Saturday, January 24, 2015

Ghostery Makes it easy for you

Ghostery is such a handy tool that makes our life easy when it comes to security. You can find and able to block all external sources or third party analytics that fetches source data from your website.

Ghostery is an add-ons available for chrome, safari, firefox. Check out cool stuff.

Convert Timezone UTC to Local Time e.g TimeZoneInfo.FindSystemTimeZoneById("India Standard Time")

Convert UTC to Local TimeZone

public class TimeZoneConvertorHelper
        private static readonly TimeZoneInfo IndiaTimeZone;

        static TimeZoneHelper()
            IndiaTimeZone = TimeZoneInfo.FindSystemTimeZoneById("India Standard Time");       

        public static DateTime GetCurrentMelbourneDateTime()
            return TimeZoneInfo.ConvertTimeFromUtc(DateTime.UtcNow, IndiaTimeZone);

Big Debate: Sticky Session

Sticky Session

Cautions decision to be taken when enabling sticky session . Checks to be made:-
1. Load balanced server
2.Users session distribution across load balanced server.
3. Round Robin distribution


  1. When sticky session enabled , requests are not evenly distributed.
  2. Sticky sessions are always good if there is not much session values/data for each users.
  3. RAM utilization may be high as compared to CPU
Cloud : Elastic Load balancing
Enable sessions based on application instances or node.

Web API :Utility To read Json output From WebResponse


The below utility fetches the output from API request through HTTP in JSON format.

public static class JsonRequestStreamUtility
        public static WebRequest CreateRequest(string url, string method = WebRequestMethods.Http.Get, string body = null)
            var webRequest = (HttpWebRequest)WebRequest.Create(url);
            webRequest.Method = method;
            webRequest.Accept = "application/json";
            webRequest.Headers.Add("Accept-Charset", "utf-8");
            webRequest.ContentType = "application/json";

            webRequest.Proxy = new System.Net.WebProxy()
                    Address = new Uri("xyz"),
                    UseDefaultCredentials = true,
            if (body == null)
                return webRequest;

            using (var streamWriter = new StreamWriter(webRequest.GetRequestStream()))
            return webRequest;

        public static string ExecuteJsonResponseStream(WebRequest webRequest)
            if (webRequest == null) throw new ArgumentNullException("webRequest");


                // Get the stream associated with the response.
                Stream receiveStream = webRequest.GetResponse().GetResponseStream();

                // Pipes the stream to a higher level stream reader with the required encoding format. 
                StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8);
                return  readStream.ReadToEnd();
            catch (WebException we)
                return string.empty;

Sunday, October 19, 2014

Cookieless Session Vs Cookie Session

Reconstructed MSDN Understanding:-

Simple E.g. You go in pub and you handover your jacket in a counter .To get your jacket back you get some token as a reference. Similarly we have session id which is generated on request made to server and it is placed cookies.

Quick Take:-

Cookie Session

1. Cookie store session id and it identify session data from server for each request and response. User agent browser to server.

2. If Session object is not created or used apart from session_start , for each new requests it creates new session IDs. Hence it is require to create session object either in session_start or any part of application.

Cookie Less Session

1. In this case session id is static and remain same for entire session period
2. Session id is stored in URL for each request and response.

There can be possibilty when there is device where cookies are disabled and in such scenario we can make use of Cookie less session. There is feature itself in by using Autodetect for UseDeviceProfile.

Saturday, October 18, 2014

FactFile SessionID in and SqlServer SessionState

Facts to be remember. While dealing with session always keep below factfile into consideration.

I created a variable in the Session_Start in the global.asax file:
var sessionID = Session.SessionID;
I found the following data while debugging the application:

ASP.NET generated : lehxv4so4ioi2gqqaxtjzhyo
SQL Server saved  : lehxv4so4ioi2gqqaxtjzhyo84497b6f
in bold is your sessionid and in italics is the application id
the extra 8 bytes are the applicationid

SQL Server Session Tables


SQL Server Session Database

tempdb database in SQL Server by default
  1. Very Very Imp never use Tempdb for outproc session.
  2. In out proc mode session_end never calls, no use if you apply any debug or diagnostics pointers.
If we using webfarm and out proc session, ensure machine key across server instance is unique.

Cookie Container





IIS Debugging -WET Tracing For IIS

IIS Debugging
Whenever you have to check the request serving and find out how http pipeline processed at kernel aswell as user mode level using this options
Ofcourse HTTPERR log , httpsys and iislogs and Perfmon will be of great use. But this comes very handy.
c:\> logman stop httptrace -ets
The command completed successfully.
c:\> tracerpt.exe trace-output.etl -of XML -o trace-output.xml
c:\> logman start httptrace -p Microsoft-Windows-HttpService 0xFFFF -o trace-output.etl -ets
The command completed successfully.