JsonServiceClient not using cookie placed in cookiecontainer

StackOverflow https://stackoverflow.com/questions/19235967

Question

I've posted a couple of questions previously to get where I am now:

Reconnecting to Servicestack session in an asp.net MVC4 application

and

nullreference exception when adding session cookie to ServiceStack

Quick background on the app: This is an asp.net MVC application accessing data on a remote servicestack installation.

At this point I am successfully authenticating with SS, saving the session key in a cookie, and inserting that cookie into the CookieContainer of a new JsonServiceClient instance.

However when I try to grab some data via the new JsonServiceClient instance: 

CallList = client.Get(new ServiceCallRequest()).Result;

The remote ServiceStack instance seems to be redirecting me to the default ASP login area (/Auth/login or something similar). This redirect in itself isn't a problem, but it does seem to indicate that the client isn't using the SS session already established on the remote machine.

This is the code that is actually inserting the cookie into the client cookie container and calling for a list of objects: 

    public List<ServiceCallModel> LoadList()
    {
        try
        {
            var cookie = HttpContext.Request.Cookies.Get(SessionFeature.PermanentSessionId);
            var client = new JsonServiceClient([api address]);
            cookie.Domain = ".domain.com"; 
            var cookie1 = new Cookie(SessionFeature.PermanentSessionId, cookie.Value);
            cookie1.Domain = ".domain.com"; 
            client.CookieContainer.Add(cookie1);

            List<ServiceCallModel> CallList = new List<ServiceCallModel>();
            CallList = client.Get(new ServiceCallRequest()).Result;
            return CallList;
        }
        catch (Exception ex)
        {
            return new List<ServiceCallModel>();
        }
    }

I can verify that this remote resource works with a monotouch Android application using the C# client. The only difference of course is that the Android client is persistent; the one in question here isn't.

The above example always returns a WebServiceException ("Not Found") (Which I assume is actually a 401/403 that has been redirected annoyingly by ASP).

Does this seem reasonable, or am I missing/misunderstanding some functionality of the JsonServiceClient/ServiceStack?

Thanks much

Update

Using Fiddler, I can confirm that the cookie is being stored in the browser and sent back to the MVC application in the request header: 

GET / HTTP/1.1
Host: [web app address]
Connection: keep-alive
Cache-Control: max-age=0    
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)                         
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Cookie: ASP.NET_SessionId=3457C511FECBECCD3C055C21;.MONOAUTH=PzE6iBuLIbv1evgACfpUwpC1D7opCANroPDQN/mXHNvGAgkjqq04Tdd8EnnGTL7y3lWYWY4+GWaXGDT0Fm7+eJxRdpy    LJMaUQ6BiYmb3dxRi1B3f/qkmPMbFIoC7vC9M; ss-pid=lzJ+o9vG/7F3YZ9JNN2F

At this point I am trying to find out of that same ss-pid value is then making it back to the API server in a request header.

Update 2

Using tcpdump I was able to see that the ss-pid value is in fact making it all the way back to the API server (The "remote servicestack instance"). So now I think I need to troubleshoot that, not the client. Any thoughts?

Snippet of tcpdump output: 

    0x0090:  6e65 740d 0a43 6f6f 6b69 653a 2073 732d  net..Cookie:.ss-
    0x00a0:  7069 643d 6c7a 4a2b 6f39 7647 2f37 4633  pid=lzJ+o9vG/7F3
    0x00b0:  595a 394a 4e4e 3246 0d0a 4163 6365 7074  YZ9JNN2F..Accept

I know that the ss-pid values are different in each part of this post. They were obtained at different times

Update 3

I've also changed the LogFormat in the vhost config file to spit out the value for the cookie called "ss-pid" (At the end of the log entry).

The resulting logs on the ServiceStack remote API server looks like this: 

172.16.0.17 - - [08/Oct/2013:12:26:52 -0400] "GET /sc/0 HTTP/1.1" 500 3082 "-" "-" "HFMtFpPQkpE0Br6/fEFg"
172.16.0.17 - - [08/Oct/2013:12:27:06 -0400] "GET /sc/0 HTTP/1.1" 302 394 "-" "-" "HFMtFpPQkpE0Br6/fEFg"
172.16.0.17 - - [08/Oct/2013:12:27:07 -0400] "GET /login.aspx?ReturnUrl=%2fsc%2f0 HTTP/1.1" 404 451 "-" "-" "HFMtFpPQkpE0Br6/fEFg"

This "500" status on the first request sticks out. I will be investigating this now.

Update 4

The 500 status seems to be a case of Microsoft.Web.Infrastructure.dll being included in the bin directory. Deleted that to resolve the 500 response, but this did not fix the overall problem.

Was it helpful?

Solution

ServiceStack places two Session cookies in the Request, 'ss-id' and 'ss-pid'. This line in your code... 

var cookie = HttpContext.Request.Cookies.Get(SessionFeature.PermanentSessionId);

will grab the 'ss-pid' cookie. But, you probably want the grab the 'ss-id' cookie which is the cookie for your current authenticated session. 

var cookie = HttpContext.Request.Cookies.Get(SessionFeature.SessionId);

Take a look here for more information on ServiceStack Sessions.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top