Simultaneous access to Orient leads to 401 errors

[Gaurav Dhiman]

During initializing my app , I do some simultaneous async HTTP/REST access to OrientDB.

It leads to below behavior.

First HTTP/REST call succeed, all others return with 401 HTTP error. Later if I do the same calls through browser, they all succeed.

Why can not we access OrientDB multiple times at same time ? I am using server defined function to access OrientDB over HTTP/REST.

Attached is the screenshot of chrome debugger.

Regards,

Gaurav

[Luca Garulli]

Hi,

Server side functions are multi-thread. How can I reproduce this behavior?

Lvc@

--

---
You received this message because you are subscribed to the Google Groups "OrientDB" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orient-databa...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Gaurav Dhiman]

@Lvc, Below is the client code (AngularJS) used.

==============

$scope.getInitialData = function() {

        if (window.appInitialized) {

            return;

        }

        window.appInitialized = true;

        // Get all businesses of logged-in user

        url = $scope.getAbsoluteBackendURL('function/fsdb/getbusinessesofmerchant');

        $http.get(url)

            .success(function(data, status) {

                if ((status == "200") && (data.result.length) && (data.result.length > 0)) {

                    data.result = cleanJSON(data.result);

                    $scope.businesses = data.result;

                } else {

                    $scope.businesses = [];

                }

            })

            .error($scope.ajaxErrorHandler);

        // Get all products of logged-in user

        url = $scope.getAbsoluteBackendURL('function/fsdb/getproductsofmerchant');

        $http.get(url)

            .success(function(data, status) {

                if ((status == "200") && (data.result.length) && (data.result.length > 0)) {

                    data.result = cleanJSON(data.result);

                    $scope.products = data.result;

                } else {

                    $scope.products = [];

                }

            })

            .error($scope.ajaxErrorHandler);

        // Get all base products in DB, across all vendors.

        url = $scope.getAbsoluteBackendURL('function/fsdb/getallbaseproducts');

        $http.get(url)

            .success(function(data, status) {

                if ((status == "200") && (data.result.length) && (data.result.length > 0)) {

                    data.result = cleanJSON(data.result);

                    $scope.baseProducts = data.result;

                } else {

                    $scope.baseProducts = [];

                }

            })

            .error($scope.ajaxErrorHandler);

        // Get all master countries

        url = $scope.getAbsoluteBackendURL('function/fsdb/getallcountries');

        $http.get(url)

            .success(function(data, status) {

                if ((status == "200") && (data.result.length) && (data.result.length > 0)) {

                    data.result = cleanJSON(data.result);

                    $scope.masterCountries = data.result;

                    alert("No. of Countries - "+data.result.length);

                } else {

                    $scope.masterCountries = [];

                }

            })

            .error($scope.ajaxErrorHandler);

    };

==============


On server end, the called functions are simple function that return records based on some select query. Below is one example:

=========================

// Returns business listing of currently logged-in merchant

user = request.getUser();

if (user) {

  var businesses = db.query("SELECT FROM business WHERE user.name = ?", user);

  return businesses;

}

return [];

=========================

I hope it will help you to reproduce the issue.

Regards,

Gaurav

[Gaurav Dhiman]

Luca,

Were you able to re-produce the issue with the code that I shared ?

I am hitting road block with OrientDB on every turn, lowering my confidence on it.

Before Orient I was using Wakanda, the only issue with that was scaling out that turned me to explore other DB like Arango and Orient. Making Orient work is not as easy as with Wakanda. It will be great if Orient can have its feature set along with ease of Wakanda.

Regards,

Gaurav

[Gaurav Dhiman]

@Luca,

Sorry for bothering you, but its imp for me.

Any update on this ?

Regards,

Gaurav

[Luca Garulli]

Hi Gaurav,

in order to have more chance to have a fast answer, can you provide something we can reproduce in short time?

If you send us a Angular.js snippet I should:

1) download Angular.js

2) understand how it works

3) create a HTML page

4) copy your snippet on it

5) hacking to get it working

Can you reproduce the problem for example using ab (by Apache) that is part of our distribution under "benchmarks" ?

Lvc@

[Gaurav Dhiman]

Luca, sure I will provide you the running test case soon.

Regards,

Gaurav

--

---
You received this message because you are subscribed to a topic in the Google Groups "OrientDB" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/orient-database/NRYFZtqwNXM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to orient-databa...@googlegroups.com.

[Gaurav Dhiman]

While developing short testcase for this case, I noticed the issue comes only if I am doing simultaneous async calls to OrientDB without Authorization header in HTTP request.

If I give Authorization header in each simultaneous aync call, it works fine.

If I do not give Authorization header, only the first call succeed rest all return 401 error.

Any reason for it ? I will soon share the test case.

Regards,

Gaurav

Regards,

Gaurav

To unsubscribe from this group and stop receiving emails from it, send an email to orient-database+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

---
You received this message because you are subscribed to a topic in the Google Groups "OrientDB" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/orient-database/NRYFZtqwNXM/unsubscribe.

To unsubscribe from this group and all its topics, send an email to orient-database+unsubscribe@googlegroups.com.

[Luca Garulli]

The rule is that the first call MUST have Authorization header, and at first call OrientDB returns the OSESSIONID. On further calls just pass this header containing the OSESSIONID in the request and OrientDB will skip the authentication.

Lvc@

[Luca Garulli]

Take a look at: https://github.com/orientechnologies/orientdb/wiki/OrientDB-REST#authentication-and-security

Lvc@

[Gaurav Dhiman]

Hi Luca,

I know what you mentioned and before making these simultaneous async calls to OrientDB, connection to DB is once established using Authorization header.

Attached is the testcase. Below are the steps to run testcase:

1. Kindly unzip the file and place the testcase folder under apache web root.

2. Define database "test" in OrientDB.

3. Define functions "authenticate", "func1", "func2", "func3", "func4" in test DB. just return true in each function as we just need to make calls to these function and have nothing to do in these functions. If you see in index.js, always first call to OrientDB is done to "authenticate" function with Authorization header to get OSESSIONID, all other calls are done after that

4. Enable CORS in OrientDB server in its config file

5. Access the index.html under testcase folder through apache in browser - http://localhost/testcase

6. Open chrome debugger console. Go to network tab to see all network calls.

7. Click "Start test" button in browser page (once with "With Authorization Header" and once without it to see the difference)

8. observe the network communication in chrome console.

You will notice that when you click "Start testcase" without "With Authorization Header" checkbox checked, only the first call succeeds rest all calls done in parallel returns 401 error.

Question:

In both case (with and without Authorization header), I establish connection to DB  to have valid OSESSIONID, then why after that if I make simultaneous aync calls, only first call succeeds and rest all returns 401 (where as I already authorized earlier). See the code of index.js to know details of calls done to OrientDB.

Regards,

Gaurav

On Wed, Apr 2, 2014 at 4:28 AM, Luca Garulli  wrote:

Take a look at: https://github.com/orientechnologies/orientdb/wiki/OrientDB-REST#authentication-and-security

Lvc@

To unsubscribe from this group and all its topics, send an email to orient-databa...@googlegroups.com.