We have an application with ASP and ASP.NET. We use StateStitch for the session sharing and stateserver setup for persisting (caching) sessions.
Now we want to implement High Availability and distributed caching, using AppFabric.
Only problem is: AppFabric requires <sessionState mode="custom"> and StateStitch requires <...mode="StateServer"> (tag in web.config)
Do any of you have any idea on how to go forward from here? Can't seem to implement AppFabric as //typeof(StateServer) and can't seem to make StateStitch accept custom setup.
Any thoughts, preferably utilizing one/both of the above mentioned techs...
Looking for the free solution :-)
Fixed it.
A hardcoded declaration in StateStitch, validated on StateServer and failed on Custom.
Solution: Added 'Custom' to the
If (Mode.StateServer || Mode.Custom) { Validated = true; }
Related
In MVC and most other service frameworks I tried, caching is done via attribute/filter, either on the controller/action or request, and can be controlled through caching profile in config file. It seems offer more flexibility and also leave the core service code cleaner.
But ServiceStack has it inside the service. Are there any reason why it's done this way?
Can I add a CacheFilterAttribute, but delegate to service instead?
ToOptimizedResultUsingCache(base.Cache,cacheKey,()=> {
// Delegate to Request/Service being decorated?
});
I searched around but couldn't find an answer. Granted, it probably won't make much difference because the ServiceStack caching via delegate method is quite clean. And you seldom change caching strategy on the fly in real world. So this is mostly out of curiosity. Thanks.
Because the caching pattern involves, checking first to see if it is cached, if not to then execute the service, populate the cache, then return the result.
A Request Filter doesn't allow you to execute the service and a Response Filter means that the Service will always execute (i.e. mitigating the usefulness of the Cache), so the alternative would require a Request + Response filter combination where the logic would be split into 2 disjointed parts. Having it inside the Service, lets you see and reason about how it works and what exactly is going on, it also allows full access to calculate the uniqueHashKey used and exactly what and when (or even if) to Cache, which is harder to control with a generic black-box caching solution.
Although we are open to 'baking-in' built-in generic caching solutions (either via an attribute or ServiceRunner / base class). Add a feature request if you'd like to see this, specifying the preferred functionality/use-case (e.g. cache based on Time / Validity / Cache against user-defined Aggregate root / etc).
I have been searching high and low for this, but can't seem to find the right answer.
I have been writing a module in Orchard together with some widgets that I use for it, and now I want to enable caching of the database queries in my classes.
Is there any documentation on how to add caching to my modules and widgets?
I've tried to just enable the Output cache and the syscache, but it seems that it only works for the modules that came with Orchard (I checked with SQL Server Profiler, and my queries are still being sent all the time to the database, while the normal Orchard queries for content and such, are not, and seems to be cached).
You can use the ICacheManager.
Inject an instance of ICacheManager into your constructor and then in your method you can cache a value using:
var myCachedValue = _cacheManager.Get("My-Value-Cache-Key", ctx => {
ctx.Monitor(_clock.When(TimeSpan.FromMinutes(20)));
return SlowFunctionSoNeedsCaching();
});
I've written a more detailed example in my blog post: caching in Orchard.
I was considering using <sessionState mode="InProc" timeout="45" /> because some users are repeatedly logging in, and I would like to save them some time. However, before I add this to my web.config file, I wanted to make sure there would be no side affects.
I read up on sessionState versions, although I already am fairly aware of what goes on, I was curious to know what the default setting for an asp.net mvc 3 application was as there is no defined sessionState inside of my system.web at this time.
I know that the application has access to Session["key"] without the declaration, although I try to avoid putting that type of load on the Session. I would assume that there is a setting in IIS 7 which my application is inheriting (This application is on a shared hosting environment).
I understand that there could be issues if I was using a dedicated database or server for the Session, but this is just a basic setup as far as that goes, nothing fancy.
Is there a default sessionState for asp.net mvc 3? Is it just being inherited? Will there be side affects from overriding it in my web.config if it is defined elsewhere in IIS?
As of now the default Timeout = 20 minutes.
These are the default values for .Net Framework 4. I think they don't change because of MVC 3.
The accepted answer is correct, but possibly the OP is actually meaning to ask about authentication timeout which would be 30 minutes.
I know this is old but though it important to clarify that session state has nothing to do with authentication. The OP does not state what form of authentication is in use. Assuming Forms Authentication, then the default timeout for that is 30 minutes and is controlled in the <authentication...<forms element in web.config. I have found it best to have your authentication timeout set to less than your session timeout when using in-proc session. I tend to use out of process session as a preference, as it preserves session data from app-pool recycles.
What is the suggested way to implement output caching of service responses when using http://razor.servicestack.net?
Not used it since it's 4.5 and our current projects are 4.0, but perhaps CacheStack may be of use?
Otherwise handle it yourself via wrapping existing services with the ToOptimizedResultUsingCache extension method, and manually expiring cache keys on CRUD type operations.
I have a website set on a specific domain which is completely separated from my couchdb url through rewrites and virtual hosts, and I got to a point where I need to add some user authentication using _sessions API but I'm afraid I can't do it with rewrites:
{
"from": "auth",
"to": "../../../_session"
}
gives me:
{"error":"insecure_rewrite_rule","reason":"too many ../.. segments"}
which is acceptable, but now I'm wondering how would I get the session authentication to work from my domain without exposing couchdb url, and also, the session seems to be related to the domain so if I login through couchdb.example.com it won't work when using mywebsite.com as the public interface?
Thanks
PS. I've just found this post where there's an alternative by disabling secure_rewrites on the httpd config file, which seems to work, although, I was wondering that perhaps might be not a good approach and if is there something else which is ideal for this kind of problem.
I recommend to set secure_rewrites=false and don't worry about it.
We had a great discussion about CouchDB rewrites and security in the Iris Couch forum. Also see my post later about using Audit CouchDB. These are the highlights:
The secure_rewrites option is not the ultimate source of security for your data. At best, it is one layer in a multi-layer solution
The ultimate source of security is the _security object in the database. So that is where you should focus your attention
The Audit CouchDB tool scans every detail about your couch and it will tell you if any red-flags are present. It is implemented in Javascript so if you have NodeJS, you can run it; or simply reading the source code gives you an idea of what it is looking for.
If you are using vhost, than /_session handler is available at the vhost root without any rewrite rules (by default).
See the section [httpd] of default.ini:
vhost_global_handlers = _utils, _uuids, _session, _oauth, _users