Excessive HTTP 401s using Windows Authentication, AJAX, ASMX and external ISA | ansaurus

tags:

views:

48

answers:

1

+2 Q:

Excessive HTTP 401s using Windows Authentication, AJAX, ASMX and external ISA

Enviornment:

ASP.NET WebForms
.NET 3.5
jQuery for AJAX
ASMX web services
Windows Authentication
SSL

When we run our production web application, our AJAX calls often have 2-3 HTTP 401s before we get our HTTP 200.

Is this normal?
Is there something we may be doing wrong?

NOTE: The calls do not fail, the 401s try until they succeed.

Example Traffic:
alt text

+2 A:

That's normal traffic for NTLM-style Integrated Windows authentication. The sequence is roughly:

Client: HTTP GET url...
Server: HTTP 401 WHO GOES THERE
Client: It's-a me, the client!
Server: HTTP 401 YEAH PROVE IT
Client: I've got all the proof you need right here.
Server: HTTP 200 OK

If you look in the raw responses from the server, you should see the Negotiate headers, and the corresponding encoded / encrypted requests from the client.

mwalker 2010-07-16 20:46:11

Ok cool, I looked at the headers as @John mentioned and I do see the negations taking place.

rick schott 2010-07-19 17:23:16

related questions

Is it better to create Model classes, or just stick with generic database utility class?

What are effective options for embedding video in an ASP.NET web site?

Visual Studio 2008 debugger already attached work-around

Tracking state using ASP.NET AJAX / ICallbackEventHandler

ASP.NET Display SVN Revision Number

ASP.NET URL Rewriting

How can I change the background of a masterpage from the code behind of a content page?

Easy way to AJAX WebControls

How do I define custom web.config sections with potential child elements and attributes for the properties?

ASP.NET MVC "CRUD" Database Sample

Are Multiple DataContext classes ever appropriate?

How to RedirectToAction in ASP.NET MVC without losing request data

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP.NET built in user profile, Vs old stile user class/tables

What's a good book for learning ASP?

Bandwith throttling in IIS 6 by IP Address

ASP .Net Custom Client-Side Validation

How to get the value of built, encoded ViewState?

Decent, simple, GIS/mapping component for ASP.NET?

Checklist for IIS 6/ASP.NET Windows Authentication?

How to write to Web.Config in Medium Trust ?

ASP.NET, Visual Studio and Subversion - how to integrate?

Floating Point Number parsing: Is there a Catch All algorithm?

How do I sync the SVN revision number with my ASP.NET web site?

ASP.NET Site Maps