Windows + Apache + SSPI + SSL + NTLM + IE + POST data got you down? 1
For some reason, when using NTLM authentication on Apache through the mod_auth_sspi module (combined with SSL, but that might not be a requirement), Internet Explorer will refuse to send POST data along with a request at random points in time. It will still send a POST request, but it just doesn’t send data.
This seems to only affect IE users on domains with Integrated Windows Authentication (IWA). My CrossOver-emulated IE6 works fine with Basic authentication over the secure site we have set up doing IWA (of course I have to type in my credentials). But my Windows machine authenticating using IWA drops POST data!
After tireless Googling, I think I have a solution. It sucks, but it’s the best I can do. Suggestions welcome:
SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown
MaxKeepAliveRequests 1What this does is for MSIE, it tells mod_ssl to uncleanly shutdown. And it makes KeepAlive/HTTP Pipelining on, but only for one request. With KeepAlive turned off, IE doesn’t work at all. It gives a “Page Cannot be Displayed” error… probably because it’s attempting to NTLM authenticate, lost the socket, and dies.
What’s this mean for everyone else that follows the rules? They don’t get any benefit from HTTP pipelining. Which totally sucks. So hopefully you don’t have this problem…
Lockdown browsers are fun! 2
(code is past the break)
# Need: Ruby, this browser,
# and SysInternals Process Explorer
# Start Process Explorer, configure for always on
# top and only allow single instance, close it.
require 'win32ole'
BROWSER_PATH = ""
PROCEXP_PATH = ""
puts "Starting the lockdown browser"
shell = WIN32OLE.new('Shell.Application')
shell.ShellExecute(BROWSER_PATH, '', '', 'open', '1')
puts "Giving the lockdown browser time to breathe..."
sleep 10
puts "=> Ctrl-C to stop <="
while true do
shell = WIN32OLE.new('Shell.Application')
shell.ShellExecute(PROCEXP_PATH, '', '', 'open', '1')
sleep 20
endI’m posting this because that browser frustrates me. I have to boot into Windows to use it. This makes me feel better about having to use it. Cheating or doing anything that might get you or me in trouble is a bad idea.
Plus, if you can figure out this program, you probably feel my pain :)
What's your opinion?
Shouldn’t Hot Pockets have the cooking time on the sleeve instead of on the side of the box? Because by the time you take the Hot Pocket out and put it in the sleeve, you’ve already put the box back in the freezer, so you have to take it out again. And then search for it because it’s not on the back like every other good Christian junk food. Who lets that kind of thing get through QA anyway?