Asp.Net page does not respond until cookies are deleted - asp.net

We have deployed our Asp.Net webforms app on Azure platform, the app is being served by two web servers load balanced. Asp.Net session is managed by memcashed.
Generally app works fine but randomly it gets hanged, if we try to reload the app, request is not getting processed by the browser, no error at all, continuous loading.
Only way to make the app work again is by DELETING COOKIES for this specific app from the browser.
This happens in Firefox as well as in Chrome so does not seem to be a browser specific issue.
Cookies in particular is not that heavy, there are only 3 cookies, 1 being asp.net session cookie and two other for persisting user credentials.
App is about real-time chat service so it polls web server at each 4 seconds.
We have already referred one similar issue but that does not help.

If it happens randomly it looks like it caused by load balanced configuration. From my experience the most common reason for issues with load balanced farm - different machineKey values.
Try to check you have the same machineKey value in web.config for both servers.

Related

Single view of ASP.NET web application won't load in Azure dev environment

I am working on a web application, containing multiple views, that is using the ASP.NET framework for the backend and the Angular framework for the frontend. When running this web application on my local machine, every view loads without issue, returning the 200 - OK status. However, when I deploy and run my application in the Azure dev environment, one view is intermittently returning a 404 - Not Found status. All of the other views seem to be working fine, with the exception of this one.
Also, when I look at the console, it appears that the URL being requested by the front-end is the front-end URL, which it should not be requesting. It should be requesting the backend URL, which is what every other successful view is requesting.
Is there a general cause to this issue or do I need to provide more information regarding the code I am using? Thanks.
Assuming everything in the network but the app is working fine (example: no packet loss when your application's network traffic traverse public and private network) there are three possible causes
Client side lack of permission to access the object (please verify
messages exchanged between azure and your the browser with chrome
dev tools) and if is trueyou can you can configure Cross Origin
Resource Sharing (CORS) for the storage service the Angular client
is accessing;
Also is possible a SASAuthorizationError issue (Please check the
SASAuthorizationError in the metrics. Fault is non zero. Here is
explained)
last but not least please check in server-side logs if another
process deleted your target before frontend app can access

MVC Website intermittent behavior of not reaching sometimes

I have a ASP.Net MVC Website Hosted on IIS on couple of servers with load balancers, it a very simple page when it opens it logs user details in DB and show the view.
Issue is: It becomes unreachable sometime and pages are never opened. I have to restart APP Pool to get back on track and then it happens again.
What I have tried:
Made sure all DB connection are properly handled, any connection that gets opened are surely closed
Have put Recycle of APP Pool based on volume of RAM
Went through IIS logs and checked that request have reached there or not
There are other application also running on Server but the problem is isolated to this website
There are global users, issue persist of different global area
What I think it can be:
Might be possible that Load Balancer is never diverting my request
My request getting lost in between networks and layer
This is Production environment and we are not facing this issue in ACC or Dev.
What else I can go ahead and check?

Asp.net applications suddenly don't keep sessions anymore while running in localhost

Every aspnet web application I try to run locally just doesn't keep sessions anymore.
Somehow, this happens on both VS 2013 & 2015 with different projects. I haven't touched anything, one morning I found out that after a redirect every session data is lost.
These applications are still working on production and dev environments.
A proxy server or firewall on the web server side is stripping out the
cookie. It may be that the user is correctly storing and sending the
session cookie, but that the hardware on the web server's side is
stripping out the cookie before it can be read by the ASP or ASP.NET
engine, causing the server to generate a new SessionID and a new
cookie for the user on each request.

Trouble using Azure Cache Service (Preview) with Azure Website

We currently have 2 separate ASP.Net websites hosted on one of our server. These sites uses StateServer to maintain same session across both sites. We are looking to move these sites to Azure. I was able to upload both sites on Azure without any trouble but I was not able to share the session between both sites. I tried using Azure Cache Service (Preview) to maintain session but for some reason it doesn't work, it always uses different session when I redirect to the second site. I already spent quite a bit of time googling around with no avail.
To get to the bottom of the issue, I now have created 2 test sites and have uploaded it on the Azure. I changed the config to use the Cache Service (Preview) as SessionState but it still doesn't work.
The link to get to the test site is: http://sessiontestsite1.azurewebsites.net/
On the home page, please enter a value in the textbox and click "Update session variable", this will store the text into a session variable. Then, on the top right corner of the page there is a link called "Site2" which will redirect to the second site. I am hoping that second site will be able to access the session variable set in the "Site1" and vice versa. Please note on my local machine I was able to use the same session using StateServer.
I followed this link to configure cache service.
I read somewhere, people were saying that Cache Service cannot be used with Azure Websites but I think those are old posts, as per Scott Gutherie's blog (sorry, StackOverflow doesn't allow me to post more than 2 links) Cache Service can be used with Azure Websites.
Also our requirement is to use these sites as Azure Websites, we do NOT want to use WebRoles or VMs or CloudServices etc.
This is not how session works.
When you put a value in the Session the server assign the client an ID and sends it to the client in a cookie. In ASP.NET it's ASP.NET_SessionId. The client (Browsers) will only send the cookie to the remote address associated with it. If you use Fiddler or browser dev tools you will see the browser sending back the ASP.NET_SessionId cookie to sessionstatesite1 and not to sessionstatesite2 because it has a different hostname.
You can either add the cookie manually (using browser dev tools for example) and test it again.
If you want to use the cache for user session and have the user access the site using 1 URL that get's routed to different Azure Website Instances, that cache will work fine for you. Again you can verify that using multiple ways. Adding the cookie manually above should show you that it's working. If you wanna do it in an end-to-end flow do this:
Create an Azure Website
Scale the site to run on multiple instances
Configure your site to display the Process Id or Instance Id Environment Variable
Configure your site to use caching as you already did before
Store something in session state
log in to kudu (https://<yoursitename>.scm.azurewebsites.net)
Go to process explorer view (https://<yoursitename>.scm.azurewebsites.net/ProcessExplorer) and right click on the w3wp.exe and kill it (you can also verify the PID there)
send a request again from the browser, it will go to a different instance and you can tell by the Process Id, but the session value will still be saved.
Because session sharing in our current setup doesn't work we have decided to use two sites as virtual applications.
We have now created a new website and that website has two sub folders (set as virtual applications). Both sites now sits in theses sub folders. That way session state using cache service works.

ASP.NET_SessionId cookie value does not allow multiple logins to the same web application from the same pc

We have a web application running on ASP.NET 3.5. It is viewed by the world as one URL but in reality there are multiple IIS boxes hosting the application controlled by a load balancer.
My problem is that it is a sensitive application with strict security controls around it, and that post authentication if you open another browser to the same application and log in as someone else, the second login overwrites the first logins' session id value in the cookie, and then the first window crashes.
Any idea how I can get around this?
The session ID is placed in the cookie. If another browser window is opened and starts a second session the ID in the cookie will be replaced.
Also, logins should not be controlled via the session cookie. There is a Forms Authentication cookie for that purpose which is more secure as I recall.
Most web applications only allow one session per PC. Try logging into Yahoo Mail, Amazon or Ebay twice on the same machine and you will find the same problem. So ASP.NET is pretty much designed around the idea that there is one login per PC. Although, if you have multiple browsers installed on a machine, you can generally log into apps more than once because each browser keeps its own cookie collection.
edit: You might want to try cookieless sessions, in theory they might allow multiple sessions per PC, although I haven't tried it. But cookieless sessions come with plenty of problems and limitations of their own.
In short, there may be some hacky way to do what you want to do, but it will probably be fiddly and cause other problems elsewhere, because what you are asking for goes against the grain of ASP.NET's core design.

Resources