Re: URLSCAN makes pages with integrated authentication very slow
From: Vassilis Galinos (vgalinos_at_hotmail.com)
Date: 07/11/03
- Previous message: Herb Martin: "Re: Detection of access to IIS"
- In reply to: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Next in thread: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Reply: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 11 Jul 2003 23:47:02 +0200
Yes!!!
That seems to be the solution! :-)
I changed the RemoveServerHeader=1 to RemoveServerHeader=0 and it works
great (as it should).
Thanks a lot!
But isn't there a way to remove the Server header so that
win-integrated-auth still works right?
Because since I have done this with the server header remove, I have
much less "hacker-tries" in the IIS-server logs!
"David Wang [Msft]" wrote:
>
> Do you have RemoveServerHeader=1 or otherwise manipulate the Server: header
> with URLScan?
>
> --
> //David
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
> "Vassilis Galinos" <vgalinos@hotmail.com> wrote in message
> news:3F0B8D01.96D8C1D4@hotmail.com...
> Hi!
>
> "David Wang [Msft]" wrote:
> >
> > Do you have KeepAlive enabled on this server?
> >
> > The actual HTTP Error is 401. Win32 error code is 5 (Access Denied). It
> > isn't 401.5 that's being returned.
> >
> > Authentication typically involves at least one 401.x response prior to
> > successful requests. Performance of authenticated requests is the
> > responsible of the web browser (i.e. for Basic, send authenticate headers
> on
> > subsequent requests, for NTLM, keep using the authenticated connection.),
> > but some server configuration can hinder the client-side optimization.
> >
> > A NetMon trace would be useful in investigating this further -- of both
> with
> > and without URLScan from your machine.
>
> So, here they are...
> - a http-trace without and with URLscan for the same request
> /imageapp/utils/imagedb.asp?Index=520&xQual=300&y (I hope you don't need
> the TCP information from the trace...)
> - and an IIS-Log file without URLscan
>
> The server has HTTP keep alive enabled.
> The only diference in the config of the IIS is tha on the first case
> URLscan is removed from the ISAPI filters and on the second it is
> installed again.
>
> As you can see in the IIS log file, there are a few requests that are
> first unauthenticared but they are only a few in compare of the other
> log file I have posted, where the client has to reauthenticate near
> every time!
>
- Previous message: Herb Martin: "Re: Detection of access to IIS"
- In reply to: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Next in thread: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Reply: David Wang [Msft]: "Re: URLSCAN makes pages with integrated authentication very slow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
