ASP.NET session management - StateServer Mode

ASP.NET session management in StateServer Mode.
StateServer is a session management technique in which the data is stored in the ASP.NET stateserver service that runs on your machine. This is part of the Out-of-Process (OutProc) modes in which ASP.NET session data can be stored.

Now, let us see how we can do this.

  • create a start page called StateServerParent.aspx.
  • create another page named StateServerChild.aspx. This is the page that shows the data from parent page that are stored in stateserver mode of the session.
  • In Web.Config file that is at the root of your application, add the following code in section.
  • C# code behind for parent file where the data is stored in session.
    C# code behind for child class for retrieving data from session
    When you run this, the below error is thrown. This is the error. The error is self explanatory. It says that the application is looking at ASP.NET state service either on the local machine or on a remote server. If it is a local machine, then connection string should either use localhost or The data that this error does not show is which port to look for. It is at 42424.
    To get rid of this error and make our app up and running, goto services.msc and enable ASP.NET State Service

ASP.NET Session Management - Series of articles

ASP.NET Session Management is one of the important concepts in ASP.NET to store are retrieve data for ease of use during the life cycle of the application/ website.

As part of my task called - Revisiting basics, I have decided to take on this topic. Hence, in the next series of articles, we will discuss about all the available session management types/methods we have. 

ASP.NET session management can be done in any of the following ways.

  • Application
  • Session
  • Cookie
  • Cross Post Page
  • Query String
  • ItemState
  • Profile

Application: Application session management is holding data at application level. This is done by storing data in the Application object by a key and assigning a value to it. Application session keys are available as global data and reside on the server's in memory of the asp.net worker process. There is more about this in an article on my blog.

Session state: Session management can be done using the session object with a key and assigning a value to it. The session objects are unique for every client. Thus there will be a session that holds different keys for every user. This as well stays at the server side. However, the default session state will not work in the case of web farms as your load balancer might turn your request to the available server and not to the same server every time.  Developers working on web applications that are internally used and run on a single server might not be aware of these details. 

Session sate has different modes in which it works. 
  1. InProc 
  2. OutProc
The OutProc has two different modes in it again. 
  1. ASP.NET state server
  2. and SQLServer
  3. Custom (This is an exciting topic. I will explore this in detail as another article apart from sessionstate)
We will discuss more on this with code snippets in an article here on my blog.

Cookie:This is the most famous one that is known even to the non-developers. The two main drawbacks are that the client's browser should support cookies and its size is limited. More on this in a new article.

Query String: Yet another most famous way in storing and passing data between pages. This drawback is that the data is clearly visible in the browsers query section. More coming on this.

Cross Page Post: This is a method wherein the data from calling page to the called page is sent using the PostBackUrl concept which as well is a property attached to the event handling items on the page.

ItemState: ItemState is another out of box functionality that is supported by ASP.NET to store and retrieve data as session values. However, it is to be noted that all the values saved in ItemState are for a single Request. This is because ItemState is useful only if the page movement is using server.transfer. So that data is moved from Page-A to Page-B with in the server and browser has no clue about this.More on this in another article.

Profile: This is used similar to session state.Yet, one of the biggest advantages of Profile is that boxing-unboxing is taken care by itself and the developer need not worry about casting. More on this in coming article.

ASP.NET Session Management - Cross page Posting Technique

cross page posting

Cross page posting is a type of session management in which the values of Page1 are sent to Page2 using PostbackUrl attribute of the event driven items in an ASP.NET page. The event driven items in a page can be anything like a button or a link click. Instead of a event handler inside the aspx.cs file, the page takes the properties from Page1 to Page2 using the post function.

Sample Code is here
Create a page called CrossPostingParent.aspx
Let it have 2 textboxes that takes name and age and submits the data to another page CrossPostingChild.aspx using a button that has PostBackUrl set.

Corss Page Posting is a response.redirect action. So the browser shows a change in address.

CrossPostingChild.aspx inside the CrossPostingChild.aspx.cs file
This is not the only way where the data can be sent to another page using cross page posting. ASP.NET gives us a better option using the strongly typed way. In this case, we need to decorate our child class with @PrivousPage page directive and set its virtualPath property to parent page. This means that whenever there is a cross page posting it will only happen via the page defined in VirtualPath.
Apart from this, define public properties in parent class that can be used in the child class via the .PreviousPage property.The complete code is as below. I have commented the code for scenario one so that you will have a better understanding
Inside the C# file of child class Modified parent C# class file.

Nodejs REST API Authentication using Passport

Nodejs REST API Authentication using Passport.js 

Hi All, I know its been a while that I have written an article here. However, I have not waster a single day. I was into writing concepts on JavaScript Module pattern and JavaScript Prototype Pattern. 

I will soon put up all the content explaining JavaScript Prototype pattern and Prototype by default in great detail here.
Coming back to the current article, Nodejs , the serverside JavaScript framework is famous for writing REST APIs. It is also famous for writing webapps (web pages) using ejs/ jade/hapi etc as the web frameworks.

In this article, I will help you out writing an API in node and authenticating it using passportjs.org's passport-http basicStrategy method. In real world scenarios, it is advised to use SSL to implement authentication. 

So, lets jump into the code an build an API.

1. do the below three npm first in your project.

  • npm express 
  • npm passport
  • npm passport-http.

2. Now, define the require statements.

3. define a port where the API is exposed for use and the app listens to.

4. Let the app know that it has to use passport.
5. Initialize the passport
6. Define the BasicStrategy via the passport-http.
7. Let passport know that it has to use BasicStrategy to do the authentication
8. As per the documentation, BasicStrategy  takes three arguments. They are the input username, password and a callback named 'done'.
9. 'done' lets the passport know if there was a success or a failure during the authentication.
10. Based on the result of the authentication, that is injected to the express framework via app that uses this passport to allow the user to the next level of query using the next() call of the express.
11. For http, because the APIs are session less, the session is false in the code.
12. In our example, we return true when username and password are same. However, in real world example, the username and password are to be cross verified against your database user table details.
13. In our example, once the user is authenticated, we display some static data. In real world, it is some data from database.
Complete code is below. You can also look at the complete code here.

So there you go, below are the screenshots when i run the application. Hope this helps. I will soon upload the application to github. Thank you so much. See you soon with more JavaScript, C# and Node.js code samples and code snippets.