W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: Mixed http2/1.1 Authentication

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sun, 13 Mar 2016 15:59:42 +1300
To: ietf-http-wg@w3.org
Message-ID: <56E4D79E.6070603@treenet.co.nz>
On 13/03/2016 10:50 a.m., Daniel Stenberg wrote:
> On Sat, 12 Mar 2016, Dennis Olvany wrote:
> 
>> Thanks, Ilari. After further research, it looks like I may be running
>> into the http2 incompatibility with ntlm. Is this limitation
>> applicable to the mixed use case? Is anyone aware of a good write up
>> which explains the ntlm incompatibility?
> 
> NTLM authenticates *connections* not requests (as HTTP auth was always
> meant to). HTTP/2 do (short-lived) streams over a single connection.
> 
> The two concepts really don't match very well.
> 

Note that NTLM is also incompatible with HTTP/1.x.

Middleware has to actively disable almost all useful HTTP functionality
when NTLM (or Negotiate) is being relayed on a connection.

Amos
Received on Sunday, 13 March 2016 03:00:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC