i have a web application (mvc4 and .net4.5) on a web farm server and one thing is confusing me, my session id changing whiteout reason and strongly and i lose all user data that i stored them in session state. but it works fine on local machine.
i use this config in my web config:
<sessionState mode="StateServer" customProvider="DefaultSessionProvider"
cookieName="abcd" timeout="120" >
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
and my machine key is this:
<machineKey compatibilityMode="Framework45"
validationKey="702C65CF39B1ED514AC4B92326C3A84B3D88990DDF784AA0895659B528ED95F8CA0A9CD1AF5ED92A2599362684CB8D204AC30D07E6BF0CF65194A5129"
decryptionKey="1C49E6BA2F9423387FBC91389A0C5C8D06B61875BCE4916A40474ED"
validation="SHA1" decryption="AES" />
my session time out is on 120 minutes and i can not find why this happening to my web application.i use my log class to view what happening on my web application and I'm sure
session id changing.
for example when user go to another area or when user want to pay money by online bank payment i redirect it to bank page and when user redirect to my site from bank in same window (i do not open another tab or window to do this) session id changed.
i store small data like user id in my session.
i use this syntax to store session:
HttpContext.Current.Session[System.Web.HttpContext.Current.Session.SessionID] = "abc"
and read by this syntax:
var myval=HttpContext.Current.Session[System.Web.HttpContext.Current.Session.SessionID]
it like that server do no use my config and do itself work.
i want to know is it possible that some configuration may be set on my farm server and it case it do not use my config and do works for itself?
To extend from comment, it looks like you have to configure your web apps correctly as per the following Microsoft Support article
http://support.microsoft.com/kb/325056
With server-side state management, if a client switches servers in the middle of the session, the new server does not necessarily have access to the client’s state information (because it is stored on a different server). You can use multiple servers with server-side state management, but you need either intelligent load balancing (to always forward requests from
a client to the same server) or centralized state management (where state is stored in a
central database to which all web servers have access).
Make sure you have the same MachineKey in all your web servers or else they can't share session data.
The objects you store in the session need to be serializable
Related
I am creating a test version of an existing production site. A virtual web service application exists inside the site - and the two web configs have the same connection string.
There are no "clear" tags in the production web configs and the site and the web service co-exist merrily on two separate app pools.
On the test site however, every time I browse to the webservice URL I receive the Configuration Error "The entry 'ConnectionString' has already been added."
The test site and corresponding virtual application use their own separate app pools. Any ideas?
Thanks
Jim
Web.config inheritance happens even between different appPools.
If you want to stop this behavior, you should add the attribute enableConfigurationOverride="false" to your appPool in the applicationHost.config file (located in %WINDIR%\System32\inetsrv\Config and %WINDIR%\SysWOW64\inetsrv\config) as in the following example:
<add name="MyAppPool" autoStart="true" managedRuntimeVersion="v4.0" managedPipelineMode="Integrated" enableConfigurationOverride="false">
<processModel identityType="NetworkService" />
</add>
Matteo
I think the problem is related that they are one site inside the other. Like a Website with a Virtual Directory inside.
In this case... the Virtual Directory web.config is "inheriting" the parent web.config
Here you can see details of how to solve this: How to stop inheritance of <configSections>in Web.Config
Other options: https://stackoverflow.com/a/367372/7720
If the problem is in other parts of your web.config (not in the sections) you can just wrap the conflicting part with <location path="." inheritInChildApplications="false">.
Other option could be let the webservice grab the connection from the website.
As a follow-up to this post: Enabling co-located Session Caching in an Azure Cloud Service - I'm trying to store session state in Azure Cache to persist sessions between VIP swaps. Quoted from the answer:
To fix this problem, I'd like you to try the new Cache Service
(Preview). In this way you create dedicate cache for your subscription
so that you can use them across cloud service deployments, virtual
machines and websites.
I've set up an Azure Cache (Preview) instance, used its endpoint and primary access key in my web.config, and deployed to my Azure Cloud Service Staging slot.
I then logged in using Forms auth, and redeployed to the same slot. My credentials were persisted! This was great to see.
But then I VIP swapped to Production, logged in the same way to the production instance, redeployed to Staging, VIP swapped again, and then refreshed, expecting to remain logged in, but it didn't work - my session was lost on both production and staging.
I've followed the instructions found here:
http://www.windowsazure.com/en-us/manage/services/cache/net/how-to-in-role-cache/#getting-started-cache-role-instance
What could be causing this? No exceptions are thrown - my access key works (tested by giving it a bogus one and getting an exception)... I'm not sure what's going on. Config sections in web.config:
<sessionState mode="Custom" customProvider="AFCacheSessionStateProvider" xdt:Transform="Insert">
<providers>
<add name="AFCacheSessionStateProvider" type="Microsoft.Web.DistributedCache.DistributedCacheSessionStateStoreProvider, Microsoft.Web.DistributedCache" cacheName="default" dataCacheClientName="default" applicationName="AFCacheSessionState"/>
</providers>
</sessionState>
And:
<dataCacheClient name="default">
<autoDiscover isEnabled="true" identifier="mysite.cache.windows.net" />
<securityProperties mode="Message" sslEnabled="false">
<messageSecurity authorizationInfo="{my key}" />
</securityProperties>
</dataCacheClient>
As for timeout policy - I have it set to never expire with eviction enabled. I'm one of a handful of users and the cache is storing cookies in 128MB of space, so I don't think it's related to expiry.
I also noticed that in the docs, there is no entry for applicationName as I have above. I tried removing it and re-testing, to no avail - my Prod session is still lost upon VIP swap.
What am I doing wrong?
Update:
From a microsoft forum post:
I was able to reproduce the issue. I am investigating.
Forms authentication is not based on session state. It relies only on client-side cookies. Cookies are encrypted and validated with keys specified in machineKey section of web.config.
Default config is:
<machineKey validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps"
validation="SHA1" decryption="Auto" />
AutoGenerate means that each physical machine gets its own decryptionKey. Cookies generated by production VM will not be accepted by staging VM.
After VIP swap all cookies set by old production VM will be rejected by new production VM (ex-Staging VM), causing all users to be logged out.
You need to specify machineKey values explicitly to force Forms Auth to generate cookies that will be valid for both new and old production VMs (see How To: Configure MachineKey, Web Farm Deployment Considerations section).
Check this online tool for machineKey section generation: http://aspnetresources.com/tools/machineKey.
UPD: There is a related note in Manage Deployments in Windows Azure/Managing ASP.NET machine keys for IIS:
Windows Azure automatically manages the ASP.NET machineKey for
services deployed using IIS. If you routinely use the VIP Swap
deployment strategy, you should manually configure the ASP.NET machine
keys.
So, I have recently acquired a new project: meaning I cannot answer any design decisions. I'm supposed to put some finishing touches on this app. Before I get with my BA to discuss time estimations I thought it would be prudent to familiarize myself with some code and walk through some breakpoints to give better estimates for the new release.
The problem? I can't run the app.
I get
"An invalid or incomplete configuration was used while creating a SessionFactory. Check PotentialReasons collection, and InnerException for more detail."
Inner exception is {"Login failed for user 'domain\computername$'."}
This app seems to require being hosted on a local IIS to run locally, so I added the windows feature and enabled windows security. I confirmed to make sure that this is not an intentional part of the design.
<add name=name connectionString="Data Source=localhost;Initial Catalog=dbName;Integrated Security=SSPI;"/>
Obviously the database I'm pointed at has changed due to the localhost, but still shouldn''t be trying to hit anything with the computer name.
Integrated Security should pick up on your Windows identity (ie, your user name). Check the application pool of the web app. Under Advanced Settings you can change the identity that the application runs under (normally ApplicationPoolIdentity). Maybe that is set to your computer name. That is the only thing that makes even remote sense.
I'm having a difficult time finding information on how to get RavenDB to work on a network. Within the same network, I can have an instance of my app running, and it will show data from my RavenDB. However, when I try to write data, I get a 401 Unauthorized exception.
What is the correct way to set up a RavenDB to be accessed over the network?
Right now, I have this in Raven.Server.exe.config, which is just a short-term solution:
<add key="Raven/AnonymousAccess" value="All" />
What I don't understand, is that the RavenDB web site says to use something like this:
<connectionStrings>
<add name="RavenDb"
connectionString="Url=http://serverName:8080;user=user;password=password"/>
</connectionStrings>
Ok, that's great for the application that's running, but how do I set the RavenDB server to allow that user and password? Is that just the wrong way to do it (somehow setting the RavenDB config file to allow those credentials)? If that's wrong, how am I supposed to define credentials on the server side?
Edit: Here are my attempts and results:
I'm running RavenDB by double-clicking Raven.Server.exe.
Scenario 1
Client app.Config:
<connectionStrings>
<add name="RavenDb" connectionString="Url = http://server:8080;domain=Xx;user=Xx\user;password=pw"/>
</connectionStrings>
DocumentStore Setup:
DocumentStore documentStore = new DocumentStore();
documentStore.ConnectionStringName = "RavenDb";
documentStore.Initialize();
Save Operation:
Session.Store(objectToSave);
Result:
"The remote server returned an error: (401) Unauthorized."
Scenario 2
Client app.config:
<add key="databaseUrl" value="http://server:8080"/>
DocumentStore Setup:
string databaseUrl = ConfigurationManager.AppSettings["databaseUrl"];
DocumentStore documentStore = new DocumentStore();
documentStore.Url = databaseUrl;
documentStore.Initialize();
Save Operation:
Session.Store(objectToSave);
Result:
"The remote server returned an error: (401) Unauthorized."
Inner exception: "The target principal name is incorrect"
Create a local user on the machine RavenDB runs on and use any credentials you'd like. Then assign read/write permissions for the /Data directory (and the /Tenants directory if needed) to this user.
If you're running RavenDB as a service or standalone application, remote auth should work with the (windows)users credentials. If you're running on IIS, please make sure you have Windows Authentication enabled (disabled by default!).
For me, I had to add domain to the connection string on the prod machine, but NOT when accessing that same machine remotely... I dunno.
Of note: I created a windows user named RAVENDB, and assigned it full permissions to the data directory.
so my connection string that worked fine remotely was
<add name="raven" connectionString="Url=http://myserver.com:8080;user=RAVENDB;password=PASS" />
whereas on the actual server, i had to use
<add name="raven" connectionString="Url=http://myserver:8080;DOMAIN=MYSERVERNAME;user=RAVENDB;password=PASS" />
Bob,
By default, RavenDB uses Windows authentication. So if you create the user on the server machine, it would accept it.
The alternative is to define ravendb specific users, but many people just use Windows Auth.
Trying to use a DLL that returns a list of tasks in the W2k3 server's Task Scheduler. Works great when I use it in a C# console app on the server, and using it on my computer (ASP.NET Dev Server), but when doing the same thing through the Silverlight-WCF RIA on the W2k3 server, it just wouldn't go. Silverlight returned "Object reference not set to an instance of an object" whenever it calls that DLL.
Fired up the Service Trace Viewer:
System.ServiceModel.FaultException`1[[System.ServiceModel.DomainServices.Hosting.DomainServiceFault, System.ServiceModel.DomainServices.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Might it because I'm using a DomainService class, its hiccuping? Any particular security permission or config on IIS that needs to be done?
update:
Tried one last thing .... Identity impersonation to my domain username and password works! So what is the best way to set up IIS to get this to work?
Just stuck with using a Windows dummy account using identity impersonation. Don't like it, but it works.