OOP Session State and mvC

[Richard Maher]

Hi,

I'm looking to use the Session State Server process in a web-garden come
farm and am impressed with the promised transparency and simplicity.

The only thing is my server side is made up of pretty much just
Controllers serving up JSON and a complete absence of views/razor etc.

Everything seems to work as advertized but I can't find my cookie with
the browser and I'm curious if my html is associated with the
application just because that's where it's served up from.

Anything to worry about?

Cheers,
Anxious from Perth

 

[Arne Vajhøj]

I'm looking to use the Session State Server process in a web-garden come
farm and am impressed with the promised transparency and simplicity.

The only thing is my server side is made up of pretty much just
Controllers serving up JSON and a complete absence of views/razor etc.

Have you considered just using WCF services?

Everything seems to work as advertized but I can't find my cookie with
the browser and I'm curious if my html is associated with the
application just because that's where it's served up from.

Anything to worry about?

You are not sure that the session cookie is working?

You could log requests and responses to see exactly what is going on.

Arne

 

[Richard Maher]

Hi,

I'm looking to use the Session State Server process in a web-garden come
farm and am impressed with the promised transparency and simplicity.

The only thing is my server side is made up of pretty much just
Controllers serving up JSON and a complete absence of views/razor etc.

Everything seems to work as advertized but I can't find my cookie with
the browser and I'm curious if my html is associated with the
application just because that's where it's served up from.

Anything to worry about?

Cheers,
Anxious from Perth

I guess I'm asking "Do I have t do this": -

Custom Session Identifiers


You can implement a custom class to supply and validate SessionID
values. To do so, create a class that inherits the SessionIDManager
class and override the CreateSessionID and Validate methods with your
own implementations. For an example, see the example provided for the
CreateSessionID method.

You can replace the SessionIDManager class by creating a class that
implements the ISessionIDManager interface. For example, you might have
a Web application that associates a unique identifier with non-ASP.NET
pages (such as HTML pages or images) by using an ISAPI filter. You can
implement a custom SessionIDManager class to use this unique identifier
with ASP.NET session state. If your custom class supports cookieless
session identifiers, you must implement a solution for sending and
retrieving session identifiers in the URL.

From: -
http://msdn.microsoft.com/en-us/library/vstudio/ms178581(v=vs.100).aspx

 

[Richard Maher]

Hi Arne,

Have you considered just using WCF services?

Talk about a "great big ball and chain"! Makes Java look positively lean
and mean

IMHO WCF is a technology whose time has come and gone and is an
abstraction way too far. Small foot-print REST services are all I need
and am not interested in publishers, subscribers, and Enterprise Service
Buses and Hubs and blah, blah, blah. I'm sure it's popular with those of
you who find a use for LINQ. (Having said that, I've always been
interested WS-Transactions (bring back TIP!) and I hope Jim Johnson is
still doing well at Microsoft.)

You are not sure that the session cookie is working?
Correct.


You could log requests and responses to see exactly what is going on.

Sure, I was just asking if someone has already done "For all intents and
purposes a generic abstract html page wanting to inherit/associate-with
a .NET C# session cookie purely by residing at the web-site"

Arne

Cheers Richard

 

[Arne Vajhøj]

Talk about a "great big ball and chain"! Makes Java look positively lean
and mean

Actually WCF is relative similar to JAX-WS and JAX-RS. I think JAX-* are
slightly more elegant (JAX-WS is second attempt with lessons learned
from JAX-RPC).

The only somewhat tricky aspect of WCF is what to put in web.config.

IMHO WCF is a technology whose time has come and gone and is an
abstraction way too far.

I don't think you can say that the days of WCF are over.

Small foot-print REST services are all I need
and am not interested in publishers, subscribers, and Enterprise Service
Buses and Hubs and blah, blah, blah.

If you need REST services you have 2 technologies that you should
avoid and 3 technologies that you can chose.

You should avoid:
* ASP.NET Web Forms
* ASP.NET MVC

Those are intended to output HTML not expose web services.

Your choices are:
* Plain old web handler
* WCF
* Web API

My view on each would be s follows.

Web handler:
* DIY style
* Some code
* Easy to understand
* Flexible/powerful until a certain level but after that it becomes a
lot of work

WCF:
* Framework style
* Some code
* Requires some reading to understand
* Very flexible/powerful even for advanced stuff

Web API:
* Convention style
* Little code (just don't start with VS wizard generated code!)
* Very natural
* Somewhat flexible/powerful - it covers the need of the 95% - the rest
it hard/impossible

Take your pick.

Correct.

You can get session cookies working with all of web handler, WCF
and Web API, but you need to do something special to get it working.

Note that true REST does not rely on session but prefer a custom
HTTP header for authentication.

Sure, I was just asking if someone has already done "For all intents and
purposes a generic abstract html page wanting to inherit/associate-with
a .NET C# session cookie purely by residing at the web-site"

See above.

Arne

 

[Arne Vajhøj]

I guess I'm asking "Do I have t do this": -

Custom Session Identifiers

You can implement a custom class to supply and validate SessionID
values. To do so, create a class that inherits the SessionIDManager
class and override the CreateSessionID and Validate methods with your
own implementations. For an example, see the example provided for the
CreateSessionID method.

You can replace the SessionIDManager class by creating a class that
implements the ISessionIDManager interface. For example, you might have
a Web application that associates a unique identifier with non-ASP.NET
pages (such as HTML pages or images) by using an ISAPI filter. You can
implement a custom SessionIDManager class to use this unique identifier
with ASP.NET session state. If your custom class supports cookieless
session identifiers, you must implement a solution for sending and

So far you have not mentioned anything that makes me think that
you need custom session id's.

I think you just need to get the session from your web service and
that is it.

And what id the browser and server uses to identify the session should
be irrelevant.

Arne

 

[Richard Maher]

So far you have not mentioned anything that makes me think that
you need custom session id's.

I think you just need to get the session from your web service and
that is it.

And what id the browser and server uses to identify the session should
be irrelevant.

Arne

That's what I'm hoping for. Almost ready to test it out.

 

[Richard Maher]

Web API:
* Convention style
* Little code (just don't start with VS wizard generated code!)
* Very natural
* Somewhat flexible/powerful - it covers the need of the 95% - the rest
it hard/impossible

Take your pick.


You can get session cookies working with all of web handler, WCF
and Web API, but you need to do something special to get it working.

Note that true REST does not rely on session but prefer a custom
HTTP header for authentication.


See above.

Arne

Thanks as always Arne. I will look into Web API. At the moment mvC seems
to be working fairly well but I did wonder why I was having to strip
down all the cargo.

 

[Arne Vajhøj]

I will look into Web API. At the moment mvC seems
to be working fairly well but I did wonder why I was having to strip
down all the cargo.

Just remember the note above. VS generates a gazillion files. You
just global.asax and your services/controllers.

Arne

 

[Richard Maher]

That's what I'm hoping for. Almost ready to test it out.

You were right as usual Arne. Nothing special required. (Okay, a config
entry and make sure the service is running


While you're there is the "return" in the following code only needed for
debug?


if (universeId == "")
{
Response.StatusCode = 404;
Response.StatusDescription = "Image could not be located";
HttpContext.ApplicationInstance.CompleteRequest();
return null;
}

 

[Richard Maher]

Just remember the note above. VS generates a gazillion files. You
just global.asax and your services/controllers.

Arne

Sounds good, but a WebAPI solution is just a type of MVC application
right? I opted for "Basic". Does that have a lot more baggage than WebAPI?

(And then I started deleting references especially to that jQuery crap!)

 

[Arne Vajhøj]

While you're there is the "return" in the following code only needed for
debug?


if (universeId == "")
{
Response.StatusCode = 404;
Response.StatusDescription = "Image could not be located";
HttpContext.ApplicationInstance.CompleteRequest();
return null;
}

I have never used HttpApplication CompleteRequest, but as I read the
docs then it will return - it just skip some steps in the pipeline.

Arne

 

[Arne Vajhøj]

Sounds good, but a WebAPI solution is just a type of MVC application
right?

I don't think so. I think MVC and Web API are very similar but not
the same.

I opted for "Basic". Does that have a lot more baggage than WebAPI?

Do you only have global.asax and the .cs with your controllers?

I think the general recommendation on the net is to either create an
empty ASP.NET project and only add what one need or to find a third
party wizard/template to generate a minimal Web API project.

But whatever works for you.

I made my test using a generic text editor!



Arne

 

[Richard Maher]

I don't think so. I think MVC and Web API are very similar but not
the same.

From VisualStudio 2012 you have to choose a MVC project and then you
get to drill down to WepAPI.

Do you only have global.asax and the .cs with your controllers?

There is models,scripts,views plus the usual .config etc

I think the general recommendation on the net is to either create an
empty ASP.NET project and only add what one need or to find a third
party wizard/template to generate a minimal Web API project.

But whatever works for you.

Sounds great but being the dumbest .NET guy in the room I try to appease.

I made my test using a generic text editor!

I do all my Javascript HTML and CSS in Notepad++ (Not a resharper or
StyleCop in sight

 

[Arne Vajhøj]

From VisualStudio 2012 you have to choose a MVC project and then you
get to drill down to WepAPI.

That is correct.

And then the Web API project indeed looks like a MVC project.

But if you do a minimal Web API project then it will be slightly
different from MVC.

There is models,scripts,views plus the usual .config etc

That is what the wizard/template creates.

See:

http://stackoverflow.com/questions/12412163/minimum-files-needed-to-deploy-webapi-server-side

http://typecastexception.com/post/2...PI-Project-with-VS-2012-and-ASPNET-MVC-4.aspx

and its links for some of the more let us call it "creative ways"
people are approaching this.

Arne