Bug: Nondeterministic Invalid User exception querying image Exif

luke_churchluke_church Registered Users Posts: 507 Major grins
edited September 19, 2005 in SmugMug API Support & Integrations
Note: This could be a subtle re-occurance of the query slave bug. If this is the case, IMHO, the code is returning the wrong fault code.

Description: Querying the Exif of an image owned by the owner of the SessionID, non-deterministically causes Invalid User Fault codes to be returned.

Interestingly, other queries to public galleries would succeed, so it's not a session rejection. It looks as if the session information is only verified to access private information, and that the session information hasn't updated on the slaves.

If this is the case, I would have prefered an Invalid Session Fault exception, rather than something that implies that the session is valid, but doesn't have the appropiate rights.

To verify whether this was a timing issue, I ran some statistics tests:

Code that did:
-Login, Attempt get private Exif, Logout, succeeded: 7/100 times
-Login, 2*get public Exif, Get private Exif, Logout, succeeded: 53/100 times
-Login, Sleep 1 second, 2*get public Exif, Get private Exif, Logout, suceeded: 90/100 times

NB. This is not a security issue. GetExif queries against another user's private account always failed.

Due to financial constraints, I'm only testing against a standard account, please can someone run these tests against a pro account with 'Hide Exif' set.

Statistics produced using XML-RPC 1.1.1.

Issue replicated on XML-RPC 1.1.0

The XML is all behaving itself, so I haven't included it. If it would help, let me know and I'll post some.

Cheers,

Luke
Photography: www.lukechurchphotography.com
SmugSoftware: www.smugtools.com

Comments

  • shahineoshahineo Registered Users Posts: 38 Big grins
    edited September 14, 2005
    Can we have an update on this problem? My app is failing 9 out of 10 times when I try and call any of the APIs after getting a session.
  • luke_churchluke_church Registered Users Posts: 507 Major grins
    edited September 14, 2005
    shahineo wrote:
    Can we have an update on this problem? My app is failing 9 out of 10 times when I try and call any of the APIs after getting a session.
    Omar,

    I think this is more likely to be a instance of the Slave-Query bug, especially, as if I remember rightly, Send-To-Smugmug relogins frequently?

    The bug report is here: http://www.dgrin.com/showthread.php?t=18387

    The solution I'm using at the moment, which I guess is going to be painful for you is to add a 60 seconds thread-sleep between login and making a request. 15 seconds works fine if things aren't busy...

    This afternoon, I hit bad failure rates again, but I don't think I've had one since moving to 60 seconds (out of several thousand calls)

    Hope this helps,

    Luke
    Photography: www.lukechurchphotography.com
    SmugSoftware: www.smugtools.com
  • shahineoshahineo Registered Users Posts: 38 Big grins
    edited September 18, 2005
    luke_church wrote:
    Omar,

    I think this is more likely to be a instance of the Slave-Query bug, especially, as if I remember rightly, Send-To-Smugmug relogins frequently?

    The bug report is here: http://www.dgrin.com/showthread.php?t=18387

    The solution I'm using at the moment, which I guess is going to be painful for you is to add a 60 seconds thread-sleep between login and making a request. 15 seconds works fine if things aren't busy...

    This afternoon, I hit bad failure rates again, but I don't think I've had one since moving to 60 seconds (out of several thousand calls)

    Hope this helps,

    Luke
    That's going to be hard since immediatley after login I need to get the album list, categories, subcategories, account status etc.

    The only think I can think of doing is to cache this data between sessions, but I'd rather not do that...
  • avonwyssavonwyss Registered Users Posts: 12 Big grins
    edited September 18, 2005
    shahineo wrote:
    That's going to be hard since immediatley after login I need to get the album list, categories, subcategories, account status etc.

    The only think I can think of doing is to cache this data between sessions, but I'd rather not do that...
    Via REST API (V 1.1.0), I haven't so far had any problem of this kind if the login was successful (about 1 of 10 identical logins seem to fail with "invalid API key"). However, I havent extensively used it yet, only during development, so I may have been lucky.

    [EDIT]
    Got the same problem now with REST. Too bad.

    [EDIT2]
    I remebered that I was previously using the smugmug.login.withPassword method before, while the failures were with the smugmug.login.withHash. Switched back to withPassword and it seems to be working like a charm again.
  • mwgricemwgrice Registered Users Posts: 383 Major grins
    edited September 19, 2005
    I get it sometimes with smugmug.login.withPassword, too
    avonwyss wrote:
    Via REST API (V 1.1.0), I haven't so far had any problem of this kind if the login was successful (about 1 of 10 identical logins seem to fail with "invalid API key"). However, I havent extensively used it yet, only during development, so I may have been lucky.

    [EDIT]
    Got the same problem now with REST. Too bad.

    [EDIT2]
    I remebered that I was previously using the smugmug.login.withPassword method before, while the failures were with the smugmug.login.withHash. Switched back to withPassword and it seems to be working like a charm again.
    I'm pretty sure it's the synchronization issue between the master and the slave servers mentioned earlier. Typically there's a period of 5-10 minutes where the synchronization gets a little behind, and I'll get a bunch of these errors.

    It does have an almost uncanny knack for happening just after I've made major changes to my code.
Sign In or Register to comment.