making new connection to AD every request?

Oct 7, 2010 at 11:07 AM

my log look like below

 

http-2020-9] - POST /myapp/app, contentlength: 0
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3406
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - token buffer: 40 byte(s)
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - continue token: TlRMTVNTUAACAAAADgAOADgAAAAFgomiez/Sgah/wSAAAAAAAAAAAKAAoABGAAAABQLODgAAAA9TAFAAUwBFAFQASQBBAAIADgBTAFAAUwBFAFQASQBBAAEAEgBNAFkAMAAxAC0AUwBWADAANgAEABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAMAMABNAFkAMAAxAC0AUwBWADAANgAuAHMAcABzAGUAdABpAGEALgBjAG8AbQAuAG0AeQAFABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAAAAAA=
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - continue required: true
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - POST /myapp/app, contentlength: 1011
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3406
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - token buffer: 168 byte(s)
07 Oct 2010 17:58:49,682 INFO [http-2020-9] - continue required: false
07 Oct 2010 17:58:49,713 INFO [http-2020-9] - successfully logged in user: company\userx
07 Oct 2010 17:58:50,385 INFO [http-2020-9] - resetted Cache for getWorkflowForAgentAllCached()
07 Oct 2010 17:58:50,385 INFO [http-2020-9] - resetted Cache for AllCategoriesForPaletteCached methods
07 Oct 2010 17:58:53,995 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 17:58:57,448 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - POST /myapp/app, contentlength: 0
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3406
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - token buffer: 40 byte(s)
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - continue token: TlRMTVNTUAACAAAADgAOADgAAAAFgomiVNMQps4VfRAAAAAAAAAAAKAAoABGAAAABQLODgAAAA9TAFAAUwBFAFQASQBBAAIADgBTAFAAUwBFAFQASQBBAAEAEgBNAFkAMAAxAC0AUwBWADAANgAEABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAMAMABNAFkAMAAxAC0AUwBWADAANgAuAHMAcABzAGUAdABpAGEALgBjAG8AbQAuAG0AeQAFABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAAAAAA=
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - continue required: true
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - POST /myapp/app, contentlength: 1017
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3406
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - token buffer: 168 byte(s)
07 Oct 2010 17:59:02,948 INFO [http-2020-9] - continue required: false
07 Oct 2010 17:59:02,979 INFO [http-2020-9] - successfully logged in user: company\userx
07 Oct 2010 17:59:03,636 INFO [http-2020-9] - resetted Cache for getWorkflowForAgentAllCached()
07 Oct 2010 17:59:03,636 INFO [http-2020-9] - resetted Cache for AllCategoriesForPaletteCached methods
07 Oct 2010 17:59:05,198 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 17:59:07,401 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 17:59:10,511 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:00:00,294 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:00:59,328 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3409
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - token buffer: 40 byte(s)
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - continue token: TlRMTVNTUAACAAAADgAOADgAAAAFgomieqS+j4vaCv8AAAAAAAAAAKAAoABGAAAABQLODgAAAA9TAFAAUwBFAFQASQBBAAIADgBTAFAAUwBFAFQASQBBAAEAEgBNAFkAMAAxAC0AUwBWADAANgAEABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAMAMABNAFkAMAAxAC0AUwBWADAANgAuAHMAcABzAGUAdABpAGEALgBjAG8AbQAuAG0AeQAFABwAcwBwAHMAZQB0AGkAYQAuAGMAbwBtAC4AbQB5AAAAAAA=
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - continue required: true
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - security package: NTLM, connection id: 10.1.4.12:3409
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - token buffer: 168 byte(s)
07 Oct 2010 18:00:59,390 INFO [http-2020-9] - continue required: false
07 Oct 2010 18:00:59,421 INFO [http-2020-9] - successfully logged in user: company\userx
07 Oct 2010 18:00:59,421 INFO [http-2020-9] - accessing home.java
07 Oct 2010 18:00:59,421 INFO [http-2020-9] - accessing home.java part2 userDetailImpl=null windowPrincipalWaffle=waffle.servlet.WindowsPrincipal@188b8a8
07 Oct 2010 18:01:01,796 INFO [http-2020-9] - Logined user=userx@company.com user fullname
07 Oct 2010 18:01:01,843 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:01:06,203 INFO [http-2020-9] - GET /myapp/app, contentlength: -1
07 Oct 2010 18:01:14,594 INFO [http-2020-9] - GET /myapp/app, contentlength: -1

 

 

 

may i know after user successfully login with NTLM,  when user browse through different page, each time , every request, does waffle make connection to ad to "re-authenticate" user?is the log look normal?

Oct 7, 2010 at 11:08 AM

i'm using "A Spring-Security Negotiate (NTLM and Kerberos) Filter" sample,  from mwhat i know filter, will execute on every page request.  please comment

Coordinator
Oct 7, 2010 at 2:12 PM

If the protocol chosen is NTLM then every POST will re-authenticate. I wrote an article about it here. That's one of the reasons why Kerberos is better and worth deploying properly. Log looks totally normal.

Re-authentication doesn't always mean connecting to a domain controller (aka Active Directory). Servers typically cache everything needed for a login (how else would you login to your corporate laptop without being on the intranet all the time?) and use a complex scheme that mixes expiry and notifications to make sure that it seems like you're doing a real login every time. So almost always the entire thing happens locally.