Performance Problems with Probing

1. In our application which uses NTLM; .Net always requests a file as
Anonymous before requesting it using the NTLM authenticated credentials - in
an application with over a million hits a day - this is quite a bit of extra
posting going on. Anyone know how to stop this?

2. Even when supplying a probing hint in the web.config file; our .Net Win
Form embeded user controls probe 6 times before finding the file (the first
4 are variations of the file with .dll, and .exe names in /bin and /root
folders, the last 2 are ANON then NTLM requests for the correct file).

So for each of the 3000+ users - for each file requested - there is
approximatly 6 web requests handled on the server - this causes slowless in
the client application - and causes additional work for the servers.

3. Just recently all of our Smart Downloads have stopped working. I have
put a sniffer on the machines - and checked the IIS logs - the CLR has
stopped doing conditional gets (No If-Modified-Since headers) and IIS (of
course) is always responding by sending a 200 (after the initial 6 probes)
and resending the files each time - instead of responding w/ the 304's and
allowing the .Net download cache to do its work.

I've already went through a long list of trying things - however - i'm
running out of ideas - i'd appreciate any thoughts!!!

Thanks!

Jerry
Fri Aug 20 01:34:32 CDT 2004

1. You can't. NTLM (and pretty much every authentication scheme except
basic) requires at least two requests.

2. and 3. - Don't know...

Jerry

"Jediah L." <rife@nospam.nospam> wrote in message
news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
> 1. In our application which uses NTLM; .Net always requests a file as
> Anonymous before requesting it using the NTLM authenticated credentials -
> in
> an application with over a million hits a day - this is quite a bit of
> extra
> posting going on. Anyone know how to stop this?
>
> 2. Even when supplying a probing hint in the web.config file; our .Net Win
> Form embeded user controls probe 6 times before finding the file (the
> first
> 4 are variations of the file with .dll, and .exe names in /bin and /root
> folders, the last 2 are ANON then NTLM requests for the correct file).
>
> So for each of the 3000+ users - for each file requested - there is
> approximatly 6 web requests handled on the server - this causes slowless
> in
> the client application - and causes additional work for the servers.
>
> 3. Just recently all of our Smart Downloads have stopped working. I have
> put a sniffer on the machines - and checked the IIS logs - the CLR has
> stopped doing conditional gets (No If-Modified-Since headers) and IIS (of
> course) is always responding by sending a 200 (after the initial 6 probes)
> and resending the files each time - instead of responding w/ the 304's and
> allowing the .Net download cache to do its work.
>
> I've already went through a long list of trying things - however - i'm
> running out of ideas - i'd appreciate any thoughts!!!
>
> Thanks!
>
>

Jediah
Fri Aug 20 09:19:36 CDT 2004

In re #1:

Don't really understand why though - its a poor setup - and should be
configurable.

If you know NTLM was used for the first request - why not automatically use
it for the second request - and if its used for the first half a million
requests - why not use it for the next half a million.

Or why couldn't you tell the IE configuration [This site is always NTLM].

Seems like a waste in performance and bandwidth.


"Jerry Pisk" <jerryiii@hotmail.com> wrote in message
news:uS%23CB$nhEHA.2848@TK2MSFTNGP10.phx.gbl...
> 1. You can't. NTLM (and pretty much every authentication scheme except
> basic) requires at least two requests.
>
> 2. and 3. - Don't know...
>
> Jerry
>
> "Jediah L." <rife@nospam.nospam> wrote in message
> news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
> > 1. In our application which uses NTLM; .Net always requests a file as
> > Anonymous before requesting it using the NTLM authenticated
credentials -
> > in
> > an application with over a million hits a day - this is quite a bit of
> > extra
> > posting going on. Anyone know how to stop this?
> >
> > 2. Even when supplying a probing hint in the web.config file; our .Net
Win
> > Form embeded user controls probe 6 times before finding the file (the
> > first
> > 4 are variations of the file with .dll, and .exe names in /bin and /root
> > folders, the last 2 are ANON then NTLM requests for the correct file).
> >
> > So for each of the 3000+ users - for each file requested - there is
> > approximatly 6 web requests handled on the server - this causes slowless
> > in
> > the client application - and causes additional work for the servers.
> >
> > 3. Just recently all of our Smart Downloads have stopped working. I
have
> > put a sniffer on the machines - and checked the IIS logs - the CLR has
> > stopped doing conditional gets (No If-Modified-Since headers) and IIS
(of
> > course) is always responding by sending a 200 (after the initial 6
probes)
> > and resending the files each time - instead of responding w/ the 304's
and
> > allowing the .Net download cache to do its work.
> >
> > I've already went through a long list of trying things - however - i'm
> > running out of ideas - i'd appreciate any thoughts!!!
> >
> > Thanks!
> >
> >
>
>

Jerry
Fri Aug 20 10:26:08 CDT 2004

IE does send two requests as well. And if you kept the connection open you
could reuse it without having to send two requests all the time, so - you're
right, you have a poor setup in your application. You should have a
connection pool that you'll use for your requests, instead of opening and
closing a connection each time.

Jerry

"Jediah L." <rife@nospam.nospam> wrote in message
news:%23pw15CshEHA.1344@TK2MSFTNGP11.phx.gbl...
> In re #1:
>
> Don't really understand why though - its a poor setup - and should be
> configurable.
>
> If you know NTLM was used for the first request - why not automatically
> use
> it for the second request - and if its used for the first half a million
> requests - why not use it for the next half a million.
>
> Or why couldn't you tell the IE configuration [This site is always NTLM].
>
> Seems like a waste in performance and bandwidth.
>
>
> "Jerry Pisk" <jerryiii@hotmail.com> wrote in message
> news:uS%23CB$nhEHA.2848@TK2MSFTNGP10.phx.gbl...
>> 1. You can't. NTLM (and pretty much every authentication scheme except
>> basic) requires at least two requests.
>>
>> 2. and 3. - Don't know...
>>
>> Jerry
>>
>> "Jediah L." <rife@nospam.nospam> wrote in message
>> news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
>> > 1. In our application which uses NTLM; .Net always requests a file as
>> > Anonymous before requesting it using the NTLM authenticated
> credentials -
>> > in
>> > an application with over a million hits a day - this is quite a bit of
>> > extra
>> > posting going on. Anyone know how to stop this?
>> >
>> > 2. Even when supplying a probing hint in the web.config file; our .Net
> Win
>> > Form embeded user controls probe 6 times before finding the file (the
>> > first
>> > 4 are variations of the file with .dll, and .exe names in /bin and
>> > /root
>> > folders, the last 2 are ANON then NTLM requests for the correct file).
>> >
>> > So for each of the 3000+ users - for each file requested - there is
>> > approximatly 6 web requests handled on the server - this causes
>> > slowless
>> > in
>> > the client application - and causes additional work for the servers.
>> >
>> > 3. Just recently all of our Smart Downloads have stopped working. I
> have
>> > put a sniffer on the machines - and checked the IIS logs - the CLR has
>> > stopped doing conditional gets (No If-Modified-Since headers) and IIS
> (of
>> > course) is always responding by sending a 200 (after the initial 6
> probes)
>> > and resending the files each time - instead of responding w/ the 304's
> and
>> > allowing the .Net download cache to do its work.
>> >
>> > I've already went through a long list of trying things - however - i'm
>> > running out of ideas - i'd appreciate any thoughts!!!
>> >
>> > Thanks!
>> >
>> >
>>
>>
>
>

Jediah
Fri Aug 20 10:39:19 CDT 2004

So you would suggest a better setup is to open a single HTTP connection and
keep it open for the 10 hour working day?

I wonder why IE doesn't do the same thing if it is such a great way to do
it? (In our application, we both use IE - with embeded Win Form User
Controls - and we use .Net Win Form .Exe's both exhibit the same problem).

But seriously - I appreciate your response - and didn't really expect you or
anyone else to have an answer to #1 - its a flaw imo in the way microsoft
has implemented their authentication scheme.

Any thoughts on #2 and #3 would also be greatly appreciated!

Thanks!



"Jerry Pisk" <jerryiii@hotmail.com> wrote in message
news:exLxDoshEHA.3928@TK2MSFTNGP11.phx.gbl...
> IE does send two requests as well. And if you kept the connection open you
> could reuse it without having to send two requests all the time, so -
you're
> right, you have a poor setup in your application. You should have a
> connection pool that you'll use for your requests, instead of opening and
> closing a connection each time.
>
> Jerry
>
> "Jediah L." <rife@nospam.nospam> wrote in message
> news:%23pw15CshEHA.1344@TK2MSFTNGP11.phx.gbl...
> > In re #1:
> >
> > Don't really understand why though - its a poor setup - and should be
> > configurable.
> >
> > If you know NTLM was used for the first request - why not automatically
> > use
> > it for the second request - and if its used for the first half a million
> > requests - why not use it for the next half a million.
> >
> > Or why couldn't you tell the IE configuration [This site is always
NTLM].
> >
> > Seems like a waste in performance and bandwidth.
> >
> >
> > "Jerry Pisk" <jerryiii@hotmail.com> wrote in message
> > news:uS%23CB$nhEHA.2848@TK2MSFTNGP10.phx.gbl...
> >> 1. You can't. NTLM (and pretty much every authentication scheme except
> >> basic) requires at least two requests.
> >>
> >> 2. and 3. - Don't know...
> >>
> >> Jerry
> >>
> >> "Jediah L." <rife@nospam.nospam> wrote in message
> >> news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
> >> > 1. In our application which uses NTLM; .Net always requests a file
as
> >> > Anonymous before requesting it using the NTLM authenticated
> > credentials -
> >> > in
> >> > an application with over a million hits a day - this is quite a bit
of
> >> > extra
> >> > posting going on. Anyone know how to stop this?
> >> >
> >> > 2. Even when supplying a probing hint in the web.config file; our
.Net
> > Win
> >> > Form embeded user controls probe 6 times before finding the file (the
> >> > first
> >> > 4 are variations of the file with .dll, and .exe names in /bin and
> >> > /root
> >> > folders, the last 2 are ANON then NTLM requests for the correct
file).
> >> >
> >> > So for each of the 3000+ users - for each file requested - there is
> >> > approximatly 6 web requests handled on the server - this causes
> >> > slowless
> >> > in
> >> > the client application - and causes additional work for the servers.
> >> >
> >> > 3. Just recently all of our Smart Downloads have stopped working. I
> > have
> >> > put a sniffer on the machines - and checked the IIS logs - the CLR
has
> >> > stopped doing conditional gets (No If-Modified-Since headers) and IIS
> > (of
> >> > course) is always responding by sending a 200 (after the initial 6
> > probes)
> >> > and resending the files each time - instead of responding w/ the
304's
> > and
> >> > allowing the .Net download cache to do its work.
> >> >
> >> > I've already went through a long list of trying things - however -
i'm
> >> > running out of ideas - i'd appreciate any thoughts!!!
> >> >
> >> > Thanks!
> >> >
> >> >
> >>
> >>
> >
> >
>
>

Jerry
Fri Aug 20 19:15:58 CDT 2004

That's exactly what I suggest. It's not a flaw, it's just the way all secure
authentication schemes work (so don't blame Microsoft, it's not just NTLM).

Sorry I can't help you with the rest.

Jerry

"Jediah L." <rife@nospam.nospam> wrote in message
news:O7MWcvshEHA.3264@tk2msftngp13.phx.gbl...
> So you would suggest a better setup is to open a single HTTP connection
> and
> keep it open for the 10 hour working day?
>
> I wonder why IE doesn't do the same thing if it is such a great way to do
> it? (In our application, we both use IE - with embeded Win Form User
> Controls - and we use .Net Win Form .Exe's both exhibit the same problem).
>
> But seriously - I appreciate your response - and didn't really expect you
> or
> anyone else to have an answer to #1 - its a flaw imo in the way microsoft
> has implemented their authentication scheme.
>
> Any thoughts on #2 and #3 would also be greatly appreciated!
>
> Thanks!
>
>
>
> "Jerry Pisk" <jerryiii@hotmail.com> wrote in message
> news:exLxDoshEHA.3928@TK2MSFTNGP11.phx.gbl...
>> IE does send two requests as well. And if you kept the connection open
>> you
>> could reuse it without having to send two requests all the time, so -
> you're
>> right, you have a poor setup in your application. You should have a
>> connection pool that you'll use for your requests, instead of opening and
>> closing a connection each time.
>>
>> Jerry
>>
>> "Jediah L." <rife@nospam.nospam> wrote in message
>> news:%23pw15CshEHA.1344@TK2MSFTNGP11.phx.gbl...
>> > In re #1:
>> >
>> > Don't really understand why though - its a poor setup - and should be
>> > configurable.
>> >
>> > If you know NTLM was used for the first request - why not automatically
>> > use
>> > it for the second request - and if its used for the first half a
>> > million
>> > requests - why not use it for the next half a million.
>> >
>> > Or why couldn't you tell the IE configuration [This site is always
> NTLM].
>> >
>> > Seems like a waste in performance and bandwidth.
>> >
>> >
>> > "Jerry Pisk" <jerryiii@hotmail.com> wrote in message
>> > news:uS%23CB$nhEHA.2848@TK2MSFTNGP10.phx.gbl...
>> >> 1. You can't. NTLM (and pretty much every authentication scheme except
>> >> basic) requires at least two requests.
>> >>
>> >> 2. and 3. - Don't know...
>> >>
>> >> Jerry
>> >>
>> >> "Jediah L." <rife@nospam.nospam> wrote in message
>> >> news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
>> >> > 1. In our application which uses NTLM; .Net always requests a file
> as
>> >> > Anonymous before requesting it using the NTLM authenticated
>> > credentials -
>> >> > in
>> >> > an application with over a million hits a day - this is quite a bit
> of
>> >> > extra
>> >> > posting going on. Anyone know how to stop this?
>> >> >
>> >> > 2. Even when supplying a probing hint in the web.config file; our
> .Net
>> > Win
>> >> > Form embeded user controls probe 6 times before finding the file
>> >> > (the
>> >> > first
>> >> > 4 are variations of the file with .dll, and .exe names in /bin and
>> >> > /root
>> >> > folders, the last 2 are ANON then NTLM requests for the correct
> file).
>> >> >
>> >> > So for each of the 3000+ users - for each file requested - there is
>> >> > approximatly 6 web requests handled on the server - this causes
>> >> > slowless
>> >> > in
>> >> > the client application - and causes additional work for the servers.
>> >> >
>> >> > 3. Just recently all of our Smart Downloads have stopped working.
>> >> > I
>> > have
>> >> > put a sniffer on the machines - and checked the IIS logs - the CLR
> has
>> >> > stopped doing conditional gets (No If-Modified-Since headers) and
>> >> > IIS
>> > (of
>> >> > course) is always responding by sending a 200 (after the initial 6
>> > probes)
>> >> > and resending the files each time - instead of responding w/ the
> 304's
>> > and
>> >> > allowing the .Net download cache to do its work.
>> >> >
>> >> > I've already went through a long list of trying things - however -
> i'm
>> >> > running out of ideas - i'd appreciate any thoughts!!!
>> >> >
>> >> > Thanks!
>> >> >
>> >> >
>> >>
>> >>
>> >
>> >
>>
>>
>
>

v-jetan
Mon Aug 23 03:27:55 CDT 2004

Hi Jediah,

I have added a reply to you in
microsoft.public.dotnet.framework.windowsforms newsgroup. Please follow up
me there, I will help you.

Thanks for your understanding.

Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

Jediah
Tue Aug 31 21:48:23 CDT 2004

By the way, thought I'd pass this along, if anyone is ever looking &
intrested.

There was a way to do #1 - surprisingly - using the
UnsafeAuthenticatedConnectionSharing property of the Web Request object.

I have some outstanding questions about the stability and any performance
implications - however - it does exactly what I was looking for.


"Jediah L." <rife@nospam.nospam> wrote in message
news:u5fRIhlhEHA.3928@TK2MSFTNGP11.phx.gbl...
> 1. In our application which uses NTLM; .Net always requests a file as
> Anonymous before requesting it using the NTLM authenticated credentials -
> in
> an application with over a million hits a day - this is quite a bit of
> extra
> posting going on. Anyone know how to stop this?
>
> 2. Even when supplying a probing hint in the web.config file; our .Net Win
> Form embeded user controls probe 6 times before finding the file (the
> first
> 4 are variations of the file with .dll, and .exe names in /bin and /root
> folders, the last 2 are ANON then NTLM requests for the correct file).
>
> So for each of the 3000+ users - for each file requested - there is
> approximatly 6 web requests handled on the server - this causes slowless
> in
> the client application - and causes additional work for the servers.
>
> 3. Just recently all of our Smart Downloads have stopped working. I have
> put a sniffer on the machines - and checked the IIS logs - the CLR has
> stopped doing conditional gets (No If-Modified-Since headers) and IIS (of
> course) is always responding by sending a 200 (after the initial 6 probes)
> and resending the files each time - instead of responding w/ the 304's and
> allowing the .Net download cache to do its work.
>
> I've already went through a long list of trying things - however - i'm
> running out of ideas - i'd appreciate any thoughts!!!
>
> Thanks!
>
>