Cache invalidation between two web applications - asp.net

I need to invalidate cache in a web application when related data is updated in another application (running on the same machine). Both applications use the same database. I know there's SqlCacheDependency.
How do is it in terms of performance?
Is interprocess communication (e.g. using name pipes) an option in web applications? Does it outperform SqlCacheDependency?

This is actually pretty simple to do by just using web services or a page action in each webapp. The web service can just clear a cached element whenever it is called.
When webapp A updates the data that is cached in webapp B, just have webapp A call the web service in webapp B that clears the cache and vice versa. You can add authentication as well if you want to secure it etc.
Anytime I have had to communicate with another web application and perform an action within the context of the other app I have done it by exposing web services or pages (ashx files) that will perform whatever action I need.

You could use a distributed cache instead, e.g. Velocity http://msdn.microsoft.com/en-us/magazine/dd861287.aspx

Related

How asp.net single web page(aspx) is processed for multiple user

I need complete information about how aspx single page server multiple users as compared to stand alone window application where separate exe is running on each user machine.But how exactly single aspx page serve multiple users at same time.
I search on Google but not get any good example.
I need any article or reference link for understanding the same.
Every request to any ASPX page will create a separate instance of the page class, generally all in the same AppDomain.
There is no concept of a "user", although you can create one using cookies or session state.
Choosing Between Windows Forms and Web Forms
Programming model
Windows Forms is based on a client-side, Win32 message-pump mode,
where instances of components are created, used, and discarded by the
developer.
Web Forms relies on a largely asynchronous, disconnected model, where
components are loosely coupled to the application front end.
Typically, application components are invoked through HTTP. This model
may not be suitable for applications requiring extreme throughput from
the user end or for those with high-volume transactions. Similarly,
Web Forms applications may not be suitable for database applications
that require high levels of concurrency control (for example,
pessimistic locking).
Security
Windows Forms uses permissions in its implementation of code access
security to protect computer resources and sensitive information. This
allows careful exposure of functionality, while retaining security.
For instance, the Printing Permission, which at one level would allow
printing to the default printer only, at another level would allow
printing to any printer. Using ClickOnce, developers can easily
configure which permissions their applications should and should not
demand from the client. For more information, see ClickOnce Deployment
and Security.
Authorization to gain access to the resources of a Web application is
typically controlled on a per-URL basis by authenticating the
credentials (for example, a name/password pair) of the requestor. Web
Forms allows the developer to control the identity under which server
application code is executed. Applications can execute code with the
identity of the requesting entity, which is known as impersonation.
Applications can also dynamically tailor content based on the
requestor's identity or role. For example, a manager could receive
access to a site, or a higher level of content than someone with lower
permissions.

Migration of an application to another server

I am trying to migrate an application A to a Weblogic 10.3.6 Application server running on Oracle Enterprise Linux Operating System. An application B is already residing in that weblogic server. Application A has a GUI with user login feature. However, application B does not. Currently application A and B are interfacing through an MQ.
My queries are:
1. Is it a feasible design to have both applications A & B ears in the same server?
2. If yes, how can they internally communicate?
3. Is there a security breach risk for application B due to user login feature of application A?
1) Yes, it is perfectly reasonable to run one or more Ear files on a server. There can be performance issues, and you may need to watch the JVM/Heap memory carefully (one app causing OutOfMemoryError will take down both).
2) Depends how you want them to communicate. The easiest way is probably to use remote lookup. WebLogic provides all lookups for application context etc in a JNDI tree. As long as the methods are exposed to allow remote calls (e.g. #Stateless #Remote annotations in JEE), you can call methods remotely. You can also use other methods such as MDB (message driven beans) if you don't want fast communication, or even Web Services (just bind to the same local server with a different Context root).
3) It depends how you login. If you use weblogic state to check if someone is logged in, then logging in to one application will log you into the other. You would need to look at WebLogic Roles and Policies. Basically set certain users into one Role for one application, and possibly have two different authentication mechanisms setup. Then use #RolesAllowed (or any other ways you fancy) to block access to classes/methods to only the given roles.
If you use your own log in method, I can't see an issue from the user side. Just be careful of what code gets used, and make sure you dont allow remote lookups you arent aware of (ie watch out for methods that could be subject to injection attacks, where malicious code could do a remote lookup to the other application). If you wanted you could still use WebLogic Roles and Policies to block this off anyway.

asp.net cache sharing/invalidation between an asp.net-app and web-service app

I have a web service and a web app deployed on the same server, both applications cache some common data, and only the web app changes the data. So I need some simple mechanism to invalidate the cached data on the web service app, or an alternative caching mechanism so both apps use the same copy of the cached data. Right now when the cached data is changed I have no way of notifying the web-service app about the changes.
Asp.Net 4.5, SQL-2008, IIS 7.5
You could use a distributed cache such as memcached or AppFabric for example. You might also wanna check http://sharedcache.codeplex.com/
If you cannot use a distributed cache, then you will have to provide an endpoint in the first application (accessible through HTTP) that will invalidate the in-memory cache. Then the second application could call this endpoint. Of course depending on your specific requirements you might want to secure this endpoint to avoid someone just sending simple requests to it and voiding the cache of your app whenever he finds fit.

Access cache object from Web Application in Web Service?

I'll preface this by saying that I've been developing in .NET for many years, and VB/BASIC for many years before that, but my background is mostly in desktop applications and system interfaces - I'm still pretty new to all this web application stuff, so I apologize up front if this is a silly question.
That said, here's my question: when you create an object in an ASPX page and store it in cache, how can you access it from an ASMX web service that resides in the same application?
To further elaborate: I have a single web application which includes ASPX pages, an ASMX web service, and a class library consisting of two object classes. When the user signs in to the application, they configure some settings, and the objects are created and stored in a system.Web.Caching.Cache object. The custom objects are then pulled out of cache on the next page, and the user then makes an AJAX call (via jQuery) to the web service to retrieve some data.
The problem is that in the web service response, I need to parse the returned data based on the content of the user-created objects stored in the web application's cache. However, I can't find any way to access the cached object from inside the web service.
I have a sneaking suspicion that it may be possible to serialize my custom .NET objects into JSON objects and pass them via the AJAX call to the web service for deserialization, but frankly, I would have no idea how to even begin at that. Plus the objects are potentially 30 - 40K in size, and the AJAX call is being made as frequently as once every 3 seconds, so I'd really like to avoid the overhead of passing all that extra data with each call, especially since the data I need is already sitting in memory in the application where the web service resides.
So once again, I ask: when you create an object in an ASPX page and store it in cache, how can you access it from an ASMX web service that resides in the same application?
Is this making sense? Am I crazy? Missing something obvious? Any insight anyone can provide would be VERY highly appreciated. Thanks!
You can access current HTTP pipeline state using HttpContext.Current. So for accessing the cache, you need to use HttpContext.Current.Cache.
BTW, asmx web services are considered to be legacy technology (see this) - so I will suggest you to migrate to WCF services. If you go for WCF services, then you must enable ASP.NET compatibility mode (see this) to access HttpContext.
I have not tried what you are looking for but objects are stored in cache in the form of key value pairs where key can be anything from simple integer to guids and value being your object. As per my understanding the asmx service just needs the key so that it can look into the cache and returns the object. But again its my understanding not I had tried this scenario.

session sharing between silverlight and asp.net

I have a silverlight application that uses wcf service. This application is shown from a link in an existing project of asp.net web application type. There is a userid session found in the project that i want to transfer it to the silverlight application. I thought of query string but its not a secure thing to do it. so is there a way to transfer the asp session object to the wcf application which the silverlight application communicate with?
You could write a web service that you could use in Silverlight and with which you could get and set single values from and to the current session.
If you want to transfer the whole session to Silverlight, this is of course also possible by a query parameter or the like.
Concerning security, it depends on your scenario. There is no way around that, you do have to send the data over the wire to the client in some way. You can encrypt it, but the Silverlight client will have to know how to decrypt it. Silverlight client code can of course always be inspected in reflector by anyone who has access to the application.
What you can do is set everything up to use SSL for communication, it might be sufficient for your scenario if you never send more information to a client than a client is allowed to know.
If you can run WCF services in ASP.Net compatibility mode then you would be able to share all of the ASP.Net Runtime Objects such as Session, Cache etc.

Resources