4

I'm using SSAS through HTTP with MSMDPUMP.dll. I have setup the MSMDPUMP.dll web to use only Basic Authentication and then I provide the User Id and Password in the ConnectionString. Everything works but it's too slow to be usable. I have enabled Failed Request Tracing in IIS and I have noticed that I get thousands 401.2 errors with the following information:

ModuleName IIS Web Core
Notification 2
HttpStatus 401
HttpReason Unauthorized
HttpSubStatus 2
ErrorCode 2147942405
ConfigExceptionInfo
Notification AUTHENTICATE_REQUEST
ErrorCode Access is denied. (0x80070005)

I believe this is the overhead and the reason why it is slow? If I change the authentication to Anonymous, everything works fast. Unfortunately this is not an option so I need to resolve this issue with Basic Authentication performance. Any ideas?

EDIT It seems that it tries first Anonymous auth and only after failing goes with basic. I don't have anonymous auth even enabled so I don't know why this is happening.

Antti Simonen
  • 141
  • 4

1 Answers1

2

If the service access performs many requests, and each request has to be authenticated, this would be the expected behavior if an authentication cookie is not set. If every request has to perform a full authentication, performance will be noticeably degraded.

If you are unable to set an auth cookie, and you can use Windows authentication, IIS has a setting to only authenticate the first request.

You may experience slow performance when you use Integrated Windows authentication together with the Kerberos authentication protocol in IIS 7.0
http://support.microsoft.com/kb/954873

https://stackoverflow.com/questions/10783440/slow-performance-when-accessing-msmdpump-dll-with-basic-authentication-repeated

Community
  • 1
Greg Askew
  • 35,880
  • 5
  • 54
  • 82
  • I thought IIS would handle caching the token so that it doesn't have to authenticate the user on every request. Where exactly I would set the authentication cookie? The MSMDPUMP.dll IIS site is soemthing I cannot affect and I don't see how I could do it from the service side? I cannot use Integrated Windows Authentication since the servers are in different domains with non-trust relationship. – Antti Simonen Oct 10 '12 at 05:25
  • As I suspected, it appears that the performance is due to repeated authentications. Someone on Stack Overflow experienced the same issue. I haven't worked with MSMDPUMP, so I don't know if it is viable to setup a form auth logon and cookie for it. – Greg Askew Oct 10 '12 at 11:30