FIX: Web Services Performance When You Use Authentication

This article has been archived. It is offered "as is" and will no longer be updated.
When you require integrated authentication on the computer running Internet Information Services (IIS) that hosts your Web services, a 350 millisecond (ms) delay occurs on the "second leg" NTLM authentication request.
This problem occurs because of the client classes support for the "100 continue" header and nagling.
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem.

To resolve this problem, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version       Size       File name   ------------------------------------------------------------------------   10-Dec-2002  10:08  1.0.3705.385  1,171,456  System.dll   10-Dec-2002  10:09  1.0.3705.385    311,296  System.runtime.remoting.dll   10-Dec-2002  10:13  1.0.3705.385    503,808

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
More information
This hotfix has support for the following machine.config switches:
 <servicePointManager expect100Continue="true"|"false"/><servicePointManager useNagleAlgorithm="true"|"false"/> The default setting for both of these switches is "true". To enable the hotfix functionality in the config both switches need to be set to "false". This hotfix also requires a new <settings> section in the <> portion of machine.config. They need to be placed in the new section as follows:  <>    <settings>        <servicePointManager useNagleAlgorithm="false"/>        <servicePointManager expect100Continue="false"/>    </settings></> Finally, in order for the .NET Framework to recognize this new section a settings sectionGroup handler needs to be added to the <configSections> portion of machine.config: <sectionGroup name="">            <section name="authenticationModules" type="System.Net.Configuration.NetAuthenticationModuleHandler, System, Version=1.0.3300.0,Culture=neutral, PublicKeyToken=b77a5c561934e089" />            <section name="defaultProxy" type="System.Net.Configuration.DefaultProxyHandler, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />            <section name="connectionManagement" type="System.Net.Configuration.ConnectionManagementHandler, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />            <section name="webRequestModules" type="System.Net.Configuration.WebRequestModuleHandler, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />            <section name="settings" type="System.Net.Configuration.NetConfigurationHandler, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /></sectionGroup>				

Article ID: 810814 - Last Review: 11/02/2013 00:02:00 - Revision: 2.0

Microsoft .NET Framework 1.0

  • kbnosurvey kbarchive kbhotfixserver kbqfe kbfix kbbug KB810814