We have a client that we deployed a webpage to. This client has users all over and they each have different set ups for computers. We have been getting a few reports of 500 errors and, looking at the error, I find that it's because the page cannot access the Session.SessionID from ASP. What could be causing this, as it's one of the first lines of code I have, and the majority of users are not having this problem. I know this is kind of a broad question, but I'm not looking for anything too specific. I'm trying to troubleshoot it myself, but I can't think of why our computers are fine and theirs aren't. I'm just looking for avenues to track down and ask the client about.
You can ask them to check whether they have cookies turned off. This will prevent the key from being passed back to the web server by the browser.
Related
I'm working on a mobile client. Dev backend server, I'm working with, isn't stable at all. It may be unusable for a full working day. Prod server is a bit better but still sometimes it doesn't work either. The other problem is it's much more difficult to use it in development. Besides that it's completely wrong to work like that. Basically these servers have been made for web, not for mobile. And it has other strange and annoying thing that destructs me from my primary work - token life time is only 60 seconds. That means if the app didn't refresh the token in that period the token dies. And next time you run the app you need to authorize from scratch. And that process takes centuries(((. May be I just don't understand how it works or something, but as I see web site just spams the sever every minute.
I was thinking how to fix this problem and started using mocking manually. But it's very annoying and time consuming either. The other idea is to use some kind of proxy / cache server that will send request to original server and if it fails return cached data. It seems that it may help in my situation. I'm not sure would such proxy / cache server be able to eliminate token problem. Basically I need to refresh it as soon as first token has been received. But who knows? May be I'm lucky enough?)
So the question: is there some simple to use proxy cache server that I will be able to run locally to achieve what I want?
The other opportunity is to write such proxy server myself. I have no experience in writing servers at all. But as a last chance I could try. The benefit of writing proxy server myself is that I should be able to "fix" token problem for sure. But I don't want to reinvent the wheel.
So any help and thoughts are appreciated.
Not entirely sure if this will solve your problem but let's give it a shot.
I myself have been programming against a rate-limited API. During development I often max out the allowed requests and have to wait before I could continue. I have developed a small caching proxy server that sits between your client and the server. It intercepts the requests and puts both the request and response in it's cache. Whenever it intercepts a request that it's already seen it will respond from cache without forwarding the request to the target server.
I'm not sure what your requests look like. The proxy that I build currently retrieves cache based on URL and HTTP Method, so that may or may not be what you need.
Here's the link to the GitHub repository: https://github.com/RobinvandenHurk/cache-proxy
Disclaimer: For if it wasn't clear, I am the author of this proxy
I have a very annoying problem as shortly described in the title. As I don't know which settings would make sense to post here and due to the fact, that exactely the same web application was running before on a Server 2008 with IIS 7 seamlessly, I try to explain the occuring misbehaviour as good as possible. I'd appriciate your ideas or hints very much.
Our web application was running for years now on the 2008 server with IIS7, PHP5.6 in FastCGI Mode. We authenticate our users by "Windows Authentication" (NTLM/Negotiate) against Active Directory and therefor just letting the users enter their domain users credentials at start of the session. Actually we allways used named sessions like this: SESS_[TIMESTAMP] and looped the timestamp through the whole applications session untill it was destroyd by whatever - closing, leaving, etc.
Now we migrated the web application to a new Server 2019 with IIS10 and PHP7.4. The application it self works as expected and absolutely with no problems at all. The only thing causing a critical situation is as follows:
I enter the web application on my machine, enter the credentials and - as expectet - am in. I see my Username at the top, everything is ok. As I go through workflows and data manipulations it's also working correctly. BUT: If my colleague in his homeoffice now enters the web application and starts working at the same time as I do, very often I see his username at the top of my browser window and he is me... (???) As we both then press F5 sometimes, the session changes back and forth. As our users (inside company) work with security sensitive data, this is indeed a showstopper.
As far as I can say, I really checked all settings in IIS and php.ini against the settings on the old server and also searched the web for days now. With absolutely no success.
I even commented out the section at my sessions initiation that sets a custom session_name. And indeed I'm not using a custom folder for session files.
The only thing I'm quite sure is that the misbehaviour results out of a misconfiguration in IIS: If I only open a test-file with phpinfo(), I can reproduce the same behaviour. The AUTH_USER, REMOTE_USER and LOGON_USER are changing back and forth between another users DOMAIN\username and mine.
Does anybody have had this interesting but annoying behaviour also? Any ideas or hints where to apply the lever?
Thank you so much for your input.
New information to my question:
I found out that the most significant difference to the old server is a load balancer! It seams that the load balancing causes this problem as the old server was not balanced.
Any suggestions or ideas how to deal with this?
I'm using the Selenium Client (v 1.2.18) to do automated navigation of retail websites for which there exists no external API. My goal is to determine real-time, site-specific product availability using the "Check Availability" button that exists on a lot of these sites.
In case there's any concern, each of these checks will be initiated by a real live consumer who is actually interested in whether or not something's available at that store. There will be no superfluous requests or other internet badness.
I'm using Selenium's Grid framework so that I can run stuff in parallel and I'm keeping each of the controlled browsers open between requests. The issue I'm experiencing is that I need to perform these checks across a number of different domains, and I won't know in advance which one I will have to check next. I didn't think this would be too big an issue, but it turns out that when a Selenium browser instance gets made, it gets linked to a specific domain and I haven't been able to find any way to change what domain that is. This requires restarting a browser each time a request comes in for a domain we're not already linked to.
Oh, and the reason we're using Selenium instead something more light-weight (eg. Mechanize) is because we need something that can handle JavaScript.
Any help on this would be greatly appreciated. Thanks in advance.
I suppose you are restricted from changing domain because of same origin policy. Did you try using browser with elevated security privileges like iehta for internet explorer and chrome for firefox browsers. While using these modes of browsers, use open method in your tests and pass the URL which you want to open. This might solve your problem.
First off, The Problem:
We have a Web App with a Flash front-end that talks to our ASP.NET web service via SOAP which then deals with all of our server side code (C#).
Right now, we implement a simple user sign on in our application, storing the info in our MSSQL DB.
A client has requested what I understand to be Windows authentication through our application using the currently logged in user.
So, I have been tasked with investigating this. Nobody, including myself, has any experience in this area.
I have been reading up on some basic Active Directory information, and some simple tutorials. I understand how to get access to the directory using ADSI through code. What I'm really interested in seeing is how the entire thing should be architected. I don't want to throw together a hacky solution.
Does anyone know of a good tutorial for this kind of thing or have any advice on getting started? More importantly, does this even sound viable?
I know I haven't given much information, but feel free to ask and I will provide answers.
Thanks.
Edit:
Will, to give you an idea of the scope of this, the network will include every computer in a large hospital. So yes, this is huge. Clearly I need to start small. I would like to come up with something that will work at my office first. Maybe ~10 Windows computers on a single domain. One Domain Controller.
I am also open to any good books on the subject.
If you are going to tie into Active Directory you will want to take a look at the System.DirectoryServices namespace. The implementations can vary wildly depending on your system architecture, but this should give you a good starting point.
Enjoy!
I've seen some clients complaining about slowness of my website lately and I'm pretty sure that the problem is related to their network. I'd like to be able to justify this to myself more thoroughly and also be able to more proactively reach out to clients that appear to be having network issues before they come banging on my door.
If I was running ASP.Net I would try to use the Response.AppendToLog Method and append a token so that I could tie back everything back to my custom application level logging (user, client, processing time, etc.). I can't seem to find a way to do that without ASP.net. I'm guessing it's built into ASP's ISAPI. My requests are going through IIS to JRun's ISAPI to Coldfusion (.cfm/.cfc files).
I'm most interested in knowing how long it took the client to receive the content not just the time it took to process the request.
If there are other places/information that I'm not considering that's worth looking at, please let me know. Perhaps I should log information from HTTP.sys somehow?
I know that I could set a cookie on every request and have that logged by IIS, I was just hoping there would be a better solution.
Thanks for your thoughts!
See Jiffy. It "is an end-to-end real-world web page instrumentation and measurement suite."
The introductory video gives a good overview.