Hi all,
At work we have 2 servers in a cluster for our web apps.
One problem we have experienced (along with many others!) - is that if a
user is logged into one of the applications on server a for example and it
goes offline or fails their session is lost also - even though the
application becomes available on server b.
I have heard that it is possible to either exchange the sessions between
clustered servers or store them in a SQL Server database (probably
preferred) so that we could then restore them if such a failure should
occur.
Can anyone shed any light on this for me? Or give me some URL's to check out
and read.
Sorry this isn't a 100% pure IIS question - its obviously partly ASP also.
Thanks in advance for any help you can offer.
Regards
Robb
PS: Windows 2000 servers, SP3, Application Center 2000 SP1 (sp2 about to be
applied), SQL Server 2000 SP2 (sp3 about to be applied). 6 2247
You will need to "roll your own" sessions by putting the session data into a
database and using a cookie, hidden form field, or URL parameter to identify
the session. There are a number of articles out there on this. Also see www.aspfaq.com. There are also a number of 3rd-party "session" objects that
support this behavior as well.
As I understand it, .NET has most of this built-in.
--
Mark Schupp
Head of Development
Integrity eLearning www.ielearning.com
"Rob Meade" <ro********@N O-SPAM.kingswoodw eb.net> wrote in message
news:J7******** *************@n ews-text.cableinet. net... Hi all,
At work we have 2 servers in a cluster for our web apps.
One problem we have experienced (along with many others!) - is that if a user is logged into one of the applications on server a for example and it goes offline or fails their session is lost also - even though the application becomes available on server b.
I have heard that it is possible to either exchange the sessions between clustered servers or store them in a SQL Server database (probably preferred) so that we could then restore them if such a failure should occur.
Can anyone shed any light on this for me? Or give me some URL's to check
out and read.
Sorry this isn't a 100% pure IIS question - its obviously partly ASP also.
Thanks in advance for any help you can offer.
Regards
Robb
PS: Windows 2000 servers, SP3, Application Center 2000 SP1 (sp2 about to
be applied), SQL Server 2000 SP2 (sp3 about to be applied).
"Mark Schupp" wrote ... You will need to "roll your own" sessions by putting the session data into
a database and using a cookie, hidden form field, or URL parameter to
identify the session. There are a number of articles out there on this. Also see www.aspfaq.com. There are also a number of 3rd-party "session" objects
that support this behavior as well. As I understand it, .NET has most of this built-in.
Hi Mark,
Thanks for your reply, my appologies for the delay with mine.
Just trying to think about the database/cookie/form field thing above...not
quite sure how this would work (in English let alone code)...
We have found that when one of our 2 clustered servers goes down, when the
user thats on a page on the failed server clicks to move on, submits a form,
refreshes or whatever, they simply get a blank page, as a result I'm not
sure that the above would work? There is obviously a small time delay in the
sychronization between the two servers when ones goes down..and I guess if
you're the lucky user that actions something at this point if it hasnt
sychnonized on the other server then you're stuffed...
Cookies are probably a no go...primarily because I work for the NHS
(National Health Service) in the UK and they do not like them being used,
also, whilst many of our applications cater for our own organisation within
the NHS, a lot of them are for a wider audience, and this is then were all
the different O/S's, browsers, browser settings and so forth start to eat
away at our applications.
The form field option could well work, as most of the applications have form
content on each of the pages anyway...but again I'm not sure about the above
with regards to the 'white page' etc...
Many thanks again for the reply, I will forward the information on to my
colleagues and hopefully we'll be able to get something to work - and soon!
Regards
Rob
You might want to check and see if "session" cookies are allowed. That is
what supports ASP sessions. A session cookie is an in-memory cookie (never
written to disk). Session cookies disappear when the browser is re-started.
The only thing you would keep in it would be an identifier for the user's
current logged on session (not an identifier for the user him(her)self).
That identifier would allow you to look up other session data in a database.
Another approach is to put the session identifier in the URL for every link
in the application (this is how "cookie munger" worked).
--
Mark Schupp
Head of Development
Integrity eLearning www.ielearning.com
"Rob Meade" <ro********@N O-SPAM.kingswoodw eb.net> wrote in message
news:br******** *************@n ews-text.cableinet. net... "Mark Schupp" wrote ...
You will need to "roll your own" sessions by putting the session data
into a database and using a cookie, hidden form field, or URL parameter to identify the session. There are a number of articles out there on this. Also see www.aspfaq.com. There are also a number of 3rd-party "session" objects that support this behavior as well. As I understand it, .NET has most of this built-in.
Hi Mark,
Thanks for your reply, my appologies for the delay with mine.
Just trying to think about the database/cookie/form field thing
above...not quite sure how this would work (in English let alone code)...
We have found that when one of our 2 clustered servers goes down, when the user thats on a page on the failed server clicks to move on, submits a
form, refreshes or whatever, they simply get a blank page, as a result I'm not sure that the above would work? There is obviously a small time delay in
the sychronization between the two servers when ones goes down..and I guess if you're the lucky user that actions something at this point if it hasnt sychnonized on the other server then you're stuffed...
Cookies are probably a no go...primarily because I work for the NHS (National Health Service) in the UK and they do not like them being used, also, whilst many of our applications cater for our own organisation
within the NHS, a lot of them are for a wider audience, and this is then were all the different O/S's, browsers, browser settings and so forth start to eat away at our applications.
The form field option could well work, as most of the applications have
form content on each of the pages anyway...but again I'm not sure about the
above with regards to the 'white page' etc...
Many thanks again for the reply, I will forward the information on to my colleagues and hopefully we'll be able to get something to work - and
soon! Regards
Rob
"Mark Schupp" wrote... You might want to check and see if "session" cookies are allowed.
Yep - we are already using these in our applications and for our login etc..
Session cookies disappear when the browser is re-started.
If the server drops, but the client still has the web page open - does the
session still exist (I appreciate at this stage that it would not relate to
anything anymore on the server which dropped)
The only thing you would keep in it would be an identifier for the user's current logged on session (not an identifier for the user him(her)self). That identifier would allow you to look up other session data in a
database.
Ok, so I've just logged in, I have a session on server A, this is created in
a database and its ID for example returned to me and saved in a session
variable.
If the server drops after a page has loaded, when I click on a link the
first thing the page I'm going to has to do is check my session("sessio nid")
or something against the database.
If I'm not creating sessions on the other server (server b) how do I still
have users time out after 20 minutes for example? Would this be by checking
the datetime the session was created in the database? And if so, presumably
each time the database is checked (at the start of each new page loading) I
should be updating this datetime if I havent exceed the 20 minutes etc?
The only problem I can still see is the white screen that I mentioned in my
initial post, where it seems that the servers havent finished doing whatever
it is they do when one fails. If I only get a white page, ie no ASP is
processed, I still wont be able to return the session info....hmmm...
Another approach is to put the session identifier in the URL for every
link in the application (this is how "cookie munger" worked).
Hmm...that would require a hell of a lot of rewriting on the older
applications, and we often send URL's to various NHS professionals across
our patch - we normally try to keep this as 'simple' as possible because of
the various levels of competance (for IT at least) out there...I'm not sure
that this would be an approach we could take.
Thanks again for your reply.
Regards
Rob
You will not be able to use the ASP session id for the database key because
session ids are not unique between servers. What you need to do is create
your own session cookie (set a cookie with no expiration date) to contain a
key that you generate to identify the session in your database.
You will need to keep track of the last access time in your session table to
allow for session timeout. Check and update the time on each page access
when you load the session data (or when you update it on page exit). You may
also want a cleanup task to run periodically and delete old sessions from
the database.
The URL approach for passing the session id is what you would need if you
are not allowed to use any cookies at all. It is a lot more difficult
because you have to add it to every URL. Cookie Munger was an ISAPI filter
that would automatically convert session cookies to ids on the URL. It had
some serious drawbacks however. One was performance, it had to scan all
output HTML for links. Another was that it would not recognize URLs set in
script code (as in "document.locat ion= aURL;").
--
Mark Schupp
Head of Development
Integrity eLearning www.ielearning.com
"Rob Meade" <ro********@N O-SPAM.kingswoodw eb.net> wrote in message
news:fv******** ***********@new s-text.cableinet. net... "Mark Schupp" wrote...
You might want to check and see if "session" cookies are allowed. Yep - we are already using these in our applications and for our login
etc.. Session cookies disappear when the browser is re-started. If the server drops, but the client still has the web page open - does the session still exist (I appreciate at this stage that it would not relate
to anything anymore on the server which dropped)
The only thing you would keep in it would be an identifier for the
user's current logged on session (not an identifier for the user him(her)self). That identifier would allow you to look up other session data in a database.
Ok, so I've just logged in, I have a session on server A, this is created
in a database and its ID for example returned to me and saved in a session variable.
If the server drops after a page has loaded, when I click on a link the first thing the page I'm going to has to do is check my
session("sessio nid") or something against the database.
If I'm not creating sessions on the other server (server b) how do I still have users time out after 20 minutes for example? Would this be by
checking the datetime the session was created in the database? And if so,
presumably each time the database is checked (at the start of each new page loading)
I should be updating this datetime if I havent exceed the 20 minutes etc?
The only problem I can still see is the white screen that I mentioned in
my initial post, where it seems that the servers havent finished doing
whatever it is they do when one fails. If I only get a white page, ie no ASP is processed, I still wont be able to return the session info....hmmm...
Another approach is to put the session identifier in the URL for every link in the application (this is how "cookie munger" worked).
Hmm...that would require a hell of a lot of rewriting on the older applications, and we often send URL's to various NHS professionals across our patch - we normally try to keep this as 'simple' as possible because
of the various levels of competance (for IT at least) out there...I'm not
sure that this would be an approach we could take.
Thanks again for your reply.
Regards
Rob
"Mark Schupp" wrote ... You will not be able to use the ASP session id for the database key
because session ids are not unique between servers.
I had guessed that would be the case...can we not use SQL unique identifier
instead?
What you need to do is create your own session cookie (set a cookie with
no expiration date) to contain a key that you generate to identify the session in your database.
So a normal localised cookie on the users PC etc?
You will need to keep track of the last access time in your session table
to allow for session timeout. Check and update the time on each page access when you load the session data (or when you update it on page exit). You
may also want a cleanup task to run periodically and delete old sessions from the database.
Gotcha so far :)
The URL approach for passing the session id is what you would need if you are not allowed to use any cookies at all. It is a lot more difficult because you have to add it to every URL.
Yeah, I dont think the rest of our team would be too keen on that one :)
Cookie Munger was an ISAPI filter that would automatically convert session
cookies to ids on the URL. It had some serious drawbacks however. One was performance, it had to scan all output HTML for links. Another was that it would not recognize URLs set in script code (as in "document.locat ion= aURL;").
Deffo no go for us then as we do have a mixture of ASP and some client side
Javascript on various pages...
With regards to hitting the database continuously for the session stuff,
isn't that going to have a bit of a knock-on effect on performance? I
myself have developed one application that is used 24/7 by NHS staff who
update emergency admissions etc, they do this at the moment once every hour,
it only has about 3 pages in total which bounce back and forth to the
database etc, but multiply this by the number of locations/users etc, thats
quite a few hits to the server for the session info...
I'm still concerned about the white screen event though...I guess until we
try and test this approach we wont know...I'll not be around in the office
to test this for another week due to a .net training course, plus I'm not
sure if our development server is clustered also (probably not) - so I'll
have to speak to someone about that - it might mean that we can only test
this on a live cluster....
Thanks again for your help.
Regards
Rob This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Paul |
last post by:
I want to use sessions to cover myself in case the user switches off cookies
so I am passing the session ID manually through a hidden input field. This
is what I have so far.
index.php page contains:
<?php
$_SESSION = "";
$_SESSION = "";
|
by: Raju V.K |
last post by:
I am developing a web site which requires a set og unique values be
transferred between pages and server many times. There fore i decided
to put the values in an array so that only one reference to the array
is needed ratherthan idividual reference. The situation is like this:
When the page is loaded based on the user input say 6 values are
created like character1="tom", character2="jerry", Character3="micky",
Character4="donald",...
|
by: jeff brubaker |
last post by:
Hello,
Currently we have a database, and it is our desire for it to be able
to store millions of records. The data in the table can be divided up
by client, and it stores nothing but about 7 integers.
| table |
| id | clientId | int1 | int2 | int 3 | ... |
Right now, our benchmarks indicate a drastic increase in performance
if we divide the data into different tables. For example,...
|
by: Steve_CA |
last post by:
Hi,
The more I read, the more confused I'm getting ! (no wonder they say
ignorance is bliss)
I just got back from the bookstore and was flipping through some SQL Server
Administration books.
One says, that to get the best query performance, youi do two things:
|
by: jim_geissman |
last post by:
One table I manage has a clustered index, and it includes some
varchar columns. When it is initially created, all the columns
in the clustered index are populated, and then some of the longer
varchars are populated through update queries. If the varchar
columns are stored outside the clustered structure, then it would
make sense to create the clustered index before populating the
varchar columns. Otherwise it would make sense to wait,...
| |
by: Scott Zabolotzky |
last post by:
I'm trying to pass a custom object back and forth between forms.
This custom object is pulled into the app using an external reference
to an assembly DLL that was given to me by a co-worker. A query-string
flag is used to indicate to the page whether it should instantiate
a new instance of the object or access an existing instance from
the calling page.
On the both pages I have a property of the page which is an
instance of this custom...
|
by: Lyle Fairfield |
last post by:
'Property Clustered As Boolean
'Member of DAO.Index
Private Sub IsThereaClusteredIndex()
Dim tdf As DAO.TableDef
Dim idx As DAO.Index
For Each tdf In DBEngine(0)(0).TableDefs
For Each idx In tdf.Indexes
Debug.Print tdf.Name, idx.Name, idx.Primary, idx.Clustered
Next idx
|
by: pb648174 |
last post by:
I've been doing a bit of reading and have read in quite a few places
that an identity column is a good clustered index and that all or at
least most tables should have a clustered index. The tool I used to
generate tables made them all with non clustered indexes so I would
like to drop all of them and generate clustered indexes. So my
questions is a) good idea? and b) how? There are foreign key references
to most of them so those would...
|
by: Bookham Measures |
last post by:
Hello
We are planning to set-up a load balanced web environment. Accordingly, we
are going to change the session management on our website from the classic
ASP Session State and session variables, to a database method.
Does any one have any pointers as to how I might approach this, so that I
can have the same sort of functionality the ASP sessions give without having
to create database columns for each session variable I wish to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |