S
Simon Gorski
I have a large problem, and I believe there is not yet a way to solve this
using IIS and ASP.NET. I hope someone has a solution which we couldn't
find.
The current situation
When a user logs in to our website, we implement a single login for multiple
services (let's call them services A-D). This means, that on the backend,
while sampleuser logs in to our service with only one username and password,
he is automatically logged in to many different services in the background.
The problem with this method is, that these other services are often
provided by 3rd parties, which are halfway around the world, and sometimes
have unexpected downtime. In the case where a service goes down (service B,
for example), the user's login will take 20 seconds while we wait for the
timeout to reach the affected service. If the user has no interest in the
service (perhaps he only wants to use service A today), this makes for quite
a bad user experience.
The suggested solution
Naturally, our first thought is to implement an asynchronous login in the
background, which updates the website as the user is logged into services to
indicate that the login was completed. In the meantime, the user can surf
around the site, and use those services where he was already logged in
(service A, for example). We thought this would be no problem with ASP.NET
2.0.
The limitations/requirements
For the service logins to work, we need access to the user's session. We
set things like login-specific data, as well as a LoggedIn flag for each
service. The background login should not stop the user from using other
services where he is already logged in. Our session data is currently being
stored in a SQL database, and our web servers are in a web farm with load
balancing. So any solution has to take all this into account.
What we tried
At first, we tried simply spawning a new thread to perform the login. The
problem with this is it has no session access.
Next, we tried the methods as described in the PPT on this site:
http://blogs.msdn.com/dmitryr/archive/2005/11/09/490980.aspx. The problem
is, we realized, that all of these "Async" methods are simply a way of
performing multiple tasks inside the processing of a page. We needed
something out-of-band.
Finally, we started looking into AJAX/Atlas. This brought us the closest to
a real solution, using an Asynchronous Web Method call, where the Web Method
had the EnableSession=true flag. This quite nearly works except for one
large problem. While the method is executing, the Session object is
blocked, and therefore, the user cannot perform anything on our site that
requires a postback until the WebMethod is finished. Watching the WebCast
at http://support.microsoft.com/default.aspx?kbid=820913 (specifically part
9 on Threading Synchronization) led us to the conclusion that this will not
be possible to solve using this method either.
So the question seems simple, the but the solution evades us: How can you
perform LongProcess() in the background of a user's web activity when
LongProcess() requires Session access?
using IIS and ASP.NET. I hope someone has a solution which we couldn't
find.
The current situation
When a user logs in to our website, we implement a single login for multiple
services (let's call them services A-D). This means, that on the backend,
while sampleuser logs in to our service with only one username and password,
he is automatically logged in to many different services in the background.
The problem with this method is, that these other services are often
provided by 3rd parties, which are halfway around the world, and sometimes
have unexpected downtime. In the case where a service goes down (service B,
for example), the user's login will take 20 seconds while we wait for the
timeout to reach the affected service. If the user has no interest in the
service (perhaps he only wants to use service A today), this makes for quite
a bad user experience.
The suggested solution
Naturally, our first thought is to implement an asynchronous login in the
background, which updates the website as the user is logged into services to
indicate that the login was completed. In the meantime, the user can surf
around the site, and use those services where he was already logged in
(service A, for example). We thought this would be no problem with ASP.NET
2.0.
The limitations/requirements
For the service logins to work, we need access to the user's session. We
set things like login-specific data, as well as a LoggedIn flag for each
service. The background login should not stop the user from using other
services where he is already logged in. Our session data is currently being
stored in a SQL database, and our web servers are in a web farm with load
balancing. So any solution has to take all this into account.
What we tried
At first, we tried simply spawning a new thread to perform the login. The
problem with this is it has no session access.
Next, we tried the methods as described in the PPT on this site:
http://blogs.msdn.com/dmitryr/archive/2005/11/09/490980.aspx. The problem
is, we realized, that all of these "Async" methods are simply a way of
performing multiple tasks inside the processing of a page. We needed
something out-of-band.
Finally, we started looking into AJAX/Atlas. This brought us the closest to
a real solution, using an Asynchronous Web Method call, where the Web Method
had the EnableSession=true flag. This quite nearly works except for one
large problem. While the method is executing, the Session object is
blocked, and therefore, the user cannot perform anything on our site that
requires a postback until the WebMethod is finished. Watching the WebCast
at http://support.microsoft.com/default.aspx?kbid=820913 (specifically part
9 on Threading Synchronization) led us to the conclusion that this will not
be possible to solve using this method either.
So the question seems simple, the but the solution evades us: How can you
perform LongProcess() in the background of a user's web activity when
LongProcess() requires Session access?