Now and again im getting the following error
"Seems that the framework isn't configured properly. (isWeb != true and SessionScopeWebModule is in use) Check the documentation for further information"
and my web app crashes
my web.config is so..
<activerecord isweb="true">
<config>
<add key="connection.driver_class" value="NHibernate.Driver.SqlClientDriver" />
<add key="dialect" value="NHibernate.Dialect.MsSql2005Dialect" />
<add key="connection.provider" value="NHibernate.Connection.DriverConnectionProvider" />
<add key="connection.connection_string_name" value="main" />
<add key="proxyfactory.factory_class" value="NHibernate.ByteCode.Castle.ProxyFactoryFactory, NHibernate.ByteCode.Castle"/>
</config>
</activerecord>
any ideas, on what I need to change\add?
thank you
isWeb is case sensitive.
<activerecord isWeb="true">
From the source:
XmlAttribute isWebAtt = section.Attributes["isWeb"];
They aren't being nice about case :)
Related
While debugging I currently have
#if Debug
new NetworkCredential("myUsername","myPassword", "myDomain");
#endif
Would a good solution be to store the password in a file and I read the value (only in debug). And then to add that file to the .gitignore?
Production would never read this value as it gets it from an NtlmAuthenticator from RestSharp of the logged in user.
Good practice is to keep it in secret configuration file that you add to your .gitignore
You can do it with file property in appSettings, like:
<appSettings file="..\..\AppSettingsSecrets.config">
<!-- whatever keys that are kept on source control -->
</appSettings>
and in AppSettingsSecrets.config
<appSettings>
<!-- SendGrid-->
<add key="mailAccount" value="My mail account." />
<add key="mailPassword" value="My mail password." />
<!-- Twilio-->
<add key="TwilioSid" value="My Twilio SID." />
<add key="TwilioToken" value="My Twilio Token." />
<add key="TwilioFromPhone" value="+12065551234" />
<add key="GoogClientID" value="1.apps.googleusercontent.com" />
<add key="GoogClientSecret" value="My Google client secret." />
</appSettings>
I have a system where i am scheduling some job and trigger to run at some specific time in a windows service . As my windows service can be restarted for number o0f reason I wanted to trigger the already schedule jobs at the time they were schedule so i am using AdoJobStore as it persist the job/trigger information. I were thinking at the time of start of the scheduler it will load the non completed job and fire it. But it can't
I have configured a Adojobstore with following setting
<add key="quartz.scheduler.instanceName" value="DBScheduler" />
<add key="quartz.threadPool.type" value="Quartz.Simpl.SimpleThreadPool, Quartz" />
<add key="quartz.threadPool.threadCount" value="100" />
<add key="quartz.threadPool.threadPriority" value="2" />
<add key="quartz.scheduler.dbFailureRetryInterval" value="6000000000" />
<add key="quartz.jobStore.driverDelegateType" value="Quartz.Impl.AdoJobStore.SqlServerDelegate, Quartz" />
<add key="quartz.jobStore.tablePrefix" value="QRTZ_" />
<add key="quartz.jobStore.misfireThreshold" value="600000" />
<add key="quartz.jobStore.type" value="Quartz.Impl.AdoJobStore.JobStoreTX, Quartz" />
<add key="quartz.jobStore.dataSource" value="myDS" />
<add key="quartz.dataSource.myDS.connectionString" value="Server=localhost;Port=3306;database=quartznet;Uid=root;pwd=root;allow user variables=true;CharSet=utf8;" />
<add key="quartz.dataSource.myDS.provider" value="MySql" />
<add key="quartz.serializer.type" value="binary" />
And Code for schdeuling start looks like following at my windows start class
StdSchedulerFactory factory = new StdSchedulerFactory();
MyQuartzScheduler = await factory.GetScheduler();
await MyQuartzScheduler.Start();
What i thought a future job which i have schedules and who's entries are saved in quartznet db will trigger at there time after starting the schedule but it didn't.
Is there any other settings or code i required to add?
Looks Like Problem was due to one configuration settings
It appears following configuration setting was the culprit
<add key="quartz.jobStore.driverDelegateType" value="Quartz.Impl.AdoJobStore.SqlServerDelegate, Quartz" />
Changed it to
<add key="quartz.jobStore.driverDelegateType" value="Quartz.Impl.AdoJobStore.StdAdoDelegate, Quartz" />
And it started working.
Can some quartz.net experience person confirm the mistake
I'm creating a web application using the latest version of ASP.NET MVC 5.2.3. I just concern in XSS attack. I figure out in ASP.NET Core is perfectly working protecting from this attack the XSS and this framework totally amazing but it lacked third party I need to my project. Here's my concern. I already enabled the custom error too but I disabled it currently for testing.
But I want to make sure this will catch also.
Input Validation is passed. To avoid this exception or error.
A potentially dangerous Request.Form value was detected from the client (Name="").
using, the [AllowHtml] attribute this is fine or using the AntiXss library.
But, from the URL. Example URLs,
http://localhost:54642/Employees/
http://localhost:54642/Employees/?a=<script>
link or url
this error should like,
A potentially dangerous Request.Path value was detected from the client (<).
So my solution is enabling this from Web.config then it works!
But Troy Hunt said from his tutorial this is not a good or better practice for this error. So I decided to look the best solution from this XSS attack.
In my form I normally add this anti-forgery token
#Html.AntiForgeryToken()
then on my controller I made sure validate the token
[ValidateAntiForgeryToken]
also when passing the variable or data, I always declare correct variable. Anyways if its member area page you can always restrict access to correct member roles example like
[Authorize] // for registered user
or more filtered
[Authorize(Roles = "SUBSCRIBER.VIEW")]
Below is only applicable for .net 4.5 and above
// web.config
<system.Web>
<httpRuntime targetFramework="4.5" />
</system.Web>
// enabling anti-xss
<httpRuntime targetFramework="4.5" encoderType="System.Web.Security.AntiXss.AntiXssEncoder,System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
Request validation Lazy validation was introduced in ASP.NET 4.5, I
just did some testing on it and it seems that lazy validation is the
enabled regardless of how you set the "requestValidationMode", after
you've installed the 4.5 framework.
Check out OWASP site. Here is the common ones I add in system.web in web.config file of a webapi app.
<httpProtocol>
<customHeaders>
<remove name="Server" />
<remove name="X-Powered-By" />
<remove name="X-Frame-Options" />
<remove name="X-XSS-Protection" />
<remove name="X-Content-Type-Options" />
<remove name="Cache-Control" />
<remove name="Pragma" />
<remove name="Expires" />
<remove name="Content-Security-Policy"/>
<clear />
<add name="X-Frame-Options" value="DENY" />
<add name="X-XSS-Protection" value="1; mode=block"/>
<add name="X-Content-Type-Options" value="nosniff" />
<add name="Cache-Control" value="no-cache, no-store" />
<add name="Pragma" value="no-cache" />
<add name="Expires" value="Sun, 1 Jan 2017 00:00:00 UTC" />
<add name="Content-Security-Policy" value="default-src 'self' 'unsafe-inline' data; img-src https://*;"/>
</customHeaders>
</httpProtocol>
Here is some code of my app.config file in my windows form application. I used this configuration file for the printer and scanner. I have used custom configurations in this xml. The problem I'm facing is whenever any attribute value is not set, My application throws a built in message error box like "The port com 4 does not exists"
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<appSettings>
<add key="Server" value="blah blah" />
<add key="Database" value="blah" />
<add key="User" value="blah" />
<add key="StoreID" value="blah" />
<add key="BranchID" value="blah" />
<add key="LotSize" value="100"/>
<add key="ZipsPrintingPath" value="blah.exe"/>
<add key="BCScannerPath" value="blah.exe"/>
<add key="SecuGenDeviceName" value="DEV_AUTO"/>
<add key="SecuGenPortAddress" value="USB_AUTO_DETECT"/>
<add key="SecuGenLiveTimeout" value="15000"/>
<add key="SecuGenImageQuality" value="50"/>
<add key="BCSPort" value="COM4"/>
<add key="BCSBaudRate" value="9600"/>
<add key="BCSParity" value="None"/>
<add key="BCSByteSize" value="8"/>
<add key="BCSStopBit" value="One"/>
<add key="BTicketBarcodeStartsWith" value="%B"/>
<add key="BTicketBarcodeEndsWith" value="."/>
<add key="TechSupportURL" value="blah"/>
</appSettings>
</configuration>
Here is also attached port error.
Now, I want to suppress this message box or I want to show this message in my custom message box.
I know that Quartz.Net has several ways to loads it configuration upon startup: (from http://jvilalta.blogspot.com/2011/03/how-does-quartznet-configuration-work.html )
The hosting application’s configuration file
A file specified in an environment variable
The quartz.config file
The embedded configuration file
Notice the quartz.config file.
My question:
Is the config file name "quartz.config" fixed (means hard-code,
cannot be changed)?
If no, how can I change it? e.g. I want to read from
FinancialQuartz.config instead of quartz.config.
If no option to change the name "quartz.config". How can I specify
when to read from FinancialQuartz.config or
CalculationQuartz.config? (I have no real scenario for this
question, just wonder)
Regards,
I'm confused.
In DotNet. You can point the app.config or web.config file to your file of choice, like below.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="quartz" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0,Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</sectionGroup>
</configSections>
<quartz configSource="MyQuartzSettings.config" />
And "MyQuartzSettings.config" looks something like this (one example of many)
<quartz>
<add key="quartz.plugin.jobInitializer.type" value="Quartz.Plugin.Xml.XMLSchedulingDataProcessorPlugin" />
<add key="quartz.scheduler.instanceName" value="DefaultQuartzScheduler" />
<add key="quartz.threadPool.type" value="Quartz.Simpl.SimpleThreadPool, Quartz" />
<add key="quartz.threadPool.threadCount" value="10" />
<add key="quartz.threadPool.threadPriority" value="2" />
<add key="quartz.jobStore.misfireThreshold" value="60000" />
<add key="quartz.jobStore.type" value="Quartz.Simpl.RAMJobStore, Quartz" />
<add key="quartz.plugin.jobInitializer.fileNames" value="Quartz_Jobs_001.xml" />
<add key="quartz.plugin.jobInitializer.failOnFileNotFound" value="true" />
<add key="quartz.plugin.jobInitializer.scanInterval" value="120" />
</quartz>
Is that what you're talking about?
In addition to the answer given by #granadaCoder, you can also set the quartz.config environment variable to the name of the file you want to load. Note that the configSource attribute is not quartz.net specific but a feature of the .Net framework: SectionInformation.ConfigSource Property
I think it's fixed now. But there's a workaround for it.
Read the configuration from other ways into a System.Collections.Specialized.NameValueCollection.
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddIniFile("someotherfile.ini", false, true);
var config = builder.Build();
var quartzProperties = new System.Collections.Specialized.NameValueCollection();
foreach (var p in config.GetSection("Quartz").GetChildren().AsEnumerable())
{
quartzProperties.Add(p.Key, p.Value);
}
IScheduler scheduler = new StdSchedulerFactory(quartzProperties).GetScheduler();
scheduler.Start();