something in where I can help? traceback, logs, etc?

ghost commented 11 years ago

Same problem here. Did either one of you manage to solve it?

aliloubm commented 11 years ago

Same problem .... :/

aliloubm commented 11 years ago

line 405 of pyntlm.py change 

        if req.method!='POST' or req.clength>0:
            return apache.OK

to return apache.OK #if req.method!='POST' or req.clength>0:

I don't think it's a good idea but It works, just like that!

JosefJezek commented 11 years ago

I have same problem for post with absolute path.

ex. <form action="https://intranet/groups/create/step/group-details/" method="post">
Relative path is ok: 
<form action="/" method="post">
mburtscher commented 10 years ago

Same problem here, hack by @aliloubm "solves" the problem ...

akovacs123 commented 8 years ago

It solved my problem, thanks for the hint. However, this is really out of my comfort zone, someone should make a correct solution and feed it back to the repository. :(

peternewman commented 7 years ago

I used to see a similar issue with POSTs on mod_ntlm, it's down to how IE handles them, see for example: http://pinetik.blogspot.co.uk/2014/12/ie-post-empty-with-ntlm.html https://www.sencha.com/forum/showthread.php?16086-NTLM-authentication-affects-IE-s-posting-capability http://www.websina.com/bugzero/kb/browser-ie.html