Does every http request have to be authorized? Shouldn't it cache?

[bernnhugh]

Hi, I've implemented the module and everything works great. Thanks for making it! However, I notice that every single request my browser makes causes nginx to ask my domain controller for authorization. I have a website that makes a lot of XMLHttpRequest and every request is sent to the samba-ad-dc machine for validation. Shouldn't nginx cache the authentication somehow? It is making my site very slow.

My nginx.conf looks like ithis:

worker_processes  1;

events {
      worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       80;
        server_name  localhost;

        location / {
            auth_gss on;
            auth_gss_keytab /usr/local/nginx/conf/httpd.keytab;
            auth_gss_delegate_credentials on;
            proxy_pass http://10.5.8.2:80;
        }
}

Thank you

[stnoonan]

Generally, you'd do this in your web application and bypass the spnego endpoint for future requests.