Strange web garden problem.... :(

[Victor]

I have a strange problem in my website. I configured my website to run under
2 worker processes. (web garden enabled). and I stored my user information
in the current httpcontext(like
Httpcontext.current.items.add("__currentuser", myUserobject") and retrieve
the user object like (user =
(UserType)Httpcontext.current.items["__currentuser"]). the website
authentication based on the form authentication. and I used login control
and customized the validation method.

No the bloody problem is. I opened two IE windows. and try to log into the
website using two separate account ([email protected] and (e-mail address removed)). the login process
is successful, but after that, the two IE windows both display the
information for (e-mail address removed) (instead of one for (e-mail address removed) one for (e-mail address removed)).
Is that anything related with web garden..?

I think the two IE windows should be two separated requests, so that
httpcontexts for two browsers should be different. am I rite?

cheers

 

[bruce barker]

if you use cookies, and start a browser instance from the same root (new
tab, new window, link on desktop) they share the same session cookie,
and thus changing one changes all.

-- bruce (sqlwork.com)

 

[Victor]

So for the httpcontext, all infomation will be stored in the cookie?
Is there another way to store the current context infomation?


cheers

if you use cookies, and start a browser instance from the same root (new
tab, new window, link on desktop) they share the same session cookie, and
thus changing one changes all.

-- bruce (sqlwork.com)

I have a strange problem in my website. I configured my website to run
under 2 worker processes. (web garden enabled). and I stored my user
information in the current httpcontext(like
Httpcontext.current.items.add("__currentuser", myUserobject") and
retrieve the user object like (user =
(UserType)Httpcontext.current.items["__currentuser"]). the website
authentication based on the form authentication. and I used login control
and customized the validation method.

No the bloody problem is. I opened two IE windows. and try to log into
the website using two separate account ([email protected] and (e-mail address removed)). the login
process is successful, but after that, the two IE windows both display
the information for (e-mail address removed) (instead of one for (e-mail address removed) one for (e-mail address removed)).
Is that anything related with web garden..?

I think the two IE windows should be two separated requests, so that
httpcontexts for two browsers should be different. am I rite?

cheers

 

[Steven Cheng[MSFT]]

Hi Victor,

As for the HttpContext instance, each coming ASP.NET request will has such
an instance associated with it, and you can refer to many other resource
associate with this request(such as session, request, response .....). And
for the "Items" property, it is a simple Dictionary collection that can
help us transfer some data across each ASP.NET request's server-side
pipeline. For example, you can store some data into Httpcontext.Items in
"BeginRequest" event and retrieve it later in Page's Load event.

As far as I know, no matter whether you're using webgarden or not,
different request's HttpContext.Items should not share the same data(data
in HttpContext.Items should be distroyed after the current request be
processed and ended). Have you set any initial/default value for the
certain HttpContext.Items entry? If convenient, would you post some of the
code snippet on how you store/intialize data into the certain
HttpContext.Items entry and how do you retrieve it and use it(display on
page or ...)? I think there could be something else that cause the Context
items messed.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================



This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Victor]

Hi Steve:
Thanks for the reply.. my problem is really strange.

my code look like I have this property in my base page.. but i make it as
static.. do you think it's the static make the problem?(make someone
overwrite another person's value)

public static MyUser CurrentUser
{
get
{
if (HttpContext.Current.Items["__CurrentUser"] == null)
{
if (HttpContext.Current.User.Identity.Name == "")
return null;

MyUser user =
MyMemberShipProvider.GetUser(HttpContext.Current.User.Identity.Name, false);
HttpContext.Current.Items.Add("__CurrentUser", user);

return user;
}

return (MyUser)HttpContext.Current.Items["__CurrentUser"];
}

set
{
if (HttpContext.Current.Items.Contains("__CurrentUser"))
{
HttpContext.Current.Items.Remove("__CurrentUser");
}
HttpContext.Current.Items.Add("__CurrentUser", value);
}
}


Another question will be if I store this user object inside the httpcontext,
just as you described, each time a new request initialize, it need to
recreate the user object again(that means access database, recreate the
object) that will increase the server load.I actually do not want to do
that. our website has a quite heavy loading now. So is there anyway I can
store a user object for each user during the period they visit the website
without recreating the user object for every request? Previous I use
thread.GetNamedDataSlot to store the user information. but sometimes it will
lost the information. And I will use Ajax in my website. some people said
that the using thread to store the user info is quite good in the ansync
situation. Can you please give me some information about this.

Cheers
Thank you.

 

[Steven Cheng[MSFT]]

Hi Victor,

Glad to hear from you. I don't think the "static" here is incorrect or
wrong here. The problem is possibly due to the HttpContext instances are
pooled(cached) so that a originally instanced HttpContext instance is
reused for multiple requests. You can try print out HttpContext instance's
HashCode to verify this.

However, as I mentioned in previous message, Context.Items collection is
not persisted between multiple page requests. If you want to store data
that will be used among multiple requests of a given client user, I suggest
you use SessionState, and for webfarm/webgarden scenario, you may need to
use SQL Server mode session.

http://idunno.org/articles/277.aspx

Please feel free to post here if you need any further help.

Sincerely,

Steven Cheng
Microsoft MSDN Online Support Lead

 

[Victor]

Hi Steve.
I managed to print out the hash code of my current httpcontext instances.
everytime i refresh the page, the number is different. so can i assume that
no httpcontext get pooled?

I remove the static. now It looks working fine expect in the tabbed window.
it seems if i open two tabs in the same ie. and login as two different
users.
the last one's user infomation(httpcontext) will override the pervious one.
does that mean the multi tabs in the same ie same the same httpcontext?

Thanks a lot for the help!

Cheers
Victor

 

[Steven Cheng[MSFT]]

Thanks for your reply Victor,

For HttpContext instance, it does be separated for each client request,
actually, each ASP.NET request will be processed under a separate
HttpApplication instance. Here is a kb article describe this:

#INFO: Application Instances, Application Events, and Application State in
ASP.NET
http://support.microsoft.com/kb/312607

For the following problem you mentioned:

========================================
it seems if i open two tabs in the same ie. and login as two different
users. the last one's user infomation(httpcontext) will override the
pervious one.
does that mean the multi tabs in the same ie same the same httpcontext?
=======================================

Are you using SessionState to store some information that will be displayed
to user? For client browser(IE), if you use "tab" or "file-->new window" to
open a new browser, it will share the same session with original browser.
Only if you start a separate IE instance from program menu or shotcut will
it start a new session.

Also, as you mentioned that you'll need to display separate information for
each forms authenticated user, correct? If so, I think you can consider
using the "Profile" properties to store data that need to be separated for
each forms authenticated user. SessionState is not completely 1:1 mapping
to forms authentifcated user. Here are some reference about ASP.NET 2.0
profile properties:

#ASP.NET Profile Properties Overview
http://msdn2.microsoft.com/en-us/library/2y3fs9xs(VS.80).aspx

#Profiles In ASP.NET 2.0
http://www.odetocode.com/Articles/440.aspx

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Victor]

Hi Steve:
Thanks so much for the help.

for my problem.

========================================
it seems if i open two tabs in the same ie. and login as two different
users. the last one's user infomation(httpcontext) will override the
pervious one.
does that mean the multi tabs in the same ie same the same httpcontext?
=======================================

I didn't use seesionstate to store my user infomation now. What I did is
when each request began, I create a user object from db then store them into
the httpcontext.current.items collection. then it can be used across the
current request. This issue almost killed me......@_@

thanks a lot.

Victor

 

[Steven Cheng[MSFT]]

Hi Victor,

Thanks for your reply.

That does be a bit strange. I'd like to help perform some test on my side.
would you try creating a simplified web project(with the least page and
code ) that can repro the behavior? You can send it to me through email(my
email is in my signature , remove the "online" in it).

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Steven Cheng[MSFT]]

Hi Victor,

Any further progress on this issue? As mentioned previously, if you have a
simplified package, you can send me so that I'll perform some local test.
In addition, if you still have no luck after some struggling and feel it
important and urgent to resolve the issue, I would suggest you consider
contact CSS for continual assistance:

ttp://msdn.microsoft.com/subscriptions/support/default.aspx

Please feel free to let me know if there is anything else need help.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Victor]

Hi Steven
I have mailed you a simple runnable example. Please tell me when you find
something wrong Thank a lot for your help.

Victor

 

[Steven Cheng[MSFT]]

Hi Shi gang,

Thanks for your reply.

I have checked the test project code you provided. I think there is nothing
particular in the custom membershipuser and membership provider class since
they only contains some placeholder code. For the "basepage" class, I
notice that you put the those code which store and retrieve the
Context.Items["xxx"] entry in the "basepage" "CurrentUser" property.
Didn't you put those code in httpmodule since httpmodule(registered after
those forms authentication and rolemanager module) should be the best
place. Anyway, for the code logic, I don't found anything particular
incorrect except to some coding rule problem(such as you should check null
reference before access sub properties in "if" statement). Also, if
you've put Context.Items's population code in HttpModule, your "basepage"
class only need a property which directly return the value in
Context.Items["¡­."]

Please let me know if there is any particular concern here.

Sincerely,

Steven Cheng
Microsoft MSDN Online Support Lead

 

[Victor]

Hi Steven:
I modified my code follow your suggestion. My code is like
public class MyHttpModule : IHttpModule
{
public void Init(HttpApplication context)
{
context.PostAuthenticateRequest += new
EventHandler(Application_PostAuthenticateRequest);
}
public void Dispose()
{

}
private void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
if (application == null)
return;
HttpContext o = HttpContext.Current;
if (o.Request.IsAuthenticated)
{
if (o.Items.Contains("__CurrentUser")
|| o.Items["__CurrentUser"] == null)
{
MyUser geddesUser =
(MyUser )basePage.GetGeddesMemberShipProvider.GetUser(o.User.Identity.Name,
false);
o.Items.Add("__CurrentUser", geddesUser);
}
}
}
}
but there comes a new problem. when i put a break point in the
Application_PostAuthenticateRequest event. and refresh my page, it stops
more than one time, then I track the db, I found out every refresh, the
system is going to access to database about 92 times... It's a little bit
out of control. I wonder how this happened? Is that because I used ajax in
my code? Is there a way to prevent this happen?

 

[Steven Cheng[MSFT]]

Hi Victor,

Thanks for your followup.

For the new problem you mentioned, I think your analysis is reasonable. For
the 97 requests, I think most of them should be caused by AJAX requests.
Actually, for ASP.NET HttpModule, it will be called for any requests
coming to the application. You can add some code in your httpmodule event
and write the coming request's Url address into log file to see what are
most of those requests going for.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Victor]

Hi Steven:
Thank for the reply. I tried to create a text file to log all the request.
But it failed, It gave me some exceptions like "the file is used by another
process". So I changed to write the infomation into my event log. Now, it
partially works.
From the event log, I saw despite some normal request from the aspx
page(only one request page), there also some requests from
ScriptResource.axd and WebResource.axd. These requests occurs because I
defined some of my script as webresource.
So I still can not explain how the 97 requests come from. I have an
assumption that if my ajax request comes inside a aspx page, in the server
side, the request's url will be that url for aspx page? am i rite?
Can you tell me how can I tell which one is a normal http request or a ajax
request inside httpmodule on the server side?


And Then I encountered another problem. Because I can not locate where went
wrong. I tried to modified my code. I stored my user infomation into the
session instead of the httpcontext. So I changed my event from
PostAuthenticateRequest to PostAcquireRequestState and store all my user
info into session if user is Authenticated But for some reasons, it crashed
with my ajax. (it threw sys is null exception) and all my ajax controls
gone......

Can you tell me where I did wrong on this issue?


Best Regards
Victor

 

[Steven Cheng[MSFT]]

Hi Victor,

As for the AJAX script engine, I have checked the extension handler and
module settings for ASP.NET ajax application project, it will add a custom
httpmodule and several custom httphandler settings in order to enable AJAX
support in ASP.NET 2.0 web applicaction. And generally, there will have
the following type of ASP.NET ajax requests:

** send to asmx webservice

** send to xxx.axd handler

** send to aspx page

I think the most xxx.axd requests you get is sending to the
_AppService.axd, is there many records to this path? Also, how many
requests are send with "aspx" extension?

In addition, for the new problem you mentioned

===============
And Then I encountered another problem. Because I can not locate where went
wrong. I tried to modified my code. I stored my user infomation into the
session instead of the httpcontext. So I changed my event from
PostAuthenticateRequest to PostAcquireRequestState and store all my user
info into session if user is Authenticated But for some reasons, it crashed
with my ajax. (it threw sys is null exception) and all my ajax controls
gone......
================

I think this should be caused by SessionState is only available in Page's
lifecycle which start after the PageHandler begin processing the request.
And in HttpModules, sessionState is not available, you can check the
HttpContext.Current.Session to verify this.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.