MVC3 vb.net Application using built in session management. I have an mvc3 application that I would like to add being able to see the current number of users online to whether they are logged in or not. I have tried using:
Membership.GetNumberOfUsersOnline.ToString
But that only keeps track of current users logged in which is not acceptable in what I am trying to do. Is there any other method that keeps track of connections????
You could hook on the Session_Start and Session_End events in global.asax. Increase a counter in Session_Start and decrease it in Session_End.
Or you can read this article on how to read all users session state via a dirty reflection hack. So you don't have to count yourself.
Related
With asp.net core mvc, how does one track time on page per user? I.e I want to track how long a user stays on a page (or all pages)
Did you try autoTrackPageVisitTime property sir? I find it seems to meet your requirement and I tested it in my side. Here's the query log in application insights.
I am trying to implement the idea found here in order "To facilitate multi-tab session states"
The shared solution speaks of Web Forms and wondering if it is possible to get a unique id for each new tab in asp.net MVC in order to use for each instance of session variables.
You won't be able to reliably check if a user has closed a tab in MVC due to the nature of restful Http requests.
If it's absolutely essential to keep track of open tabs I would think about SignalR, you can reliably track open tabs in real time using that. You would have to implement a collection of unique session objects synced to a unique ID on the matching tab. On submitting the form you would match the session by ID to the ID passed in by the form.
Having said that I would be very cautious about keeping anything specific to a certain page/tab in a session. It can lead to many confusing bugs that are very hard to debug, often leading to complete reworks.
Is there a strategy/approach that can be built to bring an ASP.NET MVC application into "single user mode" gracefully? By "single user mode" I mean something that when activated will block all new user access/logins, but allow existing users to complete their sessions and log out.
SCENARIO: I need to republish an active MVC application during the day in order to patch errors. Since we are conducting a new release I need to be able to do these patches sometimes a few times a day to squash bugs. Our users are all over the world and I don't have the ability to contact them individually to tell them of the patch, especially if it is a quick fix that is needed. So far I've just been republishing which means for some users their sessions will be destroyed, they will get errors when trying to navigate from one screen or form to another, etc.
What I would like is a feature that will let me log in as the site admin (custom Identity auth), flip a switch, and from that point forward (unless I flip the switch again) no new logins will be accepted. I would also need the ability to monitor sessions and ideally mark individual sessions for termination immediately if necessary, which I'm not sure is possible out of the box at all.
If there is no NuGet package or at least some code sample out there that can do it I'm considering rolling my own. One approach is giving the app admin a screen to set a boolean Application variable that is then checked during each user's login. If that Application variable is true then the authentication logic redirects the user to a friendly message that logins are disabled. Session management would be trickier, maybe have the base controller update an Application variable (dictionary?) on each page load, and then the admin can view a screen that shows a list of those sessions and can flag them for termination? And then the next time a flagged user loads a screen the base controller logs them out since they were flagged for termination. But I'm not sure if there will be threading/deadlock/etc issues with everyone accessing this Application variable repeatedly like that.
For reference, the application is used by about 3-5K different users per day, about 25-30k screen/page views per day. Backend is a combination of Oracle and SQL Server but that shouldn't matter, unless it would be better to track the session info in the DB.
This is not a hard requirement, but the impact on the users when the site goes down can be severe, so I want to make it as graceful as possible. Right now it is crude.
I'm contemplating using AFTER INSERT, DELETE, UPDATE Triggers to capture changes to one of my databases. One thing I want is to capture name of the user who made the change.
Since I'm using a dedicated SQL account to connect to the database (from ASP.NET MVC), I don't believe SUSER_SNAME() will provide accurate information to me.
Is there anyway for me to feed in the username from ASP.NET MVC side to the trigger?
ASP.NET side is configured for Windows Authentication against Active Directory.
Take a look at Set Context_Info. I've used this successfully in the past when auditing and using sql authentication. The idea is that you set the in the context the logged on user, then in the DB Trigger you retrieve this info from the context and store it in the DB. If you forget to set the user in the context, you can always fall back to suser_name (although, not very useful for auditing, but can be useful when making changes directly in SSMS). Google "Audit Trail Set Context_Info" and you will find some examples.
Like this one and this other one
You could use Thread.CurrentPrincipal to get the Windows Account and pass this as a parameter to your queries, and therefore, available to Triggers.
var userName = Thread.CurrentPrincipal.Identity.Name;
Creating a patch utility that will update my current website with my patch. when user login to its system and there is an update available it will prompt to user and if user accept it it will update its system. I want to know when this process starts i want the website to stop fulfilling request from other users until the files are copied so there is no malfunctioning occurs. I want to know what will be the best approach to take the website down although user is logged in to the same website and many other will try to access it? Im using Asp.Net MVC 2. I hope that my question is clear to all
There is a built in method to take an asp.net application offline. Here is a link describing what to do
http://www.15seconds.com/issue/061207.htm
Hope the gets you started.
Bob