Sunday, October 19, 2014

Cookieless Session Vs Cookie Session

Reconstructed MSDN Understanding:-

Simple E.g. You go in pub and you handover your jacket in a counter .To get your jacket back you get some token as a reference. Similarly we have session id which is generated on request made to server and it is placed cookies.

Quick Take:-

Cookie Session

1. Cookie store session id and it identify session data from server for each request and response. User agent browser to server.

2. If Session object is not created or used apart from session_start , for each new requests it creates new session IDs. Hence it is require to create session object either in session_start or any part of application.


Cookie Less Session

1. In this case session id is static and remain same for entire session period
2. Session id is stored in URL for each request and response.

There can be possibilty when there is device where cookies are disabled and in such scenario we can make use of Cookie less session. There is feature itself in asp.net by using Autodetect for UseDeviceProfile.

http://msdn.microsoft.com/en-us/library/system.web.sessionstate.httpsessionstate.sessionid(v=vs.110).aspx

http://www.iis.net/learn/application-frameworks/scenario-build-an-aspnet-website-on-iis/planning-step-2-plan-asp-net-settings

http://msdn.microsoft.com/en-us/library/vstudio/ms178581(v=vs.100).aspx

http://blogs.msdn.com/b/jaskis/archive/2009/12/23/securing-session-id-asp-asp-net.aspx

Saturday, October 18, 2014

FactFile SessionID in Asp.net and SqlServer SessionState


Facts to be remember. While dealing with session always keep below factfile into consideration.

I created a variable in the Session_Start in the global.asax file:
var sessionID = Session.SessionID;
 
I found the following data while debugging the application:

ASP.NET generated : lehxv4so4ioi2gqqaxtjzhyo
SQL Server saved  : lehxv4so4ioi2gqqaxtjzhyo84497b6f
 
 
lehxv4so4ioi2gqqaxtjzhyo84497b6f
in bold is your sessionid and in italics is the application id
the extra 8 bytes are the applicationid
 

SQL Server Session Tables

ASPStateTempSessions
ASPStateTempApplications
 

SQL Server Session Database


tempdb database in SQL Server by default

If we using webfarm and out proc session, ensure machine key across server instance is unique.

http://www.codeproject.com/Articles/104082/Configuring-ASP-session-state-on-SQL-server

 

IIS Debugging -WET Tracing For IIS

IIS Debugging
 
Whenever you have to check the request serving and find out how http pipeline processed at kernel aswell as user mode level using this options
Ofcourse HTTPERR log , httpsys and iislogs and Perfmon will be of great use. But this comes very handy.
 
 
c:\> logman stop httptrace -ets
The command completed successfully.
c:\> tracerpt.exe trace-output.etl -of XML -o trace-output.xml
c:\> logman start httptrace -p Microsoft-Windows-HttpService 0xFFFF -o trace-output.etl -ets
The command completed successfully.
 

Session Variables vs Session Timeout vs Session Mode

Recent time i had tough time dealing with sessions in asp.net , especially when it is product related to sitecore where we have complex setup with mulitple instance within same app domain and website.
The reason why I m pondering on session variables vs Session timeout vs session mode is something we need to be extra careful when identifying the problem at the same time understanding it. This is where you start your right investigations.

What I know, as this session things are such we rarely come across with issues and it becomes history by the time we forget the concepts inline with asp.net same applies to cookies and caching. We tend to forget them as we don't apply them very frequently. Telling long story shorts!

We got into trouble with session and we assumed and presummed it was session timeout -expiry issue as it is getting timeout after every 2 minutes. This is what we have been thinking and taking are investigation ahead.

Then later stage we realized we haven't gave much thoughts session mode.

Remember there is settings for session IIS aswell as in web.config , sometimes it do not sync. Check that aswell.

Coming back session mode, we have two session mode one In-Proc and Out-Proc
Now Out-Proc can be two ways to setup one is SessionState= StateServer that is done through asp.net state Service in Run-> Services.msc and it is kind of window service run outside of IIS.Hence there is no question of app pool recycle or app domain restart or bin changes as it is out proc your session still alive for given time period.

Same applies for out proc mode with SessionState= SQLServer where we store session in sql server. In Master aspnetTempsession.There is two tables where it has applicationsession table and its corresponding mapping in aspnetTempsession. May be one can look into this in details..SQL Server Agent plays crucial role as there is job which manages session managment at large.


http://www.c-sharpcorner.com/UploadFile/2124ae/out-of-process-session-state-in-state-server-in-Asp-Net/
The above is some overview as I learnt it in hard way after such a long experience in .net

After understanding the above concepts we got to know we were following wrong directions as we didn't got our problem statement right.
My application was using Out Proc and problem still persisted , timeout was again 2 minutes and still we haven't got into the bottom of it.

Soon we came up with different strategy we added trace response.write in staging env we just capture session ID and aswell as did lookup what happing in background using sql profiler trace.

Here is the catch!
We found that Session.ID still available as is for timeout period=20 minutes whereas session variables are setting it to null every time after 2 minutes..My investigation and probing --debugging the root cause is still on-- Need to reveal yet!

?

Hence I kept emphasing on verdict of be Sure, doubly sure what is it , is it related to session expiry or Session variables or session mode(Incorrectly set)

We you are using In- Proc,
Check Tezz Fernandez blogs. for sure we will get some idea how to resolve your issues.
http://blogs.msdn.com/b/tess/archive/2006/08/02/asp-net-case-study-lost-session-variables-and-appdomain-recycles.aspx

Some Scott Gutrie Way
http://weblogs.asp.net/scottgu/433194

On Some Tracing Event window Tracing
c:\> logman stop httptrace -ets
The command completed successfully.
c:\> tracerpt.exe trace-output.etl -of XML -o trace-output.xml
c:\> logman start httptrace -p Microsoft-Windows-HttpService 0xFFFF -o trace-output.etl -ets
The command completed successfully.
 
Signing Off
Santosh Poojari

 

Windows Azure Storage Issue with Micirosoft.DataServices.Client loading assembly


Summary-
This problem is most common with windows Azure SDK version where it get conflicts with versions of dll related to Micirosoft.DataServices.Client . As a temporary get away to this problem is to just exclude it from runtime tags in your app.config or web.config. Beware you need again need to fix if you have to deploy this to production environment.

Sometime update to Nuget package doesn't work the way we want.

http://www.dinohy.com/post/2014/04/02/Windows-Azure-Could-not-load-file-or-assembly-MicrosoftDataServicesClient-Version=5600.aspx

Friday, September 5, 2014

Wow ! Background Task in Separate thread in Asp.net web form

Its unfortunate that I never used threading to that extent as most of my work involved in web platform with very little to do with threading and task parallelism. Still there are cases where this Background Task can come handy. Now it depends.

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.IO;

using System.Threading;



 
 
public partial class _Default : System.Web.UI.Page



{
 
protected void Page_Load(object sender, EventArgs e)



{
 
//We started this task in separate thread which will not interfere in web page usual activity.

//We can still perform all operations and this below task will run in background.

BackgroundTest longTest = new BackgroundTest(50);

Thread backgroundThread = new Thread(new ThreadStart(longTest.RunLoop));

backgroundThread.Name = "BackgroundThread";

backgroundThread.IsBackground = true;



backgroundThread.Start();
 
Label1.Text = "end";



}
 
///


/// Non Stoppable Button click..I mean we can still perform this operation

/// independent of below background thread.

///

///

///

protected void Button1_Click(object sender, System.EventArgs e)



{
 
Response.Write("Som Button Click");



}
 
///


/// Background Thread

///

class BackgroundTest



{
 
int maxIterations;

public BackgroundTest(int maxIterations)



{
 
this.maxIterations = maxIterations;
}
 
public void RunLoop()



{
 
String threadName = Thread.CurrentThread.Name;

for (int i = 0; i < maxIterations; i++)



{
 
Thread.Sleep(25000);



}
 
System.IO.File.AppendAllText("E:/test", DateTime.Now.ToString());



}

}

}
 

Unity Dependency Injection Resolve

Unity Dependency Injection has given us lot of flexibility in terms of customizations and suits to our requirement. There has been good reference and api for Unity MVC , Web API and WCF service. Here is the good free online e-book to start from scratch. It covers everything from DI, AOP, exception handling, caching and customization.


http://blogs.msdn.com/b/agile/archive/2013/08/20/new-guide-dependency-injection-with-unity.aspx

If you looking for creating instance with Unity DI for any class this is what we must do.

Injection constructor
Injection Methods


Few things to keep in mind.
1. We register interface/Class for object reference.
2. We set resolver for each class object
3. We get the resolver.

Option 1
public class MyObject
{

  public MyObject(SomeClassA objA, SomeClassB objB)
  {
    ...
  }

  [InjectionConstructor]
  public MyObject(DependentClassA depA, DependentClassB depB)
  {
    ...
  }

}
IUnityContainer uContainer = new UnityContainer();
MyObject myInstance = uContainer.Resolve();
Option 2


IUnityContainer container= new UnityContainer();
container.RegisterType<MyObject>(
               new InjectionConstructor(
               new ResolvedParameter<DependentClassA>(), new ResolvedParameter<DependentClassB>()));
               var instance= container.Resolve<MyObject>();
 
We can even have global configuration to resolve all our object instance for any class library.