Parag's Weblog

Silent passport authentication from web and load test in VSTT

1.       Open IE and clear all cookie cache.

2.       Start fiddler.

3.       Browse application in IE.

4.       It will cause redirect to passport login page.

5.       Authenticate. We will land up to home page.

6.       Stop fiddler.

7.       Examine http traces:

a.        Filter out request for CSS, JS, images etc. for ease of reading.

b.       Examine POST request made to home page in the trace. Examine cookies collection for this request.

c.        The one’s which are of interest to us is: -

i.        MSPP_RPSAuth      

ii.      MSPP_RPSSecAuth

8.       Above cookies uniquely identify a given logged in user. For that browser session all subsequent requests will use these cookies for authentication, failing which, will redirect user back in login page. Session persists for 24 hours from the time of login.  

9.       Next step is to create web test.

10.   Create a web test and add a request for same home page. We will now modify headers   collection for this request.

a.        Right click on request and “Add Header”.

b.       Add above cookies in cookie collection with their respective values. For example,

Cookie= MSPP_RPSAuth=<pick value from trace>; MSPP_RPSSecAuth=<pick value from trace>;

11.   We are done!! Executing this web test will directly take you to home page by impersonating the user.

12.   Above web test can be used in load test as well.

Hope that helps,
--Parag

Troubleshooting Web Application Performance

Every app is different and every server is different. It's only through extensive understanding of the application that decision can be made to improve its performance. There are no specific set of rules we can define that will ensure app will run with great performance on a given server. Only thing we can do is to come up with a framework/checklist that we might want to review.

So let's start by defining key performance pillars:

End user - defines performance of the site as viewed by the end user. For example, do customers notice that how long it takes to render, what's the speed, is it fast enough etc.

Throughput - measuring per second values (Request, bytes and connections) which apply at several levels like, Farm, Server, Website, Application Pool, and even URL users are browsing.

Capacity - How much we can support in terms of Users, Connections, Throughput, and Content etc.

Scaling - a way to fix performance problems.

After we have listed out key performance pillars, we need to measure them.

Measuring End user
Use (or may be test) the site as end users would use. What is their connection speed, check out for client or proxy caching happening, what browsers (with versions) are used to browse the site etc. One thing we need to keep in mind that application is developed and tested in high speed LAN and conditions will not be same when deployed on internet where still most of the users are running on modem and low speed connections. So customer experience and your experience will be different.

But the challenge is we really can't get all our customers so best we can do is to bucket-ize the customers and put them into groups like how much % of them are modem users, how many are on high speed connections, how many have direct T1 lines etc. Now the question is, how do I find those buckets? What are the best tools to capture and report such data? One of the tools is Log Parser.

It's an extensive tool that will help us to analyze IIS performance by parsing IIS logs. We will also look out for different type of browsers being used and how long these request takes. This tool can be executed through command line and it expects a query (almost similar to SQL syntax) for performing heuristics on a given log.

For example, we will write a script that will return type of browsers used to browse the website.
%logparserinstalldir%> logparser.exe GetBrowsers.sql

GetBrowser.sql

SELECT TOP 10
              to_int(null(100.0,propcount(*))) as Percent
              Count(*) as TotalHits
              cs(user-Agent) as Browser
FROM   %logfile%
GROUP BY Browser
ORDER BY TotalHits desc

Why is that important to know about browser? It is because each browser has a different caching technique, rendering mechanism etc. Accordingly we may want to change output HTML along with header for better performance.

We can start identifying important page(s) that users could be hitting and what is the average, maximum, minimum and hit count for such page(s).

SELECT 
            to_lowercase(cs-url-stem) as URL
            AVG(time-taken)  as AvgTime
            MIN (time-taken)  as MinTime
            MAX(time-taken) as MaxTime
            count(*)  as HitCount
FROM   %logfile%
WHERE URL  = ‘/default.asp'
GROUP BY URL

Script below will list out clients connected (requesting something) and we will try to identify slow connection(s).

SELECT c-ip as Client
             Avg(sc-bytes)
             Avg(time-taken)
             to_int ( mul ( div (to_real (sc_bytes), case avg(time-taken) when 0 then 1 else avg(time-taken)), 1000 ) ) as BytesPerSecond
             Count(*) as Hits
FROM   %logfile%
WHERE sc-bytes  >  1 and time-taken > 1000 [ where condition to ensure that we are taking connections that did not get dropped. 1000 is measured in milliseconds which means 1 second]
GROUP BY  Client, cs(user-Agent)
HAVING       hits > 1

By running above query we can find out slowest client . It could be possible that it is one of the most important clients. This does not mean that server is performing badly nor has a fast connection to internet rather it seems that client is on slow connection may be modem. It gives us few points to discuss. For example, can we do something to reduce the payload (IIS compression is one way to achieve it) so that app works for slow clients as well?

Measuring Throughput
Performance monitor is the key way to learn what the throughput is. However it does only at server and site level. But we can use log parser for other levels for example, for URL, we can use log parser to know URL request per second/hour/minute and no of bytes transferred to different clients as we see in above examples.
ETW (Event tracing for windows) is yet another excellent tool to understand performance, throughput of the server and other issues through extensive logging mechanism. It traces each and every call within the server till the time request reaches to server (HTTP.SYS in case of win 2k3) and served back to the client, what all operations are involved for that individual request. I would like to take an example, where ETW tracing proved to be useful in diagnosing performance issues. After publishing a website to another server, very first request to any aspx/asp page was taking huge amount of time. Running an ETW trace on that server resulted in a log file upon investigating which it was found that first request was taking long time because of ISAPI filter installed on top of IIS was taking long time to load hence blocking all other operations.
  

Now we can understand & define performance and know some ways to measure it we will move on to how we can improve performance of a given web application. Again, there is no defined way to improve the performance. It includes making guesses, see if they work, if they do, celebrate and make another guess. If they don't, undo it and make another guess.

Improving end user performance
In the internet scenario we can define key issues: -

Download time
According to a survey, still more than 50% of internet users still have narrow band connections let's say, modem. So if testing and verification is done in a high speed LAN environment, we cannot understand and foresee customer problems that might be running on narrow band connection.

So specific items we can look at to address such key issues are: -

• Download size is performance key driver on low band connections. How do we fix download size? One of the best ways is to enable IIS compression.
• Try to split up the helper content (style sheets, client side scripts). For example, if you don't need a specific JS function/Style sheet for a page currently being requested, do not download it!! Download it only when you need it.
• Do not make copies of things (script code, style sheets etc.) that are being downloaded and have duplication in website. Let's understand it with an example,
  

Bad CSS (Replication of data)
.article-ByLine  { font-family: Tahoma,sans-serif; font-size: 9.5pt; font-style: normal; line-height: normal; font-weight: normal; color: #000000}
.article-Caption {font-family: Tahoma,sans-serif; font-size: 8pt; font-style: normal; line-height: normal; font-weight: normal; color: #000000}
.article-Headline { font-family: Tahoma,sans-serif; font-size: 14pt; font-style: normal; line-height: normal; font-weight: bold; color: #000000}

In above example, highlighted text is same for each definition except font-size. It results, in increased payload. Same CSS can be represented as: -


BODY {font-family: Tahoma,sans-serif; font-style: normal; line-height: normal; font-weight: normal; color: #000000}
.article-ByLine {font-size: 9.5pt;}
.article-Caption { font-size: 8pt}
.article-Headline {font-size: 14pt;font-weight:bold}

• Set HTTP expire header for all images and for HTML so proxy servers & browsers make fewer calls to web serve. For more information, visit Content Expiration.
• Use SSL certificates only when needed and only for content that requires security. Because SSL uses complex encryption that consumes considerable processor resources, it takes much longer to retrieve and send data from SSL-enabled directories. Also, keep these pages free of other elements that consume resources, such as images.
• Another thing to verify is "connection=keep-alive" state for each TCP connection. If it is turned off every file requires a new TCP connection which is not good for a slow connection.
• Set expiration dates on files - When customer returns to a web page, IE already has most of the files for the page in its cache, but it does not use these files if the expiration dates are in the past. Instead, IE sends a GET request to the server for the file, indicating the date of the file in the cache. If the file has not changed, the server sends a Not Modified message. This GET/Not-Modified sequence costs the client a roundtrip.
• Identify slow loading files which will provide clues what needs to be improved. Causes of very long load times can include server capacity issues, network congestion. This data can be collected by running log parser on IIS logs or by using ETW tracing mechanism.
• Files often contain TABS, spaces, newlines, and comments contributing some % of page size. Try removing those.
  

Hardware Resources
If CPU is the issue, think about caching so that we don't compute so often. Is HTTP compression causing this to happen etc.?

If memory is an issue, check if we are caching too much, how many copies of same data we are caching etc. So there is a tradeoff, which is hitting you much, CPU or Memory and take the judgment accordingly. You can monitor memory by making use of existing performance monitor counters. Here are few of them: -

• Monitoring Available System Memory - Memory\Available Bytes,
• Monitoring Paging - Memory\Page Faults/sec, Memory\Pages Input/sec, Memory\Page Reads/sec, Memory\Transition Faults/sec (If these numbers are low, server is responding to requests quickly. If these numbers are high, investigate whether we have dedicated too much memory to the caches, leaving too little memory for the rest of the system. If reducing cache sizes does not improve system performance, we might need to increase the amount of RAM on server)
• To know more about IIS performance counters, visit http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0a6c9f07-a70c-4c3d-b93d-5dfef593c744.mspx?mfr=true.
  

If disk is slow determine who is causing file access. Best tool available for this purpose is Filemon. For example, it could be possible that web site logging is turned on causing several file I/O's hence degrading the performance.

Till now we have discussed key performance pillars, how we can measure them and ways to fix them.

Performance issues can be difficult to troubleshoot and often take a long time to determine the root cause & resolve. This process can be less painful if we collect good data and then use that information further to solve the issue. So how can we collect good data? By asking as many questions we can. For example,

• When the problem did started happening? Was there any change or update on the server prior to the problem?
• What are the different symptoms? Is there one or more error messages shown?
• Is there a High CPU on the server at the time of the problem?
• Is the worker process consuming high memory (Approx 500-600MB+) at the time of the problem?
• What are the technologies (including third-party) involved?
• Are there any COM/COM+ components being used? If so, are they STA or MTA?
• Does the problem happen at a specific interval?
• Do ASPX/ASP/ HTML pages in the same/different Applications on the same server work fine?
• Is the issue specific to any pages in the application or only to some pages?
• Does a simple hello world aspx page work fine?
• What is the architecture of the application?
• Is Data Access involved? If so, does the issue happen with any page connecting to a particular database?
• If Data Access is involved, does any page that does not do data access work fine?
• What is the application workflow with respect to the current problem?
• What are the steps to repro the problem?
• Is problem reproducible in test environment?
  
  

Once we have gathered the above data I am pretty sure we will have a good idea on where to focus. Based on symptoms and data we need to decide if the problem is on client side, server side, database/other tier or combination of one or more of these. There are several tools available that can now assist us to find root cause.

• Network monitoring tools (netmon) can be used to examine network related problems, page rendering delays etc.
• File monitoring (filemon) and Registry monitoring (regmon) tool can help us in identifying file system and registry based access issues.
• ETW (Event tracing for windows) which can be used to trace internal IIS/kernel (HTTP.SYS in case of win2k3) events and pinpoint web bottlenecks on the server and often determine where to tune server for improved performance.
• WinDbg/CorDbg - Used for advanced debugging by analyzing memory dumps on production server without even going through source code.
  
  

I hope this article gets you going to start troubleshooting and analyzing performance issues for a given website hosted on IIS. 

Bye for now,
--Parag

Creating EVT &amp;amp; IVT's using VS 2005 Test Suite

So i am back after a long break. Just to give you a little bit of background i recently shifted from Microsoft PSS (where i used to support ASP.NET and IIS) to Micorosft IT Division as a developer where we create solutions for our valuable Microsoft Partners. So let's get started now:

So you must be thinking what these terms EVT & IVT means. Since i am in application development now i will also be sharing best practices revolving around application developement, deployment etc.. So the very first step before deploying any application is to run EVT (Environment Verification Test) and IVT (Installation Verification Test).

EVT: It will basically consists of tests to verify the environment (both hardware and software) under which your application is subjected to run. For example, knowing hardware requirement, HDD space check, OS check, IIS, SQL Server etc.

IVT: It would consists of tests to verify whether application successfully installed or not. For example, various configurations for proper functioning of the application are correct, required virtual directories exists on website, required DB's exists on SQL server, web services are getting back the results etc..

Advantage is obvious i.e. after running EVT's and IVT's and correcting the faults encountered during the course we are sure application will run fine where it is deployed and no more obvious surprises on production environment. EVT's and IVT's reminds me of TDD (Test Driven Development) and what can be better then creating these set of checks in form of test cases by leveraging VS 2005 Team Suite for Tester. Earlier i used Nunit and can be downloaded from sourceforge.net. Best part is we can still consume the test assembly generated by VS 2005 Test Suite in Nunit if we dont want to install the complete suite on the server where checks will be performed.

Hope that helps ...
--Parag

Getting CryptographicException exception "Padding is invalid and cannot be removed" after Migrating to ASP.NET 2.0

Problem Description

=============

One of my colleague migrated his asp.net 1.1 application to asp.net 2.0. It worked fine for some time and soon after it is deployed it started giving intermittent security exception below:

Event code: 3005

 Event

 An unhandled exception has occurred.

 Event time: 6/22/2006 10:58:04 AM

 Event time (UTC): 6/22/2006 2:58:04 PM

 Event ID: 8f96fc240df941e98447cb4f46b8bc61

 Event sequence: 26440

 Event occurrence: 1321

 Event detail code: 0

 Application information:

 Application domain: /LM/W3SVC/<remoevd>/Root-1-127954582343593239

 Trust level: Full

 Application Virtual Path: /

 Application Path: <removed>

 Machine name: <removed>

 Process information:

 Process ID: 9364

 Process name: w3wp.exe

 Account name: <removed>

 Exception information:

 Exception type: CryptographicException

 Exception Msg:  Padding is invalid and cannot be removed.

 Request information:

 Request URL: https://.../WebResource.axd?d=UphM0djXQAbNBS80WyI_2Q2&t=632863388699082620

 Request path: /WebResource.axd

 User host address: <removed>

 User:

 Is authenticated: False

 Authentication Type:

 Thread account name: <removed>

 Thread information:

 Thread ID: 12

 Thread account name: <removed>

 Is impersonating: False

 Stack trace: at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)

 at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)

 at System.Security.Cryptography.CryptoStream.FlushFinalBlock()

 at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo)

 at System.Web.UI.Page.DecryptString(String s)

 at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)

 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

 at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Resolution

=======

Application is deployed on a web farm. Viewstate is disabled completely. The same application is working fine under a web farm in 1.1 version. Issue happens only when it is run under 2.0.

The reason it is not working because <machineKey> for this application on all the servers connected to a web farm is not the same. My colleague turned it off because he was not using viewstate at all and that worked fine in 1.1. Then why it is failing on 2.0 and that too when Webresource.axd file is requested. The reason being is data to be sent to server along with query string parameter which looks like some sought of hash value uses <machineKey> for encryption & decryption. As a result, it requires <machineKey> to be same for that application on all the servers.

To be sure, we isolated the issue by running testing the app. on a single server. By doing that, we did not get the issue.

More information on Webresource.axd can be found at: http://support.microsoft.com/kb/910442/en-us

HTH,

Parag

ASP.NET 2.0 - Errors while re-directing user to an error page after the exception is thrown from COM Port

Abstract

=======

There is an ASP.NET 2.0 application inside of which i connect to serial COM port by using the classes present in System.IO.Port namespace (http://msdn2.microsoft.com/en-us/system.io.ports.serialport.aspx). I am able to connect to COM port, fetch the data and trap the exceptions when the device is disconnected, successfully. When some device is disconnected from the COM port I want the user to redirect to an error page within the exception handler code. In order to do this, using Response.Redirect/ Server.Transfer will give me the error message below: -

"Response is not available in this context"

Cause

=====

This is an expected behavior because HTTP Context is not available in at that point of time. As a result, we cannot use any of the classes present inside http context i.e. response, request, session etc. It is not available because exception handler event is fired not due to page post back, but because of external change event. As far as page life cycle goes http context is built when page is requested and gets destroyed after the page is served/rendered.

To get more understanding on the page life cycle, please visit the following link: -

http://msdn2.microsoft.com/en-us/library/ms178472.aspx

Resolution/ Workaround

==================

I created a static boolean variable at the page level and initialized it to false. When the exception will occur, I will simply set the variable to true (in the exception handler code). Also, I will keep refreshing the page lets say, after every 5 seconds and keep checking for its value in the page load. If value comes out to be true, we will simply redirect user to the error page.

Setting Server.ScriptTimeout programatically in ASP.NET not taking into effect

The reason behind it was that debug attribute was set to true inside web.config. If debug attribute is set to true, then batch compilation is diasbled <httpRuntime executionTimeout /> or calls to Server.ScriptTimeout is ignored.

To confirm, set the debug attribute to true and then request any aspx page. After that browse to Temporary ASP.NET files folder and locate application directory. Inside that directory locate the .cs or .vb file dynamically generated for the requested aspx page. Open that up and you will find

this.Server.ScriptTimeout = 30000000 by default even if you set Server.ScriptTimeout value in the Page Load.

For more information, please visit the url - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/monitor_perf.asp

ASP.NET - Getting 0 value for Request/Sec and Total Req. in performance monitor

Things to check: -

1. Check the following registry key HKLM\SYSTEM\CurrentControlSet\Services\ASP.NET_1.1.4322\Performance\Library and make sure that it is pointing to correct version of aspnet_isapi.dll.
2. Shutdown IIS and remote registry services.
3. Run commands
1. unlodctr ASP.NET_1.1.4322
2. unlodctr ASP.NET
4. Then from %Framework% folder, run the following commands: -
1. lodctr aspnet_perf.ini
2. unlodctr aspnet_perf2.ini
5. After that restart IIS and remote registry services.
6. Check whether the following key exists, HKLM\SYSTEM\CurrentControlSet\Services\ASP.NET_1.1.4322\Names
7. If the machine is a Domain Controller, we should have IWAM account instead of ASPNET (NETWORK SERVICE) account in the permissions list for the above registry keys.
8. If that still doesn’t resolve the issue then we might be loosing on the required permissions. Worker process identity should have the effective permissions given below on the following registry key HKLM\SYSTEM\CurrentControlSet\Services\ASP.NET_1.1.4322\Names

1. Query Value
2. Set Value
3. Create Subkey
4. Enumerate Subkeys
5. Notify
6. Read Control

Hope that helps!!!

Parag

Why i am getting VBScript runtime (0x800A000D) Type mismatch: 'Session' on ASP page ?

There could be two reasons: -

1. Directory under which ASP page resides is not marked as an application. In other words, its not a *virtual* directory. 

2. *Enable Session State* option is disabled either on the virtual directory level or one level up on the root website. Path to this setting is: Right click Vdir or Website -> Choose Properties -> Virtual Directory tab -> Configuration -> Options Tab.

Few Things to take care while designing custom Composite Controls

Abstract

We can visualize composite control, the composition of existing controls that reuses the implementation provided by child controls for rendering, post back handling etc. While creating composite controls we don’t face too much of complexity. For example, if our composite control has a Textbox control, the post back data processing for the textbox will be automatically taken care of. Similarly, we can use the existing button control to capture the post back.

Composite control should have: -

1. Overridden CreateChildControl method that will have the logic implemented for initializing, instantiating, and finally adding the child controls in the control tree.
2. System.Web.UI.INamingContainer interface implemented. It is a markup interface that doesn’t have any method but it will ensure that page framework will create unique identifiers for each and every control on the page by introducing UniqueID property. Most of the developers complain that state of the child control is not persisting on post backs within the composite control. It is because; composite control is not implemented by INamingContainer interface.
3. We may want to use EnsureChildControls method before we try to access any child control in the composite control. This method checks whether the child controls have been created and if not first invokes CreateChildControl on that.
4. We may also want to override Controls property of the base class which returns ControlCollection that can be utilized to call functionality such as Add, Remove or Clear in the controls collection. Before returning control collection, we will call EnsureChildControls API.

Hope this helps!!!

Parag

Understanding Login Controls in ASP.NET 2.0

The link below explains what are the Login Controls and how they can be used against custom data source instead of SQL Server by creating the custom Membership Provider classes.

http://support.microsoft.com/kb/910440/en-us

By creating the custom membership provider described in the above article, we will still be using the fields that are provided by MembershipUser class (http://msdn2.microsoft.com/en-us/library/system.web.security.membershipuser_members(VS.80).aspx). In order to use extra fields that exists in the custom data source we need to extend MembershipUser class as well.

Hope this helps!!!

Parag

Getting 'Webform_Postbackoptions is undefined’ errors in ASP.NET 2.0

Issue

====

I recently got an issue where customer ASP.NET 2.0 website on IIS and on one of the aspx pages he was using RangeValidator control. Browsing to that aspx page was giving client side Java script errors ‘Webform_Postbackoptions is undefined’. Without RangeValidator application was just working fine.

Cause

====

WebResources.axd was not getting downloaded to ‘Temporary Internet Files’ folder. Fiddler showed 500 Status for the WebResources.axd. IIS Logs showed nothing in my case. When directly browsed to this file it gave errors in one of the events called AcquireRequestState in Global.asax file sitting under App_Code directory. Error was related to session state because an AXD file doesn’t have any session state handler associated.

Resolution

=======

Commented out AcquireRequestState event and now webresources.axd is successfully downloading in ‘Temporary Internet Files’ folder.

Note:- Fiddler tool can be downloaded from http://www.fiddlertool.com/dl/FiddlerSetup.exe. It's a great tool to troubleshoot client side issues.

Intermittently Loosing Intellisense in the code behind editor inside visual studio .net

Issue

====

One of my colleagues was loosing intellisense in the code behind editor for a particular ASPX page intermittently in visual studio .net 2003.

Cause

=====

Later we found out that he edited the InitializeComponent method by adding the code below:

private void InitializeComponent()

{  

  if (Session["AnyVariable"] == null)

    Server.Transfer("frm.aspx");

  this.Load += new System.EventHandler(this.Page_Load);

}

Steps taken to find the root cause

=======================

1. Opened up new visual studio instance.
2. Go to Tools -> Debug Processes.
3. Attach devenv.exe associated with faulty project.
4. Then go to Debug menu, and select Exceptions.
5. For each Exception listed, select the option, “Break into the debugger”.
6. After that open up the problematic ASPX file. Opening up that file resulted into the following exception:

A first chance exception of type 'System.ComponentModel.Design.Serialization.CodeDomSerializerException' occurred in microsoft.visualstudio.dll

Additional information: The designer cannot process the code at line 40:

if (Session["AnyVariable"] == null)

  Server.Transfer("frm.aspx");

The code within the method 'InitializeComponent' is generated by the designer and should not be manually modified.  Please remove any changes and try opening the designer again.

Resolution

=======

Using Web Deployment Project in Visual Studio 2005

Issue

====

One of my colleague developed ASP.NET 2.0 application in Visual studio 2005. During the development phase he referenced few assemblies from a shared directory that were not in GAC. As a result, all the referenced assemblies were copied in Bin folder. Now he wants a functionality to exclude all those assemblies that are present in bin folder as soon as he publishes the website to other location.

Resolution

========

There are two ways to achieve the above functionality:

1. Reference all the assemblies from GAC. As a result adding a reference in the website will not create a Bin folder.
2. Use Web Deployment Project utility where we can exclude the paths when ever the build will happen in its configuration file like:

<ItemGroup>

         <ExcludeFromBuild 

          include="$(SourceWebPhysicalPath)\Bin\*.*"/>

       </ItemGroup>

For more information on Web Deployment project, visit the following links:

http://msdn.microsoft.com/asp.net/reference/infrastructure/wdp/

http://download.microsoft.com/download/1/5/4/1541980a-d8fc-407b-8c9f-c2df5445b041/Using%20web_deployment_projects_final.doc

HTTP_URL Server Variable behaves differently in IIS 5 and 6

Issue

====

One of my Customer’s configured an ASP file named *NotFound.asp* to process 404 errors inside the Custom Errors section of Internet Services Manager, where he uses HTTP_URL Property to get the bad page or malformed URL that user has just requested. There he is maintaining two Arrays. First array represents the list of bad/old URL and the second array maps to their latest version available.

Initially the application was developed on IIS 5. Migrating it to IIS 6 started giving problems because of the following reason(s):

He is storing the URL’s in Array as http://machinename/VdirName/Pagename.asp i.e. without PORT information because HTTP_URL doesn’t include the PORT information in IIS 5 or the versions below it.

As soon as he retrieves the Bad page as:

var badPage = Request.ServerVariable(“HTTP_URL”),

He strips off *404;* part from the badPage and queries on the second array to get its newer counterpart. The logic works on IIS 5 but fails on IIS 6 because HTTP_URL now include PORT information even with the default web site running on PORT 80 which he has not handled in the code right now.

Now he is asking whether there is some setting on IIS 6 that specifies not to include the PORT number in the HTTP_URL variable.

Actually there is no such setting in IIS 6 where we can specify not to use PORT number in the return URL. We have to handle this situation only by writing code that will strip off the PORT information from the bad page before any lookup operation. I also tried searching this information on support site as well as visual KB but couldn’t find anything.

WORKAROUND

==========

<%

Function parseUrl(url)

  firstpartlength =  instr(6, url,":")-1

  If firstpartlength > 0 Then

    firstpart = mid(  url,  1,firstpartlength)

    lastpartindex = instr(firstpartlength, url,"/")

    lastpart = mid(url,lastpartindex)

    url = (firstpart & lastpart)

  End If

  parseUrl= url

End Function

%>

<%= parseUrl("http://machinename:8080/Vdir/BadPage.asp")%>

NOTE:- On IIS 5, even if Default Web site is running on some other PORT instead of PORT 80, HTTP_URL will still not display the URL with a PORT number. It can be considered as a BUG or Limitation on IIS 5.

ASP.NET 2.0 - Cannot find control in EditItemTemplate of DetailsView Control

Recently we got some cases in ASP.NET 2.0, where customers were using: -

- DetailsView control bound with SQL Data source control.

- DetailsView has few Data-bound Columns as well as one Template Column.

- Data bound columns displays correct values.

- However, there are some issues with Templated Column that looks like:

<asp:TemplateField HeaderText="BusinessOrgName" SortExpression="BusinessOrgName">

<EditItemTemplate>

    <asp:ListBox ID="LstBUOrg" runat="server" AutoPostBack="true" DataSourceID="BUOrgDataSource"

        DataTextField="BusinessOrgName" Width="347px" DataValueField="BusinessOrgID" SelectionMode="Multiple"  SelectedValue='<%# Bind("BusinessOrgID") %>'>

    </asp:ListBox>

    </EditItemTemplate>                                                                   

<ItemTemplate>

    <asp:Label ID="LblBOrg" runat="server" Text='<%# Bind("BusinessOrgName") %>'></asp:Label>

</ItemTemplate>

</asp:TemplateField>

- Most of the time, Template Column works fine but with one exception. Exception is, when Label control inside <ItemTemplate> is blank. As a result, when user switches to DetailsView Edit mode, where SelectedValue property of the ListBox control is used, we get error stating "Value that we are trying to select is not present in the Listbox Items”, which is basically a NULL value.

Now how to avoid this situation to happen?

RESOLUTION

==========

- To get rid of this situation, some of the customers were trying to get the reference of the ListBox control, as soon as the Label is blank so that they can change the SelectedValue property dynamically.

- That seems to be a good idea, but the events like (ModeChanged/ModeChanging) where they want to get this job done are not appropriate.

- This   is   because; we   cannot   get   the   Listbox   reference   under ModeChanged/ModeChanging events as Listbox control under <EditItemTemplate> is still not built at this time.

- We will get the reference of Listbox control inside ItemUpdated(ItemUpdating) event that will be called while Updating the DetailsView control. But for the above situation, that we will too late because we will get the error as soon as user switches to edit mode with a blank label.

- Only way left is to implement OnPreRender event for Listbox control inside <EditItemTemplate> where SelectedValue property is set to null if the Label is blank.

To learn more about DetailsView control, visit the following link:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/detailsview.asp

Hope this helps!! Please feel free to send me an email if you have any questions.