tags:

views:

1286

answers:

4
Q: 

ASP.NET 2.0: Problem in Httpcontext.current.session.add()

Hi,

Can anybody help me to find out solution of following problem.

  1. In ASP.NET website: at Application_OnPostAuthenticate() event, whatever code i write is executed for every request. therefore due to this customidentity object, countryid and weatherid is called everytime for each request (call for database for value). It effect response time of page and unneccessary code execute.

    void Application_OnPostAuthenticateRequest(object sender, EventArgs e) {

    // Get a reference to the current User


IPrincipal objIPrincipal = HttpContext.Current.User;


// If we are dealing with an authenticated forms authentication request


if ((objIPrincipal.Identity.IsAuthenticated) && (objIPrincipal.Identity.AuthenticationType == "Forms"))
{
    CustomPrincipal objCustomPrincipal = new CustomPrincipal();
    objCustomPrincipal = objCustomPrincipal.GetCustomPrincipalObject(objIPrincipal.Identity.Name);
    HttpContext.Current.User = objCustomPrincipal;
    CustomIdentity ci = (CustomIdentity)objCustomPrincipal.Identity;            
    HttpContext.Current.Cache["CountryID"] = FatchMasterInfo.GetCountryID(ci.CultureId);
    HttpContext.Current.Cache["WeatherLocationID"] = FatchMasterInfo.GetWeatherLocationId(ci.UserId);
    Thread.CurrentPrincipal = objCustomPrincipal;
}

    }

To solve this problem when i try tochange code as follows HttpContext.Current.Session.Add("test", FatchMasterInfo.GetWeatherLocationId(ci.UserId);); in place of cache i found foolowing error "Object refrence not set to the instance of object"

I don't know whether we can store session variable inside Application_OnPostAuthenticate() event or not?

+1  A: 

You could try doing this a bit later in the request, such as in the PreRequestHandlerExecute event:

protected void Application_PreRequestHandlerExecute(object sender, EventArgs e)
{
    IPrincipal objIPrincipal = HttpContext.Current.User;
    if ((objIPrincipal.Identity.IsAuthenticated) && (objIPrincipal.Identity.AuthenticationType == "Forms"))
    {
        HttpSessionState session = HttpContext.Current.Session;
        CustomPrincipal objCustomPrincipal = new CustomPrincipal();
        if (session[objIPrincipal.Identity.Name] == null)
        {
            // get data from database or wherever
            objCustomPrincipal = objCustomPrincipal.GetCustomPrincipalObject(objIPrincipal.Identity.Name);
            CustomIdentity ci = (CustomIdentity)objCustomPrincipal.Identity;
            Object countryID = FatchMasterInfo.GetCountryID(ci.CultureId);
            Object weatherLocationID = FatchMasterInfo.GetWeatherLocationId(ci.UserId);
            // save in session (not cache as cache is application-wide, not per-user):
            session.Add(objIPrincipal.Identity.Name, objCustomPrincipal);
            session.Add(objIPrincipal.Identity.Name + "_CountryID", countryID);
            session.Add(objIPrincipal.Identity.Name + "_WeatherLocationID", weatherLocationID);
        }
        else
        {
            // already have custom principal object in session
            objCustomPrincipal = (CustomPrincipal)session[objIPrincipal.Identity.Name];
        }

        // set the custom principal object to context/thread
        HttpContext.Current.User = objCustomPrincipal;
        Thread.CurrentPrincipal = objCustomPrincipal;
    }
}
ironsam  2009-08-01 07:59:48
@ironsam, Thank you very much. I have few more queries about the same 1. By using GetCustomPrincipalObject() i am fetching roles and permissions of loggedin user. Its good practice for finding roles and permission here or we need to change code and place it somewhere else.2. Why sessionstart event is not right place for session.add() ? Meanwhile i am implementing the solution you provided. I hope it will soleve the issue.
Hemant Kothiyal  2009-08-01 12:30:58
Edit: @ironsam, I have tried the solution you provide. when i am fetching user at aspx page using following code CustomIdentity ci = HttpContext.Current.User.Identity as CustomIdentity;The value of ci comes null. I am not getting what wrong i did?
Hemant Kothiyal  2009-08-01 13:59:17
You should be able to get the CustomIdentity from the session object if you need to on the aspx page: CustomPrincipal pi = (CustomPrincipal)session[objIPrincipal.Identity.Name];CustomIdentity ci = (CustomIdentity)pi.Identity;As for best practices and when certain events occur in a request, this might help <http://msdn.microsoft.com/en-us/library/ms178473.aspx>.
ironsam  2009-08-01 22:15:01
hi, Can you please explain me that if we have custom identity and principle in my Httpcontext then Is it good to fetch it from session? yes We can fetch it from both session and httpcontext . But what should we use?
Hemant Kothiyal  2009-08-02 06:54:08
I think it would be better to just get it from HttpContext, but if the custom one you set it isn't available right away in the remaining lifecycle of the request (likely having something to do with when you set it, in this case the PreRequestHandlerExecute event), then just go with the session one, if possible.
ironsam  2009-08-02 19:14:19
Hemant Kothiyal  2009-08-03 08:34:27
If I understand, you are adding a condition to check and see if HttpContext.Current.Session != null before checking to see if the CustomPrincipal object is in there or not. I think this would work, but hard to tell without seeing the rest of the solution.
ironsam  2009-08-04 00:36:42
+1  A: 

You probably don't want to access the session in any event that happens in every request. Some requests don't even have session (for instance, a lot of web service calls, or calls to WebResource.axd that load static resources).

Doron Yaacoby  2009-08-01 08:05:43
A: 

You might not have session state enabled. Does it work anywhere else (like in a web form's display)?

Look for a <sessionState> element under your system.web element in web.config make sure it's turned on (set it to InProc unless you have a web farm).

WildJoe  2009-08-01 08:19:01
A: 

Before adding value to cache object, check if it already exists in the cache.

pokrate  2009-08-01 08:27:02

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps