For debugging i wrote a really simple Web-Application which contains only a simple JSP Page with a small Form containing a textfield and a submit button.
The tomcat is configured to use the Waffle Filter on this page. I know send the Form to the same page but under another URL which is not covered by the Filter. The Post Parameters are now completely lost but an ntml token gets transmitted.
So to summerize:
I'm using Waffle from waffle.codeplex.com and IE8.
EDIT: This is also happening if i am using other NTLM filters. So the problem is not Waffle here but Internet Explorer which forces to reauthenticate the NTLM session everytime a POST request is issued.
Did anyone experience this problem before?
In my example, The url http://myserver/autologin/test.jsp was send through the filter, so waffle authenticated correctly and landed on the page. When i then posted the form, the new request did not go through waffle, causing the IE to force a re-authentication via NTLM. Due to the fact that Waffle was no longer involved in the communication, the re-authentication failed and the post parameters were lost.
So the quick solution is to change the url pattern for waffle, so that it matches all sites within the application. i.e. /* instead of /autologin.