Search This Blog

Thursday, October 3, 2013

Saving & retrieving/updating data using cookies

Saving & retrieving/updating data using cookies.

Like me, I believe most of you might had to use cookies in one way or the other, in my case, I had the following scenario. In a website, the user logs in who has access to numerous retail brands and every time he/she works with only one particular brand and this particular brand in which he/she works most has to be set as a preferred brand. So when the user is done with his/her work and closes the session, the last chosen brand has to be persisted and that has to be his/her preferred brand.

So going by the requirement, the most simple and quick resolution will seem to save the preferred brand in cookies of the browser. So the following two functions does exactly that. The get function gets the saved preferred brand when the user first opens the session to the website and the set functions sets a preferred brand when the user switches from one brand to the other. From where you want to call these functions is left abstract as your site may have master pages, or may not have master pages or your pages might be inherited from a Base Page class hence there can be numerous such scenarios.

     /// <summary>
    /// gets the preferred brand for the user from saved cookie.
    /// </summary>
    /// <param name="userId"></param>
    /// <returns></returns>
    public int getPreferredBrand(string userId)
    {
        int preferredBrandId = 0;
        try
        {
            //1. check to see if cookie exists with preferred brandid.
            //2. if yes then return the preferred brandid.
            HttpCookie authCookie = HttpContext.Current.Request.Cookies[PrefBrandCookieName];
            if (authCookie != null)
            {
                System.Web.Security.FormsAuthenticationTicket ticket = System.Web.Security.FormsAuthentication.Decrypt(authCookie.Value);
                preferredBrandId = int.TryParse(ticket.UserData.ToString(), out preferredBrandId) == true ? preferredBrandId : 0;
            }
            else
                preferredBrandId = 0;
        }
        catch (Exception ex)
        {
            Exception customEx = new Exception("Error while trying to retrieve cookiename<<" + userId + ">>.See detailed exception.." + ex.Message);
            ExceptionManager.Publish(customEx);
        }
        return preferredBrandId;
    }
    /// <summary>
    /// sets preferred brand for the user when session expires or browser is closed.
    /// </summary>
    /// <param name="userId"></param>
    /// <param name="brandId"></param>
    public void setPreferredBrand(string userId, int brandId)
    {
        try
        {
            //1. Check if cookie exists
            System.Web.Security.FormsAuthenticationTicket authTicket = null;
            HttpCookie authCookie = HttpContext.Current.Request.Cookies[PrefBrandCookieName];
            authTicket = new System.Web.Security.FormsAuthenticationTicket(1, userId, DateTime.Now, DateTime.MaxValue, true, brandId.ToString());

            //2. Persist selected brand in cookies.
            //will persist cookie even when the browser is shutdown.
            if (authCookie != null)
                authCookie.Value = System.Web.Security.FormsAuthentication.Encrypt(authTicket);
            else
                authCookie = new HttpCookie(LCoreUser.PrefBrandCookieName, System.Web.Security.FormsAuthentication.Encrypt(authTicket));
            authCookie.Expires = DateTime.MaxValue;
            HttpContext.Current.Response.Cookies.Add(authCookie);
        }
        catch (Exception ex)
        {
            Exception customEx = new Exception("Error while persisting cookie for user<<" + userId + ">> and brand<<" + brandId.ToString() + ">>.See detailed exception.." + ex.Message);
            ExceptionManager.Publish(customEx);
        }
    }

The above code is pretty self explanatory. In the set function, I first check if the cookie does exist or not and if it does, then update the cookie value by assigning a new ticket into it. And if the cookie does not exist then all I do is create a new cookie and assign the ticket value.

Wednesday, September 18, 2013

Oracle connect problems from ASP.NET

Many people like me, might have faced the issue, where even after installing the Oracle client and doing all configurations right inside tnsnames.ora, may not be able to connect to Oracle database.

The Error message might read as "ORA-12154 :TNS:Could not resolve the connect identifier specified".

Here is a quick tip on how to connect. Instead of only mentioning the Service Name or the SID name in the Web.config, mention the entire connection description like below

<add key="OracleConnection" value="Data Source=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=host)(PORT=1521)))(CONNECT_DATA=(SID=oradev))); User Id=user_id; Password=password"/>

* The above method will definitely work if you are able to connect to your Oracle database using Oracle Net Configuration.

Friday, August 23, 2013

Granting permission to a particular on Db schema (SQL Server)

There might be scenarios where you might move the code to QA or production and then grant access to user setup for the Application's access. Here is how you can do it as shown below

USE DBName
GO

GRANT EXECUTE ON SCHEMA :: schemaName TO App_User;

The highlighted in bold options are the inputs that will depend on the database name of your application, the schema whose objects you need to access and the user setup for application's access.

Wednesday, August 21, 2013

Querying Active Directory using LDAP by LDAPBrowser and C#

Insight into Problem

There may be projects/project work where you might have to lookup the user on Active Directory using some LDAP tool or querying the domain controller to see how the user has been setup without making any modifications as such. Adding to that, there might be scenarios where you might have to get user details from Active Directory for the purpose of impersonating the user in the application for the sake of troubleshooting.

Looking up users on LDAP using Tool

For looking up a user on Active Directory or Novell using a tool can be done easily using a tool like LdapBrowser and the way the tool binds user information can lay the foundation of a C# application which can do the same, if we need the user to be impersonated for troubleshooting purposes.

After installing the LDAP Browser and setting up the profile, please refer to link on how to do so and get the browser software, here we are not going into the details of that but a typical user search on directory will have the parameters and result screen as follows.

Search DN: DC=mycomp,DC=com; Filter: (cn=*kaushik*)

Whats important in the above screen shot is the Filter Text and the DN value, we are going to use similar parameters while doing it through C# application. Please look at another search below, where we use the user's id and also specify which properties to load in the search result. If you are using the Active Directory, then the userid is usually within the attribute "sAMAccountName" and on Novell its called uid. I think it depends on how the Domain Administrators set it up.

So the parameters I have put in are below
1. Search DN: DC=mycomp,DC=com
2. Filter: (sAMAccountName=myuid), here "myuid" is the id that you need to search on domain controller.
3. Attributes : cn,mail, sAMAccountName. (These are the attributes that I ask to be loaded in the Search Result).



In the above result screen, not only have we specified a more specific filter but also mentioned what attributes need to be leaded in the search result. Having fairly an idea of how things work, we are going to quickly move on to the next section and see how to do the same operations using C# application without using any third party tools.

Querying Active Directory using LDAP/C# application

The following method "searchUser", searches the LDAP based on 2 different inputs, one is the search text and the other is the searchby. The searchby specifies weather the search will done by user's name (cn), or user's id (sAMAccountName) or user's email (mail). Based on the searchBy parameter passed to the function, the filterText gets created by calling the getFilterText function, please look at the implementation in the next section along with the declaration of the LDAPUser class.

/// Searches input text on LDAP to get users
        /// </summary>
        /// <param name="searchText"></param>
        /// <param name="searchBy"></param>
        /// <returns></returns>
        public List<LDAPUser> searchUser(string searchText, string searchBy)
        {
            List<LDAPUser> result = new List<LDAPUser>();
            try
            {
                DirectoryEntry entry = new DirectoryEntry(_ldapUrl);
                DirectorySearcher mySearcher = new DirectorySearcher(entry);
                string[] propertiesToLoad = { "cn, mail, memberOf, sAMAccountName" };
                mySearcher.PropertiesToLoad.AddRange(propertiesToLoad);
                mySearcher.Filter = (getFilterText(searchText, searchBy));
                mySearcher.SearchScope = SearchScope.Subtree;
                mySearcher.ServerTimeLimit = new TimeSpan(0, 0, 60);
                mySearcher.ClientTimeout = new TimeSpan(0, 10, 0);

                foreach (System.DirectoryServices.SearchResult resEnt in mySearcher.FindAll())
                {

                    System.DirectoryServices.DirectoryEntry de = resEnt.GetDirectoryEntry();
                    LDAPUser entity;
                    if (de.Properties["sAMAccountName"].Value != null && de.Properties["mail"].Value != null)
                    {
                        entity = new LDAPUser
                        {
                            UserId = de.Properties["sAMAccountName"].Value.ToString(),
                            Email = de.Properties["mail"].Value.ToString(),
                            Name = de.Properties["cn"].Value.ToString(),
                            LdapBinderUserId = BinderUserId,
                            LdapBinderPassword = BinderPassword
                        };
                        result.Add(entity);
                    }

                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            return result;
        }

Below is the implementation of the filter text that we need to pass to the DirectorySearcher and also the LDAPUser class declaration along with the LDAP Url that you will need to save/pass.

private string getFilterText(string searchText, string searchBy)
        {
            string result = string.Empty;
            try
            {
                switch (searchBy.ToLower())
                {
                    case "userid":
                        result = "(sAMAccountName=" + searchText + ")";
                        break;
                    case "email":
                        result = "(mail=" + searchText + ")";
                        break;
                    default:
                        result = "(cn=*" + searchText + "*)";
                        break;
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            return result;
        }


The LDAP User class looks as below

public class LDAPUser
    {
        public long Id { getset; }
        public string Name { getset; }
        public string UserId { getset; }
        public string Email { getset; }
        
    }

The LDAP Url can be declared in configuration file or can be saved somewhere else. This url is required to be passed to the constructor DirectoryEntry before the search.

<add key="LDAPUrl" value="LDAP://mycomp.com:389/DC=mycomp,DC=com"/>

That is pretty much how you can search and get users from Active Directory using LDAP/ C#. I hope this helps.

Friday, April 26, 2013

Getting full names of users when using windows authentication.

One of the most common problems that we have faced with Windows Authentication is while displaying the users full name on screen after the user gets authenticated because there is no Property to get the name that comes with WindowsIdentity or there is no API in the Security.Principal namespace. The framework exposes Environment.UserName and WindowsIdentity.GetCurrent().Name to get username with domain. Instead of splitting the Name, we could have also used Environment.UserDomainName to pass the domain to the function that is getting us the full name of the user.

So here is example of how we can do that.


WindowsIdentity wi = WindowsIdentity.GetCurrent();
string[] split = wi.Name.Split(new char[] {'\\'});
string windowsLoginName = split[1];
string fullname = GetUserFullName(split[0], windowsLoginName);
                
The function to get the Full Name is below

public string GetUserFullName(string domain, string userName)
        {
            string userFullName = string.Empty;
            try
            {
                DirectoryEntry userEntry = new DirectoryEntry("WinNT://" + domain + "/" + userName + ",User");
                userFullName = (string)userEntry.Properties["fullname"].Value;
            }
            catch (Exception)
            {
                userFullName = string.Empty;
            }

            return userFullName;
        }

Tuesday, October 23, 2012

A Known Error in WCF Restful Service

I found a resolution of a commonly occurring error while working with WCF restful services and I copied the entire problem description and its resolution from this blog.

http://blogs.msdn.com/b/justinjsmith/archive/2008/02/15/enablewebscript-uritemplate-and-http-methods.aspx

The text reads as below

A little while ago I ran into an interesting set of errors that may be of interest to you. Consider the following service contract snippet:
[OperationContract]
[WebGet(UriTemplate="foobar/{value}")]
String GetData(String value);

If you add the enableWebScript behavior to an endpoint that is using the WebHttpBinding, you will see this exception when the ServiceHost starts:

System.InvalidOperationException: Endpoints using 'UriTemplate' cannot be used with 'System.ServiceModel.Description.WebScriptEnablingBehavior'.

The reason for this error is rooted in the origin of the enableWebScript behavior. One of it's design objectives was to simplify working with the ASP.NET AJAX stack (Javascript proxy, JSON messages, etc). The AJAX stack doesn't have the equivalent of the UriTempalte type. It simply puts parameters in query strings (gets) and constructs entity bodies (posts). This is the default behavior of the WCF stack when the WebGet / WebInvoke annotations do not have a value for UriTemplate. Since any value of UriTemplate would be incompatible with the ASP.NET AJAX stack, we throw when it's present.

If you want JSON messages from a contract and you want to use the UriTemplate niceness, you can change your contract to:
[OperationContract]
[WebGet(UriTemplate="foobar/{value}", ResponseFormat=WebMessageFormat.Json)]
String GetData(String value);

Then, instead of using the enableWebScript behavior, use the WebHttpBehavior. You'll lose compat with the ASP.NET AJAX client stack (and the JS proxy), but you have the URI you are looking for.

The same is true if you are using the WebInvoke attribute and any HTTP method other than POST. The AJAX client stack only knows GET and POST... 

Thursday, October 4, 2012

SQL:Finding occurance of chars/words in String

The following is a very simple logic to check the ocuurance of chars/word in a larger string. This thing is particularly important when you want to just check if the string that you are searching for occurs as a sub-string of a value in a larger string which may be a value of a column in a table.

One practicle example would be say for example you want to check if a role is there in a column of user_roles which has a comma separated value of all roles for a particular user, so here you know what you have to look for in a column of all roles.

DECLARE @LongSentence VARCHAR(MAX)
DECLARE @FindSubString VARCHAR(MAX)SET @LongSentence = 'My Super Long string with long words'SET @FindSubString = 'long'SELECT (LEN(@LongSentence) - LEN(REPLACE(@LongSentence, @FindSubString, ''))) CntReplacedChars,(
LEN(@LongSentence) - LEN(REPLACE(@LongSentence, @FindSubString, '')))/LEN(@FindSubString) CntOccuranceChars

In simple terms all it does is

Length of Long Seq (36) minus Length of Long Sentence with all 'long' replaced with blank (24) = 8 so we have 8 ocurrences of the characters

The above divided by the Length of 'long' will give you the occurrences of the word 'long' in the Long Sentence i.e 2

or 8/4 = 2


**I got the above T-SQL from this source http://blog.sqlauthority.com/2010/08/16/sql-server-finding-the-occurrence-of-character-in-string/