Home Community Discussion Forums Most Active Software Boards LabVIEW Topic

LabVIEW

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP GET efficiency and credentials BUG

HTTP GET efficiency and credentials BUG

‎01-05-2011 12:45 PM

I am using the native LabVIEW 2010 HTTP API and was looking at the logs of my server (I provided a user name and password) at 192.168.124/labview.ide

 

192.168.1.24 - - [05/Jan/2011:19:29:05 +0100] "GET /LVWSAuthSvc/GetAggregateUserPermissions?username= HTTP/1.1" 401 749 "-" "-"
192.168.1.24 - - [05/Jan/2011:19:29:05 +0100] "GET /labview.ide HTTP/1.1" 401 749 "-" "National Instruments LabVIEW"
192.168.1.24 - ********* [05/Jan/2011:19:29:05 +0100] "GET /labview.ide HTTP/1.1" 404 450 "-" "National Instruments LabVIEW"

 If I look at these logs, there are sevaral things noticable:

  1. I perform 1 GET action in LabVIEW, yet 3 GETs are done in HTTP
  2. The first GET is done to something specifically native to LabVIEW (I think):  /LVWSAuthSvc/GetAggregateUserPermissions?username= however this is done without using the credentials supplied: resulting in a 401 error
  3. The second GET is done on the correct URL, and the client (LabVIEW) identifies itself as such, however again without using the credentials supplied (401) (second - )
  4. The third GET is done at the right URL with the right credentials (I changed the username to ******)

Now this might be an issue, what if there is a /labview.ide which returns a succeeding HTTP code (200) for an unauthenticated user (GET no. 2), however it returns a different page when running as a different user (GET no. 3).

Is LabVIEW performing the third GET (with the right credentials) when the second GET (without credentials) is returning a succeeding HTTP code ?

NO:

 

Here's a log where I GET the /robots.txt of a server (while supplying a username):

192.168.1.24 - - [05/Jan/2011:19:41:52 +0100] "GET /LVWSAuthSvc/GetAggregateUserPermissions?username= HTTP/1.1" 404 478 "-" "-"
192.168.1.24 - - [05/Jan/2011:19:41:52 +0100] "GET /robots.txt HTTP/1.1" 200 260 "-" "National Instruments LabVIEW"

After a successfull GET LabVIEW stops, and doesn't bother to use the supplied credentials.

 

Concluding I have 2 concerns:

-GETTING efficiency

-GETTING the page without using credentials

 

Ton

Free Code Capture Tool! Version 2.1.3 with comments, web-upload, back-save and snippets!
Nederlandse LabVIEW user groep www.lvug.nl
My LabVIEW Ideas

LabVIEW, programming like it should be!
0 Kudos
Message 1 of 2
(2,617 Views)
Reply

Re: HTTP GET efficiency and credentials BUG

‎02-02-2011 01:42 AM

Hi,

 

Have you found anything new concering the topic?

 

-Matti

0 Kudos
Message 2 of 2
(2,528 Views)
Reply