Re: XML/A Performance

From: Wayne M (wmdev_at_yahoo.co.uk)
Date: 02/12/04 

Date: 12 Feb 2004 07:35:53 -0800

We are using Integrated Security.

Akshai, your theory seems to support our evidence. If authentication
is being done for every request, then it will be slow. It seems that
the XML/A proxy tries to connect as anonymous first (I think this
confirms to the HTTP 1.1 spec), it gets a HTTP 401 status code and
then it will resend with authentication; this time a successful HTTP
200 is returned. The evidence for this is in our IIS logs. There are
two posts to msxisapi.dll for every request - the first comes back
with a 401, the second is fine with a 200.

Both this and Mosha's earlier post regarding Nagling are real concerns
for us. We have a web clustered architecture with a user base of
thousands, and we have engineered our application to be responsive by
issuing relatively small executes, therefore a 200ms latency becomes
more obvious.

Going forward, ADOMD.NET provides a very nice object model, but if it
is based on XML/A rather than OLEDB then it too will perform badly.

Are both of these issues being looked at for the XML/A 1.1 release in
a few weeks time?

Wayne

"Akshai Mirchandani [MS]" <akshaim@online.microsoft.com> wrote in message news:<OAmUe6O8DHA.3288@TK2MSFTNGP11.phx.gbl>...
> Were you using Integrated Authentication or was it Anonymous? My belief is
> that this perf issue is being caused by the fact that we didn't properly
> support Keep-Alives of HTTP 1.1 and so for authenticated connections the TCP
> connection was being destroyed and re-created for every request. This would
> also cause authentication to be done for every message instead of only once
> for the first connection.
>
> Thanks,
> Akshai

Relevant Pages

  • Re: Is NTLM Authentication very expensive? (for bandwidth)
    ... request cause it has to do the challenge response, ... >> permissions and just using Integrated Authentication ... >> the server twice every time, once as anymous and once as ... because there are in total 57 failed anymous HTTP ...
    (microsoft.public.inetserver.iis.security)
  • Re: HTTP - basic authentication example.
    ... or *never* knowing the realm..) ... This is called authentication and is implemented ... requests a web page it sends a request to the server. ... consists of headers with certain information about the request. ...
    (comp.lang.python)
  • Re: reading http request raw data as stream
    ... In my case I am implementing an API for my server side app. ... I also employ a Basic HTTP authentication as part of the API, meaning, ... that for every request I look for the authentication ...
    (php.general)
  • Re: Each HTTP object being requested twice (401 then 200 responses)
    ... Authentication" and the web.config authentication setting is ... Authorized because the request was made anonymously. ... requests the same object a second time it uses kerberos; ... Kerberos tokens should not be regenerated for every request. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Each HTTP object being requested twice (401 then 200 responses)
    ... Authentication" and the web.config authentication setting is ... Authorized because the request was made anonymously. ... requests the same object a second time it uses kerberos; ... Kerberos tokens should not be regenerated for every request. ...
    (microsoft.public.inetserver.iis.security)