473,327 Members | 2,103 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Cannot access a disposed object

Hi.
In my application I store information about the user in the session object.
Since I'm storing sensitive information I encrypt it before storing and
decrypt it when I need to use it again. The encryption object I use is
stored in the Application object. My problem is that after a while the
encryption object becomes unusable. When I retrieve the object from
Application and call the decrypt method I get an exception saying "Cannot
access a disposed object". Sometimes it works fine for 2 weeks and
sometimes it only works for a day or two. Has anyone experienced a similar
problem? I'm guessing the web server is to blame, I just don't know how to
fix it.

Any help is greatly appreciated!

Shawn

Nov 19 '05 #1
3 2076
My first and only guess is that somewhere you are simply disposing of the
object yourself, perhaps via using or something and you don't realize it.
The fact that it happens at inconsistent intervals could simply mean it's
along a codepath not frequently executed.

I do have to question the encrypting session thing though. This is
something I've never done or heard of. Why encrypt the data? Seems like
fake security on top of actually locking down your machine. It seems to me
that anyone who's gotten access to the machine will be able to get access to
the data (heck, they'll grab the dll that has the decrypting code in it or
something).

Karl
--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is
annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)
"Shawn" <bo********@hotmail.com> wrote in message
news:uK**************@TK2MSFTNGP09.phx.gbl...
Hi.
In my application I store information about the user in the session
object.
Since I'm storing sensitive information I encrypt it before storing and
decrypt it when I need to use it again. The encryption object I use is
stored in the Application object. My problem is that after a while the
encryption object becomes unusable. When I retrieve the object from
Application and call the decrypt method I get an exception saying "Cannot
access a disposed object". Sometimes it works fine for 2 weeks and
sometimes it only works for a day or two. Has anyone experienced a
similar
problem? I'm guessing the web server is to blame, I just don't know how
to
fix it.

Any help is greatly appreciated!

Shawn

Nov 19 '05 #2
Hi Karl.
I'm not disposing the object myself. I'm just using its (only) two
methods -encrypt and decrypt- through out my code.

I always thought that data stored in the session object was not particularly
safe and that it could easily be exposed to people who new what they were
doing. That's why I'm encrypting it. That way it would at least be a bit
more difficult for hackers to get access to it since they would have to use
the decrypting object stored in application to decrypt the data. But if you
say that it has no purpose then I will take you word for it and stop using
it.

PS. I saw this method used in an article once, that's why I implemented it.
Can't remember where I read the article though.

Thanks,
Shawn
"Karl Seguin" <karl REMOVE @ REMOVE openmymind REMOVEMETOO . ANDME net>
wrote in message news:uX**************@TK2MSFTNGP15.phx.gbl...
My first and only guess is that somewhere you are simply disposing of the
object yourself, perhaps via using or something and you don't realize it.
The fact that it happens at inconsistent intervals could simply mean it's
along a codepath not frequently executed.

I do have to question the encrypting session thing though. This is
something I've never done or heard of. Why encrypt the data? Seems like
fake security on top of actually locking down your machine. It seems to me that anyone who's gotten access to the machine will be able to get access to the data (heck, they'll grab the dll that has the decrypting code in it or
something).

Karl
--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is
annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)
"Shawn" <bo********@hotmail.com> wrote in message
news:uK**************@TK2MSFTNGP09.phx.gbl...
Hi.
In my application I store information about the user in the session
object.
Since I'm storing sensitive information I encrypt it before storing and
decrypt it when I need to use it again. The encryption object I use is
stored in the Application object. My problem is that after a while the
encryption object becomes unusable. When I retrieve the object from
Application and call the decrypt method I get an exception saying "Cannot access a disposed object". Sometimes it works fine for 2 weeks and
sometimes it only works for a day or two. Has anyone experienced a
similar
problem? I'm guessing the web server is to blame, I just don't know how
to
fix it.

Any help is greatly appreciated!

Shawn


Nov 19 '05 #3
> I always thought that data stored in the session object was not
particularly
safe and that it could easily be exposed to people who new what they were
doing. That's why I'm encrypting it. That way it would at least be a bit
more difficult for hackers to get access to it since they would have to
use
the decrypting object stored in application to decrypt the data. But if
you
say that it has no purpose then I will take you word for it and stop using
it.
Now, how is a hacker supposed to get at anything stored in System Memory?
Now, if you were using SQL Server for Session, I suppose it is remotely
possible, assuming that Security on the SQL Server was screwed up well
enough by the DBA, to access the Session data in the database. But by
default, Session State is stored in System Memory.

--
HTH,

Kevin Spencer
Microsoft MVP
..Net Developer
Paranoia is just a state of mind.

"Shawn" <bo********@hotmail.com> wrote in message
news:eQ**************@tk2msftngp13.phx.gbl... Hi Karl.
I'm not disposing the object myself. I'm just using its (only) two
methods -encrypt and decrypt- through out my code.

I always thought that data stored in the session object was not
particularly
safe and that it could easily be exposed to people who new what they were
doing. That's why I'm encrypting it. That way it would at least be a bit
more difficult for hackers to get access to it since they would have to
use
the decrypting object stored in application to decrypt the data. But if
you
say that it has no purpose then I will take you word for it and stop using
it.

PS. I saw this method used in an article once, that's why I implemented
it.
Can't remember where I read the article though.

Thanks,
Shawn
"Karl Seguin" <karl REMOVE @ REMOVE openmymind REMOVEMETOO . ANDME net>
wrote in message news:uX**************@TK2MSFTNGP15.phx.gbl...
My first and only guess is that somewhere you are simply disposing of the
object yourself, perhaps via using or something and you don't realize it.
The fact that it happens at inconsistent intervals could simply mean it's
along a codepath not frequently executed.

I do have to question the encrypting session thing though. This is
something I've never done or heard of. Why encrypt the data? Seems like
fake security on top of actually locking down your machine. It seems to

me
that anyone who's gotten access to the machine will be able to get access

to
the data (heck, they'll grab the dll that has the decrypting code in it
or
something).

Karl
--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is
annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)
"Shawn" <bo********@hotmail.com> wrote in message
news:uK**************@TK2MSFTNGP09.phx.gbl...
> Hi.
> In my application I store information about the user in the session
> object.
> Since I'm storing sensitive information I encrypt it before storing and
> decrypt it when I need to use it again. The encryption object I use is
> stored in the Application object. My problem is that after a while the
> encryption object becomes unusable. When I retrieve the object from
> Application and call the decrypt method I get an exception saying "Cannot > access a disposed object". Sometimes it works fine for 2 weeks and
> sometimes it only works for a day or two. Has anyone experienced a
> similar
> problem? I'm guessing the web server is to blame, I just don't know
> how
> to
> fix it.
>
> Any help is greatly appreciated!
>
> Shawn
>
>
>



Nov 19 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: salih ataoz | last post by:
i close a form and i want to open it again it show me Cannot access a disposed object at vb6 this is ok at comman1_click form1.show
7
by: Ryan Park | last post by:
Hi, //SITUATION I got a panel control that hold a certain position on a form. Every controls or UIs are on this panel. At certain situation, I called dispose() method of this panel control...
5
by: D Witherspoon | last post by:
I use the following code to open up a form. ------------------------------------------------------- If fImage Is Nothing Then fImage = New frmImage End If fImage.Show()
5
by: theinvisibleGhost | last post by:
I'm having a problem that occurs at random in my app. I get an exception "Cannot Access a disposed object" In MSCorLib when calling boolean Change (int32, int32) Stack trace reveals...
5
by: mthgk | last post by:
I have a C# MDI app. The child forms do alot of work, so this work is perfomed on a different thread created using ThreadPool.QueueUserWorkItem(). Because the status of the work is important to...
3
by: Tracey | last post by:
sorry I post this problem again. I have to stop my work to fix the problem. I'm doing a multi form application(Not a MDI one). My startup form say Form1 has a datagrid say datagrid1, when I...
2
by: Rajat Tandon | last post by:
Hi, I have a grid which is continuously updating by the data from a external event. When I close the form on which the grid is placed, then it gives the error message ... "Can not access a...
1
by: Amit Dedhia | last post by:
Hi I am having problem working with Timers in C++/CLI (the .NET version of C++) I have an application which has several forms with pictureBox controls on it. There is a background timer...
0
by: sdanda | last post by:
Hai i am working on vb.net. In my application I created four forms.Those are first.vb,f1.vb,f2.vb and f3.vb In firstvb I added 3 checkboxes and a "display" button.The 3 checkboxes are used to...
4
JustRun
by: JustRun | last post by:
Hi All, I'm developing a windows desktop solution using VC# , I deal with my database using Dataset. My Problem that i'm trying to call a Form to display a confirmation message after every...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.