Re: MSOWebPartPage_AnonymousAccessCookie
- From: "Daniel Sinclair" <danieljsinclair@xxxxxxxxxxxxxxxx>
- Date: Fri, 3 Jun 2005 11:55:24 +0100
Well I'm trying to get better WAN performance out of SPS. My problem is that
I'm seeing a lot of roundtrips for each HTTP item per page, with NT Auth
configured this is about three round trips per request (so about 3x worse
still at the TCP level). The 3 HTTP roundtrips are down to negotiating
Authentication. I get two 401 responses before I successfully offer an
Authorization header. What I'd like to do is turn this into one request,
pre-authenticated style. A reasonable way of doing this would be to use a
session cookie that I could offer under SSL to prevent me having to
reauthenticate on every request. I've never seen anything in this cookie
before, and so I just wondered whether MS had thought about this, and
designed this feature in, and perhaps this cookie was what I was looking
for, and perhaps I just needed to reconfigure something.
Essentially I was wondering if this cookie was populated when I first
authenticated and that I could prevent further 401 challenges by presenting
this cookie which would be picked up by a custom authentication filter -
since this is what I would do.
Whilst we're on the subject, its a bit of a shame that SPS is laid out the
way it is. In OWA for example, you can specify different Authentication
mechanisms easily for /excchweb, the directory containing all the GIF images
and stylesheets ie. Anonymous, and you only need to set AUTH on the
/exchange subfolder. This makes OWA much more efficient than SPS in this
respect because the static files under /exchweb are usually the same for
everyone and therefore don't really need to be secured, and since they
comprise the majority of the requests per page OWA performs way better than
any SPS page. SharePoint on the other hand isn't designed in quite the same
way and jumbles all the ASPX and other actionable endpoints with the CSS and
GIF files so its very difficult to divide authorisation requirements in the
same way.
SPS would be way more efficient if we could selectively choose which areas
of the site required AUTH and which didn't, and so I was hoping that this
cookie was a session cookie that I could use to avoid having to keep
re-authenticating on 401 challenges for every single tiny item in the page
and therefore may be the answer to this issue.
"Wei-Dong XU [MSFT]" <v-wdxu@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:GnKBtD$ZFHA.2476@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Daniel,
>
> "I'm wondering if its something to do with caching an authentication
> session ..."
> By default, Sharepoint doesn't use session to persist data so the
> viewstate/cookie is used. The detailed information in it is the internal
> implementation of Sharepoion. So far as I know, no public document
> introduces any info about this.
>
> Could you be so kind to tell me why you are going to know this? Any
> development task in your scenario require the data from this cookie?
>
> Look forward to your update! My pleasure to be of any assistance.
>
> Best Regards,
> Wei-Dong XU
> Microsoft Product Support Services
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
.
- Follow-Ups:
- Re: MSOWebPartPage_AnonymousAccessCookie
- From: Wei-Dong XU [MSFT]
- Re: MSOWebPartPage_AnonymousAccessCookie
- References:
- RE: MSOWebPartPage_AnonymousAccessCookie
- From: Wei-Dong XU [MSFT]
- RE: MSOWebPartPage_AnonymousAccessCookie
- Prev by Date: AD Group
- Next by Date: Files Are Read-Only After WSS Install
- Previous by thread: RE: MSOWebPartPage_AnonymousAccessCookie
- Next by thread: Re: MSOWebPartPage_AnonymousAccessCookie
- Index(es):
Relevant Pages
|
