locked
How to Cache? RRS feed

  • Question

  • User-516578294 posted

    I am returning a new header with every call to my .svc service.  This header is used to keep the authentication ticket valid.

    The problem I would like help with is that I need to extend the length of the authentication ticket by the value stored within the web.config file.

       <authentication mode="Forms">
          <forms name=".SECURITYAUTH" loginUrl="http://localhost:49375/Login.aspx" slidingExpiration="false" cookieless="UseCookies" timeout ="45" />
        </authentication>
    
    

    It is obviously ineffecient to read the web.config file every time a call is made to the webservice, so how can I amend my class to cache the web.config value.

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Runtime.Serialization;
    using System.ServiceModel;
    using System.ServiceModel.Activation;
    using System.ServiceModel.Web;
    using System.Text;
    using ParagonWCF.Paragon.Interfaces.PressWeb;
    using ParagonWCF.Paragon.Classes.PressWeb;
    using System.Web;
    using System.ServiceModel.Channels;
    using System.Web.Security;
    using System.IO;
    using System.Net;
    namespace ParagonWCF
    {
    
    
        //Cross-Origin Resource Sharing (CORS) and WCF  -- INSTEAD OF JSOP GET  to use parameters --- 
        //http://blogs.microsoft.co.il/blogs/idof/archive/2011/07/02/cross-origin-resource-sharing-cors-and-wcf.aspx need to update to this!!!
    
    
        [ServiceContract]
        [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
        public class PressWebService : IPressWebService 
        {
            [OperationContract]
            [WebInvoke(BodyStyle = WebMessageBodyStyle.Wrapped, Method = "GET", ResponseFormat = WebMessageFormat.Json,
             UriTemplate = "Search?Search={StrSearch}&Site={StrSite}&EventSearch={blnEventSearch}")]
            public List<PressSearchResult> Search(string StrSearch,  string StrSite, Boolean blnEventSearch )
            {
    
                string StrUserName = string.Empty;
                 PressSearch searchresult = new PressSearch();
                 if (ValidateUserAgainstPortal(ref StrUserName)){
                     return searchresult.Search(StrSearch, StrUserName, StrSite, blnEventSearch).ToList();
                 }
                 else
                 {
                     return Enumerable.Empty<PressSearchResult>().ToList<PressSearchResult>();
                 };
                
            }
            
         private Boolean ValidateUserAgainstPortal(ref string username)
         {
                     
             var cookieHeader = WebOperationContext.Current.IncomingRequest.Headers[System.Net.HttpRequestHeader.Cookie];
             string result;
    
             if (!String.IsNullOrEmpty(cookieHeader))
             {
                 var match = cookieHeader.Split(';').Select(cookie => cookie.Split('=')).FirstOrDefault(kvp => kvp[0] == " .SECURITYAUTH");
                 if (match != null)
                 {
                     result = match[1]; // result now equals "christmas"
                     try
                     {
                         FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(result);
    
                         if (ticket.Expired)
                         {
                             return false;
                         }
                         else
                         {
                             username = ticket.Name;
                            //Return new ticket test
    
                             FormsAuthenticationTicket Newticket = new FormsAuthenticationTicket(ticket.Version + 1, 
                              ticket.Name ,
                              DateTime.Now,
                              DateTime.Now.AddMinutes (30),
                              ticket.IsPersistent,
                              ticket.UserData,
                              FormsAuthentication.FormsCookiePath);
                             
                             string encryptedValue = FormsAuthentication.Encrypt(Newticket);
    
    
                             HttpResponseMessageProperty response = new HttpResponseMessageProperty();
                             response.Headers["Access-Control-Allow-Origin"] = "*";
                             response.Headers["Access-Control-Allow-Headers"] = "Content-Type, Accept, TomsCookie, Cookie, Set-Cookie";
                             response.Headers[HttpResponseHeader.ContentType] = "application/json; charset=utf-8";
                             response.Headers[HttpResponseHeader.CacheControl] = "application/json; charset=utf-8";
                             response.Headers["ChocolateChip"] = FormsAuthentication.FormsCookieName + "=" + encryptedValue;
                             OperationContext.Current.OutgoingMessageProperties[HttpResponseMessageProperty.Name] = response;
    
                             
                             return true;
                         };
                     }
                     catch (Exception ex)
                     {
                         return false;
                     }
    
                    
                     
                 }
    
             }
             return false;
    
         }
    
        }
    }
    

    I have a seperate project I am working on to move the authentication into a dedicated Interceptors rather than a specific function call within each function.

    Thursday, February 7, 2013 3:55 PM

All replies

  • User753101303 posted

    Hi,

    I don't see where the web.config is read. Or do you mean that you suspect the built-in classes that are reading those settings are not optimized? Don't conclude too soon. I'm fairly sure to have seen that config classes are already caching the web.config values (else all web apps would suffer from reading the web.config again and again)...

    What if you trace read access to the web.config file using for example a tool such as http://technet.microsoft.com/en-US/sysinternals/Utilities/ProcessExplorer.html ?

    Or what is the behavior you saw that make you think that something should be done for that?

    Thursday, July 10, 2014 7:26 AM