Hello,
we have strange issue with AppServer Rest API. We are using "DialogUser" authentication module. There are permissions for two custom views and permissions for running script which checks validity of the account on a specific date. External partner, for which this API was provided, does following steps:
- Login to get the session
- Calls following API for each active user (aprox. 3200 users ) - at the end it is number of users x 3 calls = 9600:
- api/entities/View1?where=PersonnelNumber='" + ID+ "'&loadType=BulkReadOnly"
- api/script/CCC_IsAccountValid - with parameter date
- api/entities/View2?where=PersonnelNumber='" + ID+ "'&loadType=BulkReadOnly"
- Log out when everything is completed.
At some point, the result of the call is "Unauthorized" (not as status code, but as plain text), but the next call without any additional authentication is again successful. Failed call happens every 30-34 calls. From the trace log I can't see nothing suspicious. Unauthorized calls, that didn't have proper authorization are clearly seen in logs - for example if they don't call the authentication.
DialogUser permissions:
- View permissions on views and all related columns
- AppServer API
- Common_StartScripts
Thank you,
Jernej