Session object is null after some time in ASP.NET MVC 4 -


i have web application asp.net mvc 4. when user login application, writes information session object of class userctx. previously, create cookie:

public actionresult executelogin(loginmodel model) {         if (modelstate.isvalid)             {                 formsauthentication.setauthcookie(model.username, false);                  userctx userctx = ds.setuserctx(model.username, model.password);                 session["userctx"] = userctx;                 return redirect(returnurl ?? "/offer");             }         else             {                 return view("index");             }     }

to make easier operate on object held in session, created static property, use in application: 

public class userctx {     public static userctx userlogged      {                 {             userctx userctx = ((userctx)httpcontext.current.session["userctx"]);             return userctx;         }     }

}

for example use property in view:

@if (userctx.userlogged.admin) {    @html.partial("_gvnetlogpartial") }

however, after time, variable null, don't know why happening. have set timeout in web.config:

<sessionstate timeout="30"/>

also, have filter on every controller checks value of session. here filter:

public class checksessionfilter : actionfilterattribute {     public override void onactionexecuting(actionexecutingcontext filtercontext)     {         if (filtercontext.requestcontext.httpcontext.session["userctx"] == null)         {             formsauthentication.redirecttologinpage();         }     } }

this error may appear because use static property?

recently developed web .net application stored information current logged-in user "static" session object, code.

however, realized old-fashioned approach, used old asp. now, asp.net provides better way deal user object.

instead of using session object, should override standard user object httpcontext. replaced code following approach , works perfectly.

below, i'll recap steps did - suggest same.

first, have write class store information need user. mine.

public interface icustomprincipal : iprincipal {     string email { get; set; }     string[] roles { get; set; }     int[] salesmenid { get; set; }     bool haswritepermission { get; set; } }  public class customprincipalserializemodel {     public string email { get; set; }     public string[] roles { get; set; }     public int[] salesmenid { get; set; }     public bool haswritepermission { get; set; } }  public class customprincipal : icustomprincipal {     private iprincipal principal;      public customprincipal(iprincipal principal, windowsidentity identity)     {         this.identity = identity;         this.principal = principal;     }      public iidentity identity { get; private set; }      public bool isinrole(string role)     {         //return (principal.isinrole(role));         if (roles == null)             return false;         return roles.contains(role);     }      public string email { get; set; }      public string[] roles { get; set; }      public int[] salesmenid { get; set; }      public bool haswritepermission { get; set; } }

then, edit global.asax that, after user logs in, replace user object of current httpcontext object of custom type defined @ previous step (see last instruction).

    protected void windowsauthentication_onauthenticate(object source, windowsauthenticationeventargs e)     {         if (e.identity.isauthenticated && null == request.cookies.get(cookiename))         {             customprincipalserializemodel cp = new customprincipalserializemodel();              string username = e.identity.name;              [...]              // set data of current user             cp.roles = [...];             cp.salesmenid = [...];             cp.email = [...];             cp.haswritepermission = [...];              [...]              // serialize cookie             javascriptserializer jss = new javascriptserializer();             string userdata = jss.serialize(cp);             formsauthenticationticket formsauthticket =                 new formsauthenticationticket(                             1,                             username,                             datetime.now,                             datetime.now.addhours(10), // cookie expire in 10 hours                             false,                             userdata);             var encryptedticket = formsauthentication.encrypt(formsauthticket);              // store cookie             httpcookie httpcookie = new httpcookie(cookiename, encryptedticket);             response.cookies.add(httpcookie);         }     }      protected void application_postauthenticaterequest(object sender, eventargs e)     {         customprincipal newuser = new customprincipal(user, (windowsidentity)user.identity);          httpcookie authcookie = context.request.cookies.get(cookiename);          if (authcookie != null)         {             formsauthenticationticket formsauthenticationticket = formsauthentication.decrypt(authcookie.value);              javascriptserializer jss = new javascriptserializer();              customprincipalserializemodel ret = jss.deserialize<customprincipalserializemodel>(formsauthenticationticket.userdata);             newuser.email = ret.email;             newuser.roles = ret.roles;             newuser.salesmenid = ret.salesmenid;             newuser.haswritepermission = ret.haswritepermission;         }         else         {             newuser.email = null;             newuser.roles = null;             newuser.salesmenid = null;             newuser.haswritepermission = false;         }          context.user = thread.currentprincipal = newuser;     }

Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more