[Zope3-Users] Re: NTLM credential plugin
Chris Withers
chris at simplistix.co.uk
Thu Sep 14 03:00:24 EDT 2006
Gary Poster wrote:
> http://www.innovation.ch/personal/ronald/ntlm.html), the problem is that
> the 4 way handshake has to happen *within a single connection*.
> Apparently MS abuses HTTP to perform this.
Hmmm, I'm not sure this is true. One project I work on has 10,000+ users
a day authenticating via NTLM and I'm not convinced we maintain an http
connection for the whole dance.
Where you will run into problems is if you have a high volume of users.
The DCs can be slow to respond and so you end up with lots of app server
threads tied up waiting for them. Since Zope has a limited number of
threads, this is an issue. Someone on the project is currently building
a mod_python thingy to do this auth and bounce back with a cookie that
Zope then trusts since Apache can spawn off new threads at will...
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the Zope3-users
mailing list