I'm looking at using Subsonic with a multi-tenant ASP.net web application. There are multiple DB's (one per client/instance). The user logs in with a domain suffix to their username (e.g. user#tenant1, user#tenant2).
The custom membership provider will then determine which database a user is using, and authenticate against it. All user-initiated calls in the webapp will be wrapped in a SharedDbConnectionScope call, however I have a question regarding caching subsonic items.
Basically each instance will have a few records that rarely change (search options/configurations). I would like to read these in the Application_Start event, and cache them into the ApplicationState.
In the Application_Start event, it would loop over each client database, use a SharedDbConnectionScope to connect to each DB, and create these cached records (e.g. Application('tenant1_search_obj') = subsonic_object
When a user loads the search page, it would then check what domain a user is in, and then retreive that search option from the cache.
Is this feasible? I'm just concerned that if I cache an object, when I retrieve it from the application cache it won't know what connection its using, and might possibly pull in the wrong data.
I'd like to avoid putting this in the session object if possible.
it's possible, but probably not a good idea since it doesn't scale at all - you're going to pop a new connection for every single client whether they show up or not.
Maybe your best bet is to "lazy load" the setting - first hit on the search page loads the config into the cache or Application settings and there it stays.
Other than that - to answer your question it is possible. If you're using SubSonic 3, just create a new provider on the fly using ProviderFactory.GetProvider(connectionString, "System.Data.SqlClient") and then execute your stuff against it.
For SubSonic 2 - SharedConnectionScope is what you want.
Related
Is there a way to attack some sort of global logger so that I know how long each WebAPI request took?
Yes, check out MiniProfiler.
It's got a lot of different adapters too- for example, I've used it with ServiceStack / Dapper, but it also works with MS vanilla WebApi / EF.
On localhost (or whatever criteria you use to turn the profiler on in your global app class), when you hit your site url's in the browser, you'll get a ui widget in the top right corner detailing total request time, serialization time, and database execution time (including the actual sql executed).
To view the last 100 requests, browse:
~/mini-profiler-resources/results
For more robust storage there are options here - sql server is supported out of the box. Use this create script and then set the storage provider for MiniProfiler:
MiniProfiler.Settings.Storage = new SqlServerStorage("..connectionstring...");
Or use Sqlite out of the box
You can even set multiple storage options.
Examples here
When adding the profiler ui to view requests, it should look something like this
After a research it seems that Meteor Sessions are reset after refreshing page or opening the website in new tab, i.e. they are not usual server-side sessions but something like global javascript variables on client-side. Some people advice to use AmplifyJS, but I'm not sure that it will work like usual session in other frameworks/languages and also it is a third party library, so is there any normal way to use sessions in Meteor, i.e. keep user-specific data on server?
At this moment I'm handling that by using custom Collections, but it is not an ideal way of doing that because it is needed to remove expired values from Collection manually, which makes additional troubles.
Yes this is correct. Despite the name Session is nothing like a cookie, but just a reactive form of a variable stored in a hashmap
To keep data persistent across tabs you need to use a Collections (as this is the only way to reactively share data across tabs) - Cookies can't work because they can't be made reactive as data needs to be sent to the server to notify the client when there is a change. There really wouldn't be another way at the moment as the publish/subscribe methods can only send down data from collections at the moment.
You can use your setup you have now with your custom collection. You can use a server side cron job to remove expired data (either with Meteor.setInterval or Tom Coleman's cron.
There is a package developed just for that: https://atmospherejs.com/u2622/persistent-session
After installation you can use the following functions to set sessions which are persistent:
//store a persistent session variable which is stored across templates
Session.setPersistent(key, value);
//same as above, but automatically deletes session data when user logs out
Session.setAuth(key, value);
I've tried the package and it works like charm.
I've an MVC3 web app which uses the default "in process" session. I've the PRG pattern in place - that is while postback if my modelstate is invalid I store the model in TempData and redirect to the original get action. In the get action I fetch the model data (if it exists) and send to the view. I believe this is one of the basic aspects of MVC.
I've learned that TempData in background is a session variable which
is used in the PRG transition. What I need to know is whether it is
possible to have a conflict or cross refrencing - if I use something
like TempData["model"] in two pages and access the pages
simultaneously. Would that overwrite the common data in
TempData["model"] or is it safe if I use the same tempdata names in
two different pages.
And does it conflict with Session["model"] kind of data? I'm facing some unexpected session data corruption - possibly due to my internal code that resets the session data or something else. Is it possible that session data can corrupt partially? I mean Session["data1"] is ok but Session["data2"] is gone?
My users often use the web app for a long duration causing session timeout. I tried for the ASP.Net session state service for session but that caused performance issues because I store some heavy objects (via serialization) in session. So finally I was back to the original default in proces mode.
Pls share if you've had any similar experiences.
TempData by default uses SessionState and access to SessionState is by default exclusive. So, if you do two concurrent reuquests, one will have to wait for the other to release the SessionState lock.
TempData does not interfere with using SessionState directly.
As SessionState by default uses in-proc, it can be invalidated almost anytime.
You might want to have a look at http://brockallen.com/2012/06/11/cookie-based-tempdata-provider/
I'm new with AppFabric Server caching but after playing around with it everything has been working like a dream.
I can add for example datatables to my cache and get that back to use just fine.
I got exited about this functionality and tried to test this with one 3rd party vendors dll that includes login session data (session id, date's etc.)
I created WCF service with method where you consume this dll to login and I store that session to my cache.
This works just fine and I can verify this by looking at statistics of my cache with PowerShell.
Then I created another method that is supposed to pick up this cached session and use it to execute actions. This is where I'm running to the wall.
I can see that I have been able to get session from cache, but information within session object is null (session id, date's...)
I've been serching help for this from everywhere but nobody seams to face this issue.
So my question is
Can AppFabric server cache ALL field values of given object (Public/Non-public not having any role)?
Is there any way to see actual existing content of cache where you would see keys and cached objects with values?
Thanks for all possible comments!
Regards
Mikko
In AppFabric you can only cache objects that are serialisable (or serializable for US readers :-) ). The fact that you have been able to store your session objects in the cache suggests that they are indeed serialisable. But to figure out what's going on here we'll need to probe a little deeper.
By default with binary serialisation, all fields/properties of an object are serialised, public and private (whereas XML serialisation only picks up the public values). We aren't told which flavour of serialisation AppFabric uses, but binary serialisation tends to be more efficient so it's a reasonable assumption that that's what gets used under the covers. However, it's possible to override the serialisation behaviour using the NonSerialized attribute, so that items marked NonSerialized don't make it into the serialised version of the object. The MSDN page for Selective Serialisation specifically advises that security-sensitive information should be marked as nonserializable.
A session ID definitely comes under the heading of security-sensitive information as it's key for session hijacking, so I should say that's the problem you're facing. You could confirm this by having a look inside the 3rd party DLL with ILDasm or Reflector to see if the fields inside the session class are indeed marked as not serialised.
Can you get round this? Well there is, of course, nothing to stop you creating your own Session class that you populate from the 3rd party's object where you keep all the properties serialisable and caching that instead. Bear in mind, however, that you're then essentially doing the very thing they've tried to stop you doing...
I am working with ASP.NET MVC 3.0. I have a page with an action link that makes appear a window in which you can adjust a certain value. Once the new value is sent to the database, an extern application deals with the value and send the result back to that database. I want the action link to be disabled while the extern application is doing her job. The page I am working on is refreshing automatically with some AJAX calls. The date when the extern application finished her last adjustment on a value is kept in the database. I first thought I could use session variables to store the date time of when the action link was pressed (because I need it through all the application) and then enable the action link when the adjust time is greater than the time when the action link was pressed, but I heard it was bad practices. Does someone have another solution?
Since you are already using the database - query the database to check the current status. If your application is restarted - a session value would be lost unless you are using a state server (ie sql server) to manage state- unless you don't care if its lost upon restart. You can use session and save yourself database calls - but the database is a bit cleaner and doesn't suffer from the same issue. If you do end up using the session, don't spread that session value all over your code, simply have a single method that reads or sets it (same with the db solution as well)