Managing NHibernate Sessions For Multi-tenant Application?
Oct 15, 2010
I have scoured the web and have yet to find and example that matches my requirements.
What I have is an existing multi-tenant asp.net application where all users authenticate against a single SQL Server database. This database also contains several other settings type data that is used within the application. Each client after authentication, utilizes thier own SQL Server database for data storage, for isolation purposes. Essentially all of the client database are identical and reside on the same server, but reside on one or more servers as well.
The application is currently written in asp.net 2.5 framework and utilizes the Micrsoft Practices Enterprise Library for DAL. Wnd we are looking to migrate to 4.0 and implement NHibernate to replace the MPEL.
I have implemented a solution already using NHibernate and the 4.0 framework, so I am familar with the concepts. I found the resources for my current session manager here as a matter of fact. But that application only had a single database, so not much too it.
The implementation is essentially what you see here:
[URL]
The other solutions that I have seen multiple config entries and/or files to manage this, but that is not desireable, since we may add new clients frequently and all of the connection information is already maintained in the authentication database.
I'm building a multi-tenant ASP .NET application. Given that each tenant can configure their application dynamically (which may involve dynamic custom assemblies being loaded into memory), I need a means of isolating each tenant.
I'd prefer not to create a new Web Application per tenant for maintenance reasons.
I've was considering using the AppDomainManager to create an AppDomain per application, but it seems this is not intended to be used for ASP .NET applications.
I can do the database and security side with no problems, I can also get the hostname from the URL, but what I am struggling to find out is how to create the basic plumbing that would allow a new customer to sign up online, provide their company name, and for the application to create the new URL, ready to be used straight away.
im trying to build my first multi-tenant application, i used a shared database and it is complete now, i want to build the app now, and i tried this approach: all urls in the app have the following form ~/user/page.aspx(user directory is logical) where user is the current user, which is saved in a session after he logs in. when the user requests a page, say ~/user/profile.aspx, he is routed to the real page ~/profile.aspx and then his data are retrieved from the database. i dont think this is how multi tenant applications work, but i couldnt think of another method.
we are building a multi-tenant application, which will support that each tenant can have a unique top level domain, the application is build using the asp.net 3.5 and SQL servr 2005, while each tenant will have different database. I have seen a number of questions about the similar applications on the StackOverFlow, but none of them is related to the Testing, I want to know is how one can test the application in a development environment, specially How can we test that each customer connects to his own DB based on the URL. how can we emulate different domains on the local system. like [URL] and [URL]all goes to dev machine's IIS.
I see there are 2 possible scenarios as to the session handling:
Open one single ISession per request. Open it at request start and close it at request end.Open one ISession per conceptual "unit of work". Many sessions are created for a request.
The approach #1 is the one I'm doing now. I'm a little bit worried about it because, although it works, it's a little bit difficult to debug. For instance, I have an object not being saved (even though I ordered it to) and I'm having trouble debugging since there's a LOT of things happening during a complete request life-cycle.
The approach #2 seems to be the standard best-practice (not sure about ASP.NET) and I'm sure it's pretty easier to debug. The problem I see is about inter-session communication. For instance: My Page class holds a reference to the User, which is a persistent object. Many of the operations receive the user as parameter. As the user belongs to a different session, I can't pass it as a parameter.
I'm biased to #2, but I don't know if it's the best practice, nor how to deal with cross-session object.
I have been seeking the best way, or at least a good way, to handle Client Access for a Multi-Tenant/SaaS-type web app designed with MVC 2.There are no tricks as far as client customizations needed here. So every company will have the same experience on the app. I just need to understand how I can isolate the experience so that a logged in user only sees data relevant to his company. My tactic is that my database houses a "tenantID" column for each row so I can easily isolate the rows that way. I am wondering if the default provider using the ASPNETDB.mdf can be modified to route users to their assigned company data. I have seen examples using route paths ({tenant}/{controller}/{action}/{id}) but even those threads express doubts. So if anyone has a good method that they are comfortable with, I am all ears (or eyes).
I've been all around the net for weeks now trying to figure out the best way to set up a Multi-tenant website (building a web app that multiple companies and their employees will use). As far as a database goes, I am interested in using one database with a copied set of tables for each company. As far as managing the login and security in MVC2 I am lost with the myriad of examples (mostly old and not MVC) that I have seen. So ideally my app would allow a company rep to register their company and then be able to add their own employees to the site. Then all employees could login and be securely associated with their own company's tables (table names would be appended with their AccountID).
I'm not sure if this would be handled using routing or session variables or what the more ideal and up to date methods might be. Like others who have discussed this issue, it seems like this should be a much more fleshed out solution as it is becoming a more common use on the internet. I'm even willing to simplify the database down to one set of tables that stores an AccountID in each row if needed.
In a multitenant system that hosts multiple organizations and applications, where an organization may use several applications hosted on the system, should my user and role model be such that a single user or role can exist across multiple applications and organizations? Or should I limit a user entity to a single organization/application pair and then define some overarching model to tie those user entities together? That is: John Doe is a person He wants to use ApplicationA and ApplicationB He works for two different companies (just bear with me), OrganizationA and OrganizationB Should the user model be:
johndoe@someuniquesuffix is his unique user name. This gives him access to both applications for both organizations. johndoe@applicationa@organizationa is his username for ApplicationA at OrganizationA. [URL]is his username for ApplicationB at organizationA...and the same for OrganizationB. Then have some "master" list that says that all 4 user accounts for the apps/orgs correspond to the same actual "person", John Doe?
The same scenario(s) described above applies to how I will design my Role schema.
I currently have a MVC2 application hosted on premise that allows the user to add custom extensions (controllers, filters, views, validators) so that they can extend the application to suit their needs. I'm using MEF as my composition container, but MVC2 relies on the extensions (assemblies, views and scripts) to be located in a particular directory or found at runtime based on a configuration setting. The MEF catalog is instantiated at startup meaning if any new extensions are required to be added or updated then the application needs to be restarted. This is all fine in a single-tenant world but now I want to make it multi-tenant hosted in the azure cloud.
The problem I forsee is the location of the custom extensions and how they are deployed. My initial thought is to use azure blob storage (one per tenant) to store the custom extensions and then download per-session (rather than Application Startup), however in the past the way MVC has worked is it tries to resolve assemblies and find views within the current AppDomain whereas my assemblies and their embedded resources will be in memory.
I'm after a bit of advice on how to handle a multi tenant site in ASP.NET from a UI perspective. What I want to be able to offer is a choice of layouts to the client i.e.
Layout 1: Navigation horizontal at the top. Search results in a table in the middle. Some text at the bottom.
Layout 2: Navigation vertical on the left. Some text in the middle. Search results at the bottom
Layout 3, Layout 4, Layout x etc...
Each element within the various layouts can differ too. For example, the search results might look like simple list in Layout 1, but will have a completely different look in Layout 2. Once a client has decided on Layout x, I then need to apply their company identity to the layout by changing the colours, logos, etc.
My application is used by several customers, who needs to maintain their own database. Currently I'm keeping all the connectionstrings and according to the user, change it. (In a case of CRUD operation). Is this errenous way? I don't know much about MultiTenant applications. Is that the best solution for my problem?
I am developing a web application which implements membership, roles and profiles. I also want it to be multi-tenant / multi-domain. By this I mean that I will have hundreds of domain names pointing at the same web application. I want users to be able to create accounts at each individual domain. I want the opposite of "single sign on". I want users to be able to use the same username, email address and password (or different ones, at their choice) to create accounts at the different sites. I do not want users to have any awareness that the different domains have any relation to each other as they will look different and have different content. The first problem I run into is that usernames have to be unique within the forms auth aspnet db.
Well, if they want to use the same username to register on 10 different sites then I need to support that. My first thought was that instead of identifying a user by their username, I need to extend the aspnet tables and sprocs to consider the username + a unique site identifier. Is there any sample code or has anyone else ever done this before? Should I just abandon the built in aspnet forms auth and roll my own custom auth scheme? The data on the sites is not sensitive so security isn't really that important to me.
I am part of a development team building a new ASP.NET 3.5 web application. Two of us are C# coders, and the other is a VB.NET coder.
I know that we can mix languages on a per-project basis, and one can build classes in one language that inherit from classes written in the other language in a different project (which we are already doing), but I can see us getting into a situation where we might well end up with cyclic dependencies between our various project DLLs.
Other than simply having a high number of projects (more seperation of concerns into more libraries), how have you managed this situation on your own projects?
Note - I believe this question to be different enough from the only similar match I could find (this one) on the basis that we are not wanting to use different languages in order to take advantage of their specific features per se, but rather to make use of what developer resource is available to us (i.e. one dev just happens to be VB.NET only).
Our current application is working fine but when you try to misbehave like we found out that When login with same user in multiple tab with different organization(there is a organization dropdown in the master page which sets the cookie whenever it is changed.) in tab one it is org 1 and tab 2 it is org2 , cookie has the later org 2 in it but when we go back in tab1(which had org1) and save the record org 2 will be saved with the record So can some one share some sort of a checklist with us which address these types of problem.
My company took some old php application over. Due to our preference to ASP.net and to the lack of any documentation from the previous developer, we do not want to spend much resources on developing in PHP. For implementing new features, we will create an Asp.net application that has the same look to the user. We want to develop a kind of 'coexisting' web application. Therefore we must share sessions between an PHP and an Asp.net webapplication project, because there is a usermanagement involved with an existing MySQL database.
(e.g. link 'A' directs to the PHP website, and link 'B' directs to the asp.net application)
How can we share the session between and PHP and an asp.net application?
And does anyone have a hint for this 'coexisting' thing, that might be useful in development?
I'm designing my first asp.net web app, using nHibernate as the data provider. i've read a lot about nhibernate in web applications using session-per-request pattern. my application will have a few pages which are 'monitors', meaning- they're updated automatically every few seconds to reflect recent changes to data. in that case, my thought is that opening a session for every request would not make much sense, since I know that an identical request is sure to follow in a few seconds. my thought is that session-per-conversation would make more sense for me, but I'm having trouble finding examples of implementations. I'd appreciate any good resources for how to implement session-per-conversation
We are programming a new web application framework (Second WAF). I was wondering if we should support cookieless sessions or not. Who use it and who needs it?
I am about to start a new application and am excited about using asp.net mvc and nhibernate. However, the big "problem" is how I handle the user authentication stuff. What are some ways those used to using nhibernate and MVC solve this problem?
My thought is let asp.net do its own thing and I do my own thing database wise. Am curios if I should role my own using the provider model and nhibernate, if I can figure out how. Or is there a way to integrate current code that is in the mvc example into nhibernate?
I tried to figure out NHibernate (a first) First went through chapter 23 in Asp.Net MVC in Action 2, and read some articles to get the drift.
Then I modified the sample in the above book to work with my own database and my own table. Finally got that working. (Started messing with this yesterday afternoon....it's 7:30 AM, so .... I'm tired...)
Then I worked this into my own project (the shared mvc template some of you might have looked at).
Now my application became completely unstable. Sometimes it work, but other times it bombs out where my controller factory (Castle) set the component lifestyles:
[Code]....
Each time with some LoaderException that read like {"Could not load file or assembly 'Castle.Core, Version=1.1.0.0, Culture=neutral, PublicKeyToken=407dd0808d44fbdc' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)":"Castle.Core, Version=1.1.0.0, Culture=neutral, PublicKeyToken=407dd0808d44fbdc"}
Man I fiddled all over the place, having xcopy copy dll's (see krok.web properties got a post build event) and many other things I that does not really make sense.
And from the darned instructions, having all your dll's in a folder which get copied out to the web project's bin folder and dont know what else.
Seriously...if someone can download this and have a look (better not if you dont know Castle Windsor and NHibernate)