Category Archives: Security

NTLM’s dependency on HTTP keep-alives (another cause of the dreaded 401.1 error)

This post involves a look into Microsoft’s proprietary NT LAN manager (NTLM) and its dependency on HTTP keep alives.

The client in this “tale” reported that their SharePoint site was available over the Internet via their proxy server (in this case ISA Server 2006), but not from within the server farm. In this scenario, they were attempting to use K2 to provide workflow based business logic to their SharePoint 2007 site – and repeatedly getting a HTTP 401.1 error (Unauthorized: Access is denied due to invalid credentials). Continue reading