Create custom server variable, it's possible?

[joun]

Hi all,
i want to create in my asp.net application a custom server variable, so i
can retrieve later in other pages (even asp or perl) with

request.servervariables("HTTP_mycustomvariable")

i've tried with response.appendheader("mycustomvariable", "somevalue") but
this doesn't work, or the variable scope is limited to aspx files, not asp
or perl.
So there is a solution with my problem, event with a external vc++ program?
Thanks,
Michele

 

[John M Deal]

If you truly want it to be global to every user of the application you
want to use the Application object. Just remember because it is truly
application level it can suffer from multiple threads attempting to
modify it so you need to do the following when setting the value:

Application.Lock();
Application["AppName"] = "My Application";
Application.UnLock();

The value for Application["AppName"] can now be retrieved from any
codebehind page as usual (note convert the above if you don't use C#).

Have A Better One!

John M Deal, MCP
Necessity Software

 

[Guest]

Response.AppendHeader appends variables to the response. The response is
then sent to the browser. The browser wouldn't send back your custom header
variable in its request. You are going to have to find some other way of
doing this.

 

[joun]

Yes, but this would work only for asp.net applications: asp.net application
variables are not shared with other applications....
i've the necessity of reading a server variable from a perl CGI script
through
$ENV{'variablename'}
that is equivalent to request.servervariables("variablename") for asp.net
Unfortunately there is no method (i suppose) for a perl script to access to
an asp.net application variable, so i have the necessity to set up a custom
server variable....

If you truly want it to be global to every user of the application you
want to use the Application object. Just remember because it is truly
application level it can suffer from multiple threads attempting to modify
it so you need to do the following when setting the value:

Application.Lock();
Application["AppName"] = "My Application";
Application.UnLock();

The value for Application["AppName"] can now be retrieved from any
codebehind page as usual (note convert the above if you don't use C#).

Have A Better One!

John M Deal, MCP
Necessity Software

Hi all,
i want to create in my asp.net application a custom server variable, so i
can retrieve later in other pages (even asp or perl) with

request.servervariables("HTTP_mycustomvariable")

i've tried with response.appendheader("mycustomvariable", "somevalue")
but this doesn't work, or the variable scope is limited to aspx files,
not asp or perl.
So there is a solution with my problem, event with a external vc++
program?
Thanks,
Michele

 

[Kevin Spencer]

If you want some data to be available to multiple applications, store it in
a file or database.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Neither a follower
nor a lender be.

 

[William F. Robertson, Jr.]

Can you not take the approach of cookies?

bill

 

[Jeff Dillon]

Actually I thought the browser DID send back custom headers in the next
request.

Jeff

 

[joun]

Unfortunately, the variable i need is for security purposes, so a cookie
can't be used...

 

[John M Deal]

If you can't use cookies then you shouldn't be using header variables
either as header variables are easy to find with a simple http sniffer.
I'm thinking that you really should go with the suggestion of using a
database or some other shared server side storage location for holding
this value. Anyone that would go to the trouble of opening your cookie
would probably not have too much problem running something like Fiddler
(or any number of other tools) to see what is inside the headers for the
page. Also from a security standpoint, you probably don't want to pass
anything to the client that you are worried about getting hacked, it is
better to keep it at the server and use an authentication mechanism to
get to it each time it is needed. Or is there some other reason that
you prefer a header value over a cookie?

Have A Better One!

John M Deal, MCP
Necessity Software

 

[Guest]

When I tested it, the browser didn't send the header in the request. What
did you use to test this?

 

[Jeff Dillon]

As I stated, I didn't test, only thought

 

[joun]

That is the situation: i have to authenticate many users (1000+) on my
application, so i can't (and don't want) create system accounts; instead i
store users into database, and perform the authentication using asp.net
webforms;
the asp.net application then sets it custom server variable (how?) to the
username authenticated and the perl application knows that the user is
authenticated by checking that server variable: if that server variable is
null no user is authenticated.
So i can't use querystring, or form, or cookie to pass to the perl
application the username authenticated, for security reason, instead i can
use perl to retrieve the server (or environment) variable.
The system is similar to the standard iis authentication, who sets the
LOGON_USER and REMOTE_USER server variables when a user logon, but i can't
use that variables because i'm not using iis authentication.
Hope to have been clear,
Thanks

 

[joun]

I've already tested that, it doesn't work.

As I stated, I didn't test, only thought


"Scott Simons" <Scott.Simons.At.MealMagic.Com.Remove.This> wrote in
message

 

[Jeff Dillon]

So you are correct

How are users calling your Perl script, through another browser instance?

Jeff

 

[William F. Robertson, Jr.]

Why don't you encrypt the value with a well known algorithm and share the
algorithm across you various applications? Then you can store it in a
cookie.

bill

 

[joun]

I've already thought that solution, but in that case if i use algorithms
suchs as MD5, SHA1, etc. a maliciuos user can guess one username and encrypt
it...