I'm having issues with self hosted TFS environment in where the performing any action in Visual Studio or the Web Portal can take upwards of 20 to 30 seconds to complete. The issue is intermittent and other developers are seeing the same symptoms. Tracing the slow requests with Wireshark shows 3 REST requests to the TFS Server interface with first two requests returning with a 401 response and the third returning a 200 response.
The difference in the requests seem to be the authentication. The first request appends no explicit authentication method to the POST and returns a standard 401 response. The second request appends NTLMSSP_NEGOTIATE and fails with a 401 NTLMSSP_CHALLENGE response. The third request appends NTLMSSP_AUTH to the request and passes in my AD user name and response with a standard 200.
Symptoms:
First two requests return a 401 failure
Time between the requests seems to vary from a few ms to up to thirty seconds and the time between request and response is less than 100ms
Connecting to TFS within the cloud environment being logged in as the same AD account that is connecting to TFS does yield display the same intermittent issue.
Environment:
Development systems are connecting over a VPN to a cloud environment
TFS accounts are AD based with AD servers existing in the same cloud environment as TFS
Development systems are joined to a different AD system that has no trust relationship with the AD system that TFS is joined to
TFS Server version is 2018 (16.131.27701.1)
TFS Datastore is SQL Server 2016 EE hosted on a separate instance.
Visual Studio version is Pro 2017 (15.4.1)
Seeing the symptoms in two independent environments tells me the issue is on the TFS Server however I'm able to identify any potential bottlenecks or blockers. Also that the issue appears in the Visual Studio and the web interface the issue seems to be in the TFS Server and not the client but the delay in making the requests from the client points it right back to being a client configuration issue.
How can I identify what is causing the client to delay follow up requests when a prior response returns a 401 reply?
Related
I have an ASP.NET MVC application running on IIS using .NET Framework 4.7.2. There is a single endpoint that takes 5 minutes to return a response. The response is successful and there is no error in the code or in the IIS logs.
I have timed almost every line in the controller action using System.Diagnostic.Stopwatch and the whole action finishes in under 100 milliseconds.
More interesting, we are running this application in AWS in both a staging and production environment account. This problem only occurs in the production environment and it is only a single server. We actually have two servers running a copy of this application, and it is only the one server that has this problem. While the server having the problem receives substantially more traffic than the other servers, it only receives approximately 25,000 page views per day and no other endpoint takes this long to fulfill the request.
The application is deployed using Elastic Beanstalk and the .NET on Windows Server platform. We have rebuilt the application environment and the server multiple times and it is consistent across servers.
I have also connected directly to the server and installed IIS Failed Request Tracing. According to IIS Failed Request Tracing, step 206. GENERAL_SET_RESPONSE_HEADER where HeaderName=X-Frame-Options and HeaderValue=SAMEORIGIN took 362,063 milliseconds (~6 minutes). This is in the ManagedPipelineHeader module with notification EXECUTE_REQUEST_HANDLER.
See Image: IIS Failed Request Tracing
Yikes, 6 minutes. I'm surprised it didn't time out. I noticed this other post but it didn't see directly relevant in that they were using Spring Boot and your app was ASP.Net MVC 4x. It does make me wonder, though if there isn't a shared underlying cause. So in their case they disabled frameoptions in spring boot (http.headers().frameOptions().disable()) via config so that it would stop trying to write that request header.
In both cases, hard to tell without poking around but I'm wondering if CloudFront and the particular framework in each example aren't fighting for dominance over this particular header but you didn't mention Cloudfront so I might be completely off. Any chance of Cloudfront being used on your prod side (with the issue) and not the dev side?
Since we updated from TFS to Azure DevOps Server 2020 we have a problem with live updates when using the client. I expect pages to automatically update with new information as they come available like it did with TFS, but that doesn't happened anymore. Instead we get an error:
'Live updates for this pull request were temporarily interrupted. Refresh to view the latest.'
I suspect it is a problem with a server setting, but I have no idea where to look.
Azure DevOps Server
Version Dev18.M170.4
We Have Deployed our first application on Windows azure with Windows SQL Azure Database. In my application we facing sometime to execute Web services to complete implementation.
We Configured all required setting and web site working properly but some time User Registration failed sometime not with same valid input. Please help me I am in new in Windows Azure.
See Error and Success
Error Image Link http://tourneypick.com/Upload/2015-09-10%2017_46_06-Firebug%20-%20register%20_%20Application.png
Success on Next click Image Link http://tourneypick.com/Upload/2015_09_10_17_45_27_Firebug_register_Application.png
This working on staging server properly.
After long effort I analyse that: My application was hosted in West US Region in Azure Cloud and database was in Central US region that's why system take too much time to load data. After change database region to West US means Application and database on same region. Now execution speed become fast and no 500 error.
Issue might be connection time out
We have 2003 windows server with moss 2007. We get the windows login prompt when opening 2010 office doc. I removed the http handler verbs from web config but still the site prompts for the credentials. It is a forms auth site with anonymous acccess enabled. Weird part is removing the verbs worked in development but in production it seems removing the verb has no effect. I checked if client integration was enabled in the auth provider. We have SP service pack installed in development not in production. But I am not sure what is going on. I will appreciate any clues.
One solid recommendation is to use a product like Fiddler on the client to see what kinds of things are being requested on the client side. In many cases, the office clients try to reach back to SharePoint to check things like versions, authors, check in/out status, etc. This kind of thing can cause the client to prompt for authentication.
I am developing a 3 tier database application.
1.) MS SQL DB
2.) Middle tier SOAP Server (with Delphi 7) connected to the DB
3.) Clients (first win32 gui (with Delphi 7) - later other platfomrs) connected to the SOAP server
I chose a SOAP Server to be open to various clients at a later stage (also some of the win32 gui clients will be stationed abroad - so the clients need to be thin) (this as suggested by Dr. Bob).
I am new to SOAP and have been looking at different examples and papers about authentication. But cant quite get my head around it.
I have made a SOAP server and client with Delphi's SOAP Server Application Wizard and added a SOAP SERVER Data Module, added a database connection and some datasets and providers. Connected the client with dbgrid etc and that part works fine.
But I want the client first to login and then be able to access data and I want the server to log each connection and also when the client logs off or is disconnected, so I am guessing I need the sessionID and a timeout. I also want the server to be able to tell the clients who else is "connected" (or whos session is still active) at any given time.
I have gathered that I need to make a authentication header, but cant figure out where or who I can get a sessionID. I presume that each time a client connectes to the server the server generates a sessionID? How do I get this?
Any help or suggestions/pointer would be appreciated,
thanks
Justin
Soap servers do not provide sessions by default. Your server has to implement Session life cycle managment (Login / Logout) etc.
A basic solution is documented here: Managing sessions with Delphi 6 Web services
Note however that this solution is far from perfect (see comments), for example it does not provide a session timeout mechanism.
OK - figured it out - I had not:
InvRegistry.RegisterHeaderClass(TypeInfo(IThorPayServerDB), TAuthHeader);
in the initialization
But I still cant figure out how to get the session ID - or some unique way of know which client session is loged in to the server - any ideas?
Delphi XE uses a newer version of SOAP, maybe that is the answer:
https://forums.embarcadero.com/thread.jspa?messageID=200793