Fast OAuth with RPE 1.2.1.1


RPE 1.2.1.1 contains an experimental feature called “Fast OAuth” which can provide a very consistent performance boost to reports that need to make multiple requests , via Dynamic Data Sources, to retrieve resources from the same application that uses OAuth for authentication.

NOTE: it is possible that applications use multiple authentication methods for their different components/APIs. For example you can have applications that use OAuth for their Web UIs and Form/Basic Authentication for the Reportable REST APIs.  For this feature it’s the Reportable REST APIs authentication that has to be OAuth.

The time gains you can achieve depend on the number of resources you need to retrieve and the network speed. The more requests RPE has to make to the server and the farther the server is from the RPE machine the larger the gains will be. In our tests a 3+ hours report was finished in ~1 hour after enabling the fast authentication.

NOTE: This applies to running reports from RPE and not to RRDG reports as in that context the authentication  is already a 1 step process.

You need to opt in this feature and you do this by defining the com.ibm.rational.rpe.fastauth Java property. If you are running your reports through Launcher/Studio this can be done by adding the following line in the rpe-launcher.ini and rpe-studio.ini files:

-Dcom.ibm.rational.rpe.fastauth=true

With this feature enabled RPE will go through the authentication process only once for a given data source within a single document generation process. Once the initial authentication is done RPE will use the OAuth authentication cookies obtained with each subsequent request.

To better understand the impact on performance you need to know that each OAuth authentication takes several distinct GET requests to complete. Assuming your report requires to retrieve 1000 resources ( to take all test cases for example) from the same application this translates into 3000 or more actual GET requests made to the server. With com.ibm.rational.rpe.fastauth enabled the number is reduced to ~1000 GET requests.

Fast Auth Disabled Fast Auth Enabled
  1. request 1
    • OAuth Step 1
    • OAuth Step 2
    • OAuth Step N
    • retrieve actual data
  2. request 2
    • OAuth Step 1
    • OAuth Step 2
    • OAuth Step N
    • retrieve actual data
  3. request 3
    • OAuth Step 1
    • OAuth Step 2
    • OAuth Step N
    • retrieve actual data
  1. request 1
    • OAuth Step 1
    • OAuth Step 2
    • OAuth Step N
    • retrieve actual data
  2. request 2

    • retrieve actual data
  3. request 3
    • retrieve actual data

For now this feature is limited to the OAuth authentication method but we plan to be extend it to Form authentication in the future as internal tests show very consistent gains for that authentication type as well.

In conclusion if your report retrieve data from applications  that use OAuth for their Reportable REST APIs you should enable this feature as it can provide consistent performance boosts to your reports.

Advertisements

Author: Dragos Cojocari

Architect for Rational Publishing Engine

5 thoughts on “Fast OAuth with RPE 1.2.1.1”

  1. Are there any drawbacks or negatives to just setting this flag in your RPE instance and never changing it? Or to ask the question another way, why wouldn’t you just always want to use Fast OAuth? I’m just trying to understand if this is a new feature that needs to be folded into RPE (like that “New PDF” driver from a couple of releases ago that just became the standard PDF driver), or if there are potential drawbacks/issues that need to be considered. Thanks!!

    1. I was expecting this question Geoff. 🙂

      The only reason we have not documented this and we have not enabled it by default is that we added it fairly late in the release cycle and we were not able to test it as much as we wanted.

      I made this post now as we are confident with the level of testing we’ve made post GA.

      With our next release this feature will be enabled by default and will be extended to form authentication as well.

  2. Wow! The best feature yet. Document generation is much faster now.

    The only drawback I have seen is that it doesn’t work out of the box with RQM RESTv2 datasources that I used with OAuth to get test case information of linked DOORS requirements (like /qm/oslc_qm/contexts/…/resources/com.ibm.rqm.planning.VersionedTestCase). Using the ‘OAuth’ or ‘OAuth-OSLC’ method gives an error when FastOAuth is enabled but ‘Form’ authentication works.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s