https://m204wiki.rocketsoftware.com/index.php?title=Janus_Web_Server_login_caching&feed=atom&action=historyJanus Web Server login caching - Revision history2024-03-29T13:28:53ZRevision history for this page on the wikiMediaWiki 1.40.1https://m204wiki.rocketsoftware.com/index.php?title=Janus_Web_Server_login_caching&diff=76472&oldid=prevJAL: link repair2015-03-09T17:57:25Z<p>link repair</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 17:57, 9 March 2015</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l93">Line 93:</td>
<td colspan="2" class="diff-lineno">Line 93:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>if login caching is to be used.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>if login caching is to be used.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>For more information on</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>For more information on</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>setting up sdaemon threads, see the [<del style="font-weight: bold; text-decoration: none;">http</del>:<del style="font-weight: bold; text-decoration: none;">//m204wiki.rocketsoftware.com/images/c/c9/</del>SiriNew.pdf Sirius Mods Installation Guide].</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>setting up sdaemon threads, see the <ins style="font-weight: bold; text-decoration: none;"><var class="book"></ins>[<ins style="font-weight: bold; text-decoration: none;">[Media</ins>:SiriNew.pdf<ins style="font-weight: bold; text-decoration: none;">|</ins>Sirius Mods Installation Guide]<ins style="font-weight: bold; text-decoration: none;">]</var></ins>.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>It is clear then, that login caching is no panacea, and in</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>It is clear then, that login caching is no panacea, and in</div></td></tr>
</table>JALhttps://m204wiki.rocketsoftware.com/index.php?title=Janus_Web_Server_login_caching&diff=73893&oldid=prevJAL: /* Limiting the number of cached login sessions */2014-12-04T17:25:35Z<p><span dir="auto"><span class="autocomment">Limiting the number of cached login sessions</span></span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 17:25, 4 December 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l93">Line 93:</td>
<td colspan="2" class="diff-lineno">Line 93:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>if login caching is to be used.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>if login caching is to be used.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>For more information on</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>For more information on</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>setting up sdaemon threads, see the [http://<del style="font-weight: bold; text-decoration: none;">www</del>.<del style="font-weight: bold; text-decoration: none;">sirius-software</del>.com/<del style="font-weight: bold; text-decoration: none;">maint</del>/<del style="font-weight: bold; text-decoration: none;">download</del>/<del style="font-weight: bold; text-decoration: none;">siri</del>.pdf Sirius Mods Installation Guide].</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>setting up sdaemon threads, see the [http://<ins style="font-weight: bold; text-decoration: none;">m204wiki</ins>.<ins style="font-weight: bold; text-decoration: none;">rocketsoftware</ins>.com/<ins style="font-weight: bold; text-decoration: none;">images</ins>/<ins style="font-weight: bold; text-decoration: none;">c</ins>/<ins style="font-weight: bold; text-decoration: none;">c9/SiriNew</ins>.pdf Sirius Mods Installation Guide].</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>It is clear then, that login caching is no panacea, and in</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>It is clear then, that login caching is no panacea, and in</div></td></tr>
</table>JALhttps://m204wiki.rocketsoftware.com/index.php?title=Janus_Web_Server_login_caching&diff=48757&oldid=prevJAL2 at 20:01, 17 October 20112011-10-17T20:01:41Z<p></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 20:01, 17 October 2011</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l121">Line 121:</td>
<td colspan="2" class="diff-lineno">Line 121:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Since a single web page can contain many images, and since browsers often request images on a page in parallel, a single request for such a login-protected page can result in multiple simultaneous logins for a userid. Login caching would then hold these logins, tying up several sdaemons in the process.</p></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Since a single web page can contain many images, and since browsers often request images on a page in parallel, a single request for such a login-protected page can result in multiple simultaneous logins for a userid. Login caching would then hold these logins, tying up several sdaemons in the process.</p></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><p></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><p></div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><var>WEBLOGMAX</var> prevents more than the indicated number of sdaemons to be used for a single user's requests. All login-protected requests for a user are then threaded trough <var>WEBLOGMAX</var> users. This is generally not a problem since the typical bottleneck for most requests is network bandwidth, and multi-threading requests for a single user does not alleviate network bandwidth problems.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><var>WEBLOGMAX</var> prevents more than the indicated number of sdaemons to be used for a single user's requests. All login-protected requests for a user are then threaded trough <var>WEBLOGMAX</var> users. This is generally not a problem since the typical bottleneck for most requests is network bandwidth, and multi-threading requests for a single user does not alleviate network bandwidth problems. <ins style="font-weight: bold; text-decoration: none;"></p></ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><p></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><p></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><var>WEBLM</var> is a synonym for <var>WEBLOGMAX</var>. </p></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><var>WEBLM</var> is a synonym for <var>WEBLOGMAX</var>. </p></div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l159">Line 159:</td>
<td colspan="2" class="diff-lineno">Line 159:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>simply not login protect images, since generally these</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>simply not login protect images, since generally these</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>do not contain secure information anyway.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>do not contain secure information anyway.</div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==WEBPUBLOG and login caching==</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==WEBPUBLOG and login caching==</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>The <var>WEBPUBLOG</var> parameter is used to force a "real" login</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>The <var><ins style="font-weight: bold; text-decoration: none;">[[</ins>WEBPUBLOG<ins style="font-weight: bold; text-decoration: none;">]]</ins></var> parameter is used to force a "real" login</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>for the <var>WEBUSER</var> userid for public URL requests.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>for the <var><ins style="font-weight: bold; text-decoration: none;">[[</ins>WEBUSER<ins style="font-weight: bold; text-decoration: none;">]]</ins></var> userid for public URL requests.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This means</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This means</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>that the <var>WEBUSER</var> userid is validated either in CCASTAT or</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>that the <var>WEBUSER</var> userid is validated either in CCASTAT or</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l202">Line 202:</td>
<td colspan="2" class="diff-lineno">Line 203:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>browser sessions for the enforcement of <var>WEBLOGMAX</var>.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>browser sessions for the enforcement of <var>WEBLOGMAX</var>.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>This problem can be solved by the use of the <var>WEBCOOKID</var> parameter</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>This problem can be solved by the use of the <var><ins style="font-weight: bold; text-decoration: none;">[[</ins>WEBCOOKID<ins style="font-weight: bold; text-decoration: none;">]]</ins></var> parameter</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>on the port definition, which instructs <var class="product">Janus Web Server</var> to send browser</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>on the port definition, which instructs <var class="product">Janus Web Server</var> to send browser</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>requests with cached login sessions a special session cookie</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>requests with cached login sessions a special session cookie</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l257">Line 257:</td>
<td colspan="2" class="diff-lineno">Line 258:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>work files can be used.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>work files can be used.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Where it is desirable to save <var class="product">Model 204</var></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Where it is desirable to save <var class="product">Model 204</var></div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>lists or found sets, <var class="product">Janus Web Server</var> provides [[Janus Web Server Saved Record Set</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>lists or found sets, <var class="product">Janus Web Server</var> provides [[Janus Web Server Saved Record Set Support|"Saved Record Set Support"]].</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Support|"Saved Record Set Support"]].</div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Janus Web Server]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Janus Web Server]]</div></td></tr>
</table>JAL2https://m204wiki.rocketsoftware.com/index.php?title=Janus_Web_Server_login_caching&diff=48756&oldid=prevJAL2: Created page with "While the connectionless nature of the web protocol (HTTP) makes it possible to have servers support communities of tens of thousands of end-users by eliminating the cost of "hol..."2011-10-14T22:45:59Z<p>Created page with "While the connectionless nature of the web protocol (HTTP) makes it possible to have servers support communities of tens of thousands of end-users by eliminating the cost of "hol..."</p>
<p><b>New page</b></p><div>While the connectionless nature of the web protocol (HTTP)<br />
makes it possible to have servers support communities of<br />
tens of thousands of end-users by eliminating the cost of<br />
"holding down" open connections, it also presents some<br />
special problems.<br />
<ul><br />
<li>Where login security is required, the web protocol<br />
results in a login for every page rather than once for a<br />
user "session."<br />
While <var class="product">Model 204</var> login processing is fairly<br />
inexpensive, this is not necessarily the case for<br />
external-authorizer (RACF, ACF2 and Top Secret) login<br />
validation.<br />
It is possible that external authorizers<br />
can be swamped with login requests from <var class="product">Janus Web Server</var> for<br />
login protected pages.<br />
(In such cases with RACF,<br />
a <var>[[WEBOPT parameter|WEBOPT]]</var> system parameter setting improves performance.<br />
<li>The ephemeral nature of connections &mdash; the<br />
browser connects, the server logs in, the user sends the<br />
output page and logs off &mdash; can make connection-based<br />
tools such as <var class="product">[[SirMon]]</var> and <var class="product">[[SirScan]]</var> difficult to use.<br />
For example, simply answering the question "who's using our<br />
system now" can be difficult with web users because they<br />
never stay logged on for more than a few instants.<br />
</ul><br />
<var class="product">Janus Web Server</var> login caching provides a solution to both of these<br />
problems.<br />
Here is how login caching works:<br />
When a user<br />
logs on for a web page, rather than logging<br />
the user off after the page is sent, the user is left logged on.<br />
If another login request is received for the same userid<br />
from the same browser (with the same password), that request<br />
is transferred to the held login session rather than issuing<br />
a new login request.<br />
<br />
This accomplishes two things.<br />
First, by eliminating the need<br />
to re-issue a login request, it eliminates the cost of doing<br />
userid and password validation.<br />
Second, it makes a web user<br />
persist in the <var class="product">Model 204</var> Online, so it is easier to monitor<br />
and audit what individual users are doing.<br />
<br>'''Note:'''<br />
The userid's password is never kept unencrypted in<br />
the Online address space.<br />
Instead, before the initial login<br />
request, the password is one-way encrypted and stashed in virtual storage.<br />
When a subsequent login request is received,<br />
the password that comes with that request is one-way encrypted<br />
and compared with the saved, one-way encrypted password.<br />
If they match, the password must be correct and password validation<br />
can be bypassed.<br />
__TOC__<br />
<br />
==Limiting the number of cached login sessions==<br />
Cached login sessions have some real benefits, however, they also<br />
have some disadvantages.<br />
Like connection-based sessions, each cached login session<br />
ties up a thread.<br />
Furthermore, these threads are tied up<br />
for a fairly long period of time.<br />
This means that the number<br />
of concurrent web threads might increase significantly if<br />
the cached login facility is used.<br />
<br />
For example, consider a site that typically has about 200 users<br />
concurrently using a <var class="product">Janus Web Server</var> application.<br />
Let's say that while<br />
they are using the application they are sending an average of<br />
one page request every 20 seconds, and let's say that each page<br />
request takes one second to satisfy.<br />
This translates to an<br />
average of about 10 concurrent web threads active at a given<br />
time (though realistically the values will range from 0 to 20<br />
or higher).<br />
If login caching were turned on, suddenly there would<br />
be 200 concurrent web threads at any given instant.<br />
While most of these would be inactive most of the time, there would<br />
still be costs associated with them.<br />
<br />
Most significantly for <var class="product">Model 204</var>, each of these threads would<br />
need a server.<br />
This means that unless the Online had 200 or<br />
more servers there would be server swapping for the web threads.<br />
In the non-login caching case, 20 or so servers would probably<br />
prevent any web thread server swapping because of <var class="product">Janus Web Server</var>'s<br />
most-recently-used algorithm for using sdaemon threads.<br />
<br>'''Note:'''<br />
Because all <var class="product">Janus Web Server</var> applications run on [[Sdaemons|sdaemon]]<br />
threads, the number of sdaemon threads must be increased<br />
if login caching is to be used.<br />
For more information on<br />
setting up sdaemon threads, see the [http://www.sirius-software.com/maint/download/siri.pdf Sirius Mods Installation Guide].<br />
<br />
It is clear then, that login caching is no panacea, and in<br />
fact, steps should be taken to keep down the number of threads<br />
used up by <var class="product">Janus Web Server</var> login caching.<br />
Unfortunately, the connectionless<br />
nature of the web protocol makes this difficult.<br />
There is no<br />
such thing as a web logout, and there is no way to determine<br />
when the end-user has gone to another web site, exited the<br />
browser, or even turned off his or her workstation.<br />
<br />
Because of these issues, control of login caching must<br />
come through timeouts and system and user limits on cached<br />
login sessions.<br />
These controls are set with port parameters<br />
that are specified on the <var>[[JANUS DEFINE]]</var> command.<br />
<table class="syntaxTable"><br />
<tr><th><var>WEBLOGHOLD</var><br />
</th><td>You specify this parameter followed by the length of time (in seconds) that a cached login should be saved for re-use on a web connection. The default for <var>WEBLOGHOLD</var> is 0, which means that login caching is not used for the port.<br />
<p><br />
<var>WEBLH</var> is a synonym for <var>WEBLOGHOLD</var>. </p><br />
</td></tr><br />
<tr><th><var>WEBLOGMAX</var><br />
</th><td>You specify this parameter followed by a number that indicates the maximum number of cached login sessions to be held for a single user. This parameter has no effect unless the <var>WEBLOGHOLD</var> parameter is set to something other than 0.<br />
<p><br />
Since a single web page can contain many images, and since browsers often request images on a page in parallel, a single request for such a login-protected page can result in multiple simultaneous logins for a userid. Login caching would then hold these logins, tying up several sdaemons in the process.</p><br />
<p><br />
<var>WEBLOGMAX</var> prevents more than the indicated number of sdaemons to be used for a single user's requests. All login-protected requests for a user are then threaded trough <var>WEBLOGMAX</var> users. This is generally not a problem since the typical bottleneck for most requests is network bandwidth, and multi-threading requests for a single user does not alleviate network bandwidth problems.<br />
<p><br />
<var>WEBLM</var> is a synonym for <var>WEBLOGMAX</var>. </p><br />
</td></tr><br />
<tr><th><var>WEBSDMAX</var><br />
</th><td>This parameter indicates the maximum number of sdaemons to be used for cached web logins. This parameter has no effect unless the <var>WEBLOGHOLD</var> parameter is set to something other than 0.<br />
<p><br />
Since there is no upper limit to the number of login requests that can come into a web port at a given instant, it is quite possible for a flurry of login requests to tie up every sdaemon, causing multiple problems including that it makes it impossible for people to connect to any Janus port. <var>WEBSDMAX</var> limits the number of sdaemons that will be used by a port for cached logins.<br />
If a new cached login is required, and <var>WEBSDMAX</var> will be exceeded, the oldest cached login session will be discarded, even if <var>WEBLOGHOLD</var> seconds has not been reached for that session. </p><br />
<p><br />
The default for <var>WEBSDMAX</var> is half the number of sdaemons defined to the Online. If sdaemons are used heavily for other purposes in the Online or there are multiple ports using the login caching facility, <var>WEBSDMAX</var> should be adjusted down. </p><br />
<p><br />
<var>WEBSM</var> is a synonym for <var>WEBSDMAX</var>. </p><br />
</td></tr></table><br />
<br />
The typical strategy in setting these parameters is to set<br />
<var>WEBLOGHOLD</var> high enough so that external authorizer logins<br />
are avoided, but not so high that too many threads are<br />
tied up with cached login sessions.<br />
An alternate strategy<br />
might be to set <var>WEBLOGHOLD</var> arbitrarily high but to set<br />
<var>WEBSDMAX</var> fairly low (perhaps some number less than the<br />
number of servers in the Online), limiting the number<br />
of cached login sessions for the port.<br />
This would have the<br />
effect of allowing cached login sessions a longer lifetime<br />
when the system is not busy than when it is.<br />
This would also<br />
have the effect of reducing the likelihood of login-caching<br />
related server swapping.<br />
<br />
<var>WEBLOGMAX</var> should also be used to limit the overhead associated<br />
with simultaneous logins for the same browser, when a<br />
browser requests several login-protected images on a page<br />
in parallel.<br />
Another way to combat this problem is to<br />
simply not login protect images, since generally these<br />
do not contain secure information anyway.<br />
==WEBPUBLOG and login caching==<br />
The <var>WEBPUBLOG</var> parameter is used to force a "real" login<br />
for the <var>WEBUSER</var> userid for public URL requests.<br />
This means<br />
that the <var>WEBUSER</var> userid is validated either in CCASTAT or<br />
with an external authorizer for public URLs.<br />
This type of<br />
login is done as a trusted login so no password is required.<br />
<br />
There are several reasons for setting the <var>WEBPUBLOG</var> parameter<br />
that have nothing to do with login caching, but this parameter<br />
also has an interaction with the login caching facility.<br />
Specifically, if <var>WEBPUBLOG</var> is set for a port that is also<br />
using login caching, login caching will also be used for<br />
the <var>WEBUSER</var> logins associated with public URLs.<br />
This lets <var>WEBUSER</var> logins get the same benefits: avoiding<br />
repeated external authorizer calls, and improved monitoring<br />
and auditing of <var>WEBUSER</var> sessions.<br />
<br />
One problem associated with using <var>WEBPUBLOG</var> in conjunction<br />
with the login caching facility occurs while trying to<br />
enforce the <var>WEBLOGMAX</var> parameter.<br />
Since <var>WEBLOGMAX</var> limits the<br />
number of simultaneous cached login sessions for each user,<br />
it becomes essential to be able to distinguish users<br />
from each other to determine if requests originate from<br />
the same place.<br />
This is generally easy with login protected<br />
URLs, since (generally) each user will be using a different<br />
userid, and the userid uniquely identifies a browser session.<br />
<br />
With cached <var>WEBUSER</var> userid logins, however, the userid is<br />
no help in distinguishing browser sessions.<br />
Because of<br />
this, <var class="product">Janus Web Server</var> also uses the browser's IP address in distinguishing<br />
browser sessions and so enforcing <var>WEBLOGMAX</var>.<br />
Unfortunately,<br />
if several browsers are going through the same proxy server,<br />
all the browsers' IP addresses appear to be that of the proxy<br />
server.<br />
In this case, it is impossible to distinguish the individual<br />
browser sessions for the enforcement of <var>WEBLOGMAX</var>.<br />
<br />
This problem can be solved by the use of the <var>WEBCOOKID</var> parameter<br />
on the port definition, which instructs <var class="product">Janus Web Server</var> to send browser<br />
requests with cached login sessions a special session cookie<br />
that uniquely identifies the browser.<br />
Each browser would then<br />
send this session cookie back to <var class="product">Janus Web Server</var> on subsequent requests,<br />
allowing it to be used to distinguish multiple browser sessions,<br />
even if they are going through the same proxy server.<br />
<br />
Using <var>WEBCOOKID</var> can be problematic at sites where end-users<br />
have browsers that don't support cookies or where end-users have<br />
turned off cookie support in their browsers.<br />
Fortunately, neither<br />
of these is likely in most cases, so <var>WEBCOOKID</var> should be<br />
a workable means of distinguishing browsers in most cases.<br />
<br />
==Login caching and data persistence==<br />
It might be tempting to use the login caching facility to<br />
achieve data persistence, which is typically not available for<br />
web threads.<br />
That is, it might be tempting to use<br />
global variables, images, foundsets, or lists that can be<br />
retrieved on subsequent requests.<br />
<br />
While tempting, this is not possible.<br />
Even though web login caching<br />
avoids doing a real logoff at the end of a request for a page, it<br />
does '''all''' the normal cleanup that is part of a logoff.<br />
This includes cleanup of global variables, images, lists, and foundsets.<br />
There are several reasons for this:<br />
<ul><br />
<li>It eliminates the need for web applications to worry about<br />
things that are "laying around"<br />
in a server as the result of previous requests.<br />
These include table sizes, parameter settings, global variables, etc.<br />
<li>There is no way to ensure that a subsequent request will<br />
find the old cached login session still there.<br />
As such, even if<br />
data were allowed to persist in cached login sessions, applications<br />
would still have to cache the data elsewhere in case the old<br />
session was not found.<br />
This would have rendered this capability<br />
somewhat pointless anyway.<br />
<li>By setting tables back down to the (hopefully) low default<br />
sizes, the amount of data that might need to be server-swapped for<br />
the cached login session is significantly reduced.<br />
</ul><br />
<br />
In any case, web technology provides several convenient ways<br />
of stashing persistent data on a browser.<br />
These include cookies, invisible form fields, and isindex data.<br />
In cases where the<br />
quantity of data is too great for this to be practical, <var class="product">Model 204</var><br />
work files can be used.<br />
Where it is desirable to save <var class="product">Model 204</var><br />
lists or found sets, <var class="product">Janus Web Server</var> provides [[Janus Web Server Saved Record Set<br />
Support|"Saved Record Set Support"]].<br />
<br />
[[Category:Janus Web Server]]</div>JAL2