State Management :: How To Use Current Session (webpage) In Client Side ActiveX Control
May 3, 2010
I'm curently developing web application which uses standard form authorization and, of course, server session objects (quite classic app). Now I'm developing client side component, which base functionality is to allow users to acquire tiif/jpg/pdf document from scanner (client side) and send it to server. Because of scan complexity and need for very user friendly interface i decided to implement Activex object (object written in .net 2.0). Until now all was ok, so I have got activex which succesfully registers and scan documents on client - but i cannot manage with sending files to server.
My concept of sending files was like that:
- preparing Upload.aspx web page wich is used for reciving files sended by POST method and saving files in database (of course to proper save in database i need some current user context information) - in ActiveX i decided to use System.Net.HttpWebRequest object to prepare and send data the problem was third point:
- i thought that in-proc activex object would "derive" web session form web page activex is placed on - but i was wrong (or i made it wrong). Whenever i send request form Activex, in response i got login.aspx page - so it looks that new session is created and new authorization is needed.
I was trying to pass to my Activex values stored in "ASP.Net_SessionId" and ".ASPXAUTH" cookies, as i found that these are the values identifying session and athorized user - but with no luck.
I think, that becaause HTTP is stateless protocol all information needed to "connect to/share" existing session on IIS server need to be included in request data, so there must be way to add these information to request sended from my activex.
I would be very grateful, if someone could provide me information what should i add (headres/cookies/etc... ?) to my request data so it could share session from "parent" web page.
I am trying to write a code that I can attach to a .aspx page using <!--#include file="newcode.aspx"-->. What I am trying to do is check to see if they have an current or active session and redirect them if they don't. It seems like this should be pretty simple, but I have not been able to get anything to work. This is only being used on One page. What I have tried is:
I have a section in my web app that displays the user's name, the current datetime and a logout link. What i would also like to display is the time left for the session.Is this possible? I'm using an ajax timer to give the user the real time, so if i could display also the time that is left for the session to end would be great.
I have to maintain session of two users on a sigle page.And the path is. UserPath:
1.User logins with his credentials((We retrive their credentials from login table) . 2.He invites some of his friends for a birthday party. 3.And send an url link to share some of the gifts with them in which gifts are provided in Share.aspx page. 4.Userlogouts.
Invites path:
1.Invite logs in with his credentials(We retrive their credentials from invites table). 2.He is directed to go to Share.aspx and list the items he require. 3.And he logs out.
Now i have problem in maintaining session for both the user and invite. How can i maintain the session so,that the user can identify a particular invite from the list of invites an his chosen items.
According to MSDN and the MCTS self-paced training, asp.net can use Hidden fields for client-side state management. The book material goes on to say view-state is more secure than hidden fields because the data is encrypted. I must be missing something here. I setup a Label and made it hidden. I can store data in this hidden label and it won't even be sent to the client browser. This not only works like server side state (note the runat=server), but this seems more secure than view-state because there's no need for encryption as the client can't even see the field.
cookies are generated from the client scripting.e.g. document.cookie = city=NYC;
I want to update this from GUI using
Response.cookies["city"] = LA;
I could not understand why this is not possible.( I read about Httponly and all that stuff but still not clear).If I use Javascript in code behind page then I am able to change the value.e.g.
But I could not use this type of code because there is response.redirect statement in the function where I am updating cookie using (response.cookie) and that's why the javascript code never runs.
Bottomline: I want to update cookies in code behind page which is generated in client scripting.
We have a web site that implements a custom SiteMapProvider using a User Control added in the master page. I need to be able to limit the sitemap nodes added depending on the logged in user, that is, certain users should not see certain sitemap nodes. Currently, the login processing code determines if users are in the certain category or role and then sets a value in session state, for example, Session["UserInRoleXXX"] = "Yes"; I tried changing the code in the user control to check the session state, but I got the following error: NullReferenceException ... Object reference not set to an instance of an object." Can session state be accessed in a user control?
I want to control the login user to access our system. I authenticated all of users by using my own way in project. and I want to limit the number of user to access the system cncurrently. It means , We sell our project to customer as Licence software. If user buy it for three users, we will allow three conurrent login user to access the system. Our system allow our customer to create their own users as they wish. We don't want to control the user creation to use the system. but But we want to control the total no of current login user at the server as per our licence agreement . After reading some article, I see there are two main ways to control the no of users.
One way is to use the membership property in my project and then can count the number of online users by executing Membership.GetNumberOfUsersOnline Method.
If I use membership property, I think it is not ok at my project. As my understanding, the system will control the user creation if we use the memebership provider. I am not really sure whether I can use membership provider property to get my system requirement or not.
I have developed a web application (ASP.NET Web Forms). One of my customer has very restrictive policies. When he accesses the web page, IE shows this message:
Your security settings do not allow Web sites to use ActiveX controls installed on your computer. This page may not display correctly.
As far as I know, we don't use ActiveX controls on our page. I did a "View > Souce" and did not find anything suspect.
How can I find what part of my page refers to an ActiveX. The application uses jQuery and a few jQuery plug-ins. Is there a tool/add-in like "Fire Bug" that I can use to list the ActiveX controls referred on a page?
I have a user control which contains a CustomValidator which is used according to whether a RadioButton is checked or not (there are several RadioButtons, I'm only showing the relevant one)
There is some client + server side validation code (the server side code does exactly the same thing and is skipped for brevity)
<script type="text/javascript"> function ValidateDateFields_Client(source, args) [code]...
There are two instances of this control in the page. When running the client side version it hits the wrong one (the version of the control which is disabled). You can see from the generated HTML both are correctly specified. I'm not sure how .NET works out which clientside function to call given they both have the same name.
[code]... Do i need to add something in to scope it? What's the best way to achieve this? If I disable the loading of the second control everything works fine.
i want to upload picture throw FileUpload control and then store it in session, after store in session i want to read it out to image control and insert to database.
I read the solutioin for this error, at the following link :http://forums.asp.net/p/1046935/1576341.aspxbut I am still not clear what exactly causes the error. I have two doubts :1. Can anyone please elaborate a bit on this issue, with any example ????2. Is there any drawback of this approach ?
I have a list of items on an ASP.net page. That list is selectable in that whenever the user clicks on one, the page does a postback and the server code stores the index or some unique identifier of the picture in a ViewState property indicating that it is currently selected.
I would like to minimize the load on the server and therefore I would like to store the index or unique identifier representing the image in some way on the client side. The best way I can think to do this is to store said information in a hidden field ), however I had two questions about this before I go crazy:
Is this a security risk in any way, shape or form (i.e., exposing implementation details of the page)? Is there a better/best way to do this that is more industry-standard? Does ASP.net provide a framework to do this that is cleaner than my idea? Seems like this would be a fairly common requirement to me...
Which is best option to store confidential information in a page?Control,Session,QueryString etc ... ?And also the performance also should be good ... ?
Customer were getting "View State Validation Error" due to worker process recycling at our production webserver and to fix that i applied machinekey and then move my Session state Mode from In Proc to State Server to retain session data and not kick out the customer to relogin. I had serialization issue with one object which has to be stored in session but when i moved it out of session i could able to resolve the issue.
But doing all these i was partly successfull in keeping the user in their session when Worker Process recycle event occurs.I was able to refresh the page or make a post back by clicking the refresh button and also able to retain the session values. But the Problem occurs when sending asynchronous request to server which we do periodically every 15 minutes from the moment the user logs in.The web page doesnot update data on website when sending asynchronous request.By Debugging I found at this particular code point it fails to make a postback which is required.
<%=GetHintFromServer%> (When there is no Worker Process recycle i t gets replaced by WebForm_DoCallback('__Page',message,ShowHint,null,null,false) on postback) Everything works fine when there is no Worker Process Recyling but when it happens looks like sending request asynchronously using javascript fails .Remember When I make a post back by manually clicking submit button everything works fine.
I am new to .net 4.0 and am using EF Model and SessionState Mode=SqlServer and I am getting this error below:
Unable to serialize the session state. In 'StateServer' and 'SQLServer' mode, ASP.NET will serialize the session state objects, and as a result non-serializable objects or MarshalByRef objects are not permitted. The same restriction applies if similar serialization is done by the custom session state store in 'Custom' mode.
I checked the stack trace and its complaining about
I marked it as serializable but then it complains about System.Data.Objects.ObjectContext is not marked as serializable and hence throws the same error.
