locked
Is the current HealthVault SDK correctly working with IIS7 RRS feed

  • Question

  • In my attempt to verify the correct implementation of parts of our application that interacts with HealthVault I found the following strange behavior. My plan was to create the minimal ASP.NET Web Forms application that authenticates itself with HealthVault and check the app behavior upon successful authentication:

            

    This screenshot was made with Visual Studio 2012 debugger attached to the IIS 7 hosted application invoked as http://scs.congral.net:

            

    Now the surprising behavior:

    The URL sent to HealthVault for authentication was ( removed parts of appid)

    https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1366053446&rver=6.1.6195.0&wp=HBI&wreply=https:%2F%2Faccount.healthvault-ppe.com:443%2Fsignin%2Fliveid%3Fscn%3D6a79a77d-6c6f-486e-8d94-84f...&id=255006

    The url after authentication 

    https://account.healthvault-ppe.com/signin?appid=562e2053-d157-41f8-bfac-1f90a71da89d&redirect=http%3a%2f%2fscs.congral.net%2fRedirect.aspx&actionqs=%2fdefault.aspx%2fdefault.aspx&trm=post

    where 

            action = "APPAUTHSUCCESS"
    and

    actionQueryString = "/default.aspx/default.aspx"

    Note that I commented out the "standard" web.config entries like

        <add key="WCPage_ActionAppAuthSuccess" value="default.aspx"/>
    

     to ensure that my "OnActionxxx" override is the only entity controlling the behavior of my app after successful authentication

    Important: despite all this - the application runs correctly continuing the execution in Default.aspx despite the 

    actionQueryString = "/default.aspx/default.aspx"

    Victor, please tell me that I am doing something wrong :-)


    Nik

    Monday, April 15, 2013 7:58 PM

All replies

  • Here is a more direct approach: can someone provide authoritative answer to the question:

    What is the interaction between the code provided in the overridden methods of Microsoft.Health.Web.HealthServiceActionPage and the web.config entries that are generated by Visual Studio:

        <add key="WCPage_ActionHome" value="default.aspx"/>
        <add key="WCPage_ActionAppAuthSuccess" value="default.aspx"/>
        <add key="WCPage_ActionSignOut" value="SignedOut.aspx"/>
    

    More specifically:

    1. What happens if there are no method overrides and no WCPage_Action entries on the web.config? Is the ASP.NET / IIS providing some defaults in this case?
    2. What if the method overrides and web.config entries are in conflict with each other?

    My desire is to fully understand how does an HV app behave in today's environment defined as ASP.NET 4.x, Visual Studio 2012 / Windows 2012 / 8 etc. There is no "solid" information on that anywhere and I am facing a dangerous situation where a well established HV application designed more than 4 years ago really needs to be "ported" to the current world.


    Nik


    • Edited by Nik Ivancic Monday, April 15, 2013 11:42 PM
    Monday, April 15, 2013 11:41 PM
  • I haven't actually used the SDK files in a few years so your usage of it is probably fresher. Given your technical knowledge you should be able to use Reflector to gather the information you need.

    From my understanding, the Web.config values are where the page goes to if you don't override the functions in HealthServiceActionPage.

    About actionQS. I believe the SDK auto fills in actionQS based on the relative path of the page that required sign in and the SDK redirected it to HealthVault to sign in. I'm not sure why it's default.aspx twice. We pass back what was initially passed to HealthVault.

    Tuesday, April 16, 2013 4:46 AM