| ArGoStuff User to User Support Forums |
Invalid validation token Last Post 17 Feb 2009 08:04 AM by Anke. 9 Replies. | Sort: |
|  Prev Next | You are not authorized to post a reply. | |
Anke
New Member
Posts:6
 | | 09 Feb 2009 03:06 PM |
| Hello, I use the "Mail Server .NET Edition 1.0.6.0". The "Mail Server .NET Web Interface" I have designed a little bit and translate it to german. Now I have the problem, that some users get the exception "Invalid validation token" if they logged in. The stak trace is: System.Exception: Invalid validation token Server stack trace:
bei Argosoft.MailServer.RAdmin.RAdminAccess.GetUserRec(String address, String token, Int32 recNo)
bei System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
bei System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(RuntimeMethodHandle md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
bei System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext) Exception rethrown at [0]:
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
bei Argosoft.MailServer.RAdminInterface.IRAdmin.GetUserRec(String address, String token, Int32 recNo)
bei UsersLogic.GetUserRec(Int32 recNo) in c:\Inetpub\wwwroot\App_Code\ArgoSoft\UsersLogic.cs:Zeile 31. The exception occurs in UsersLogic.cs in the line: UserRec userRec = rAdmin.GetUserRec
(
HttpContext.Current.User.Identity.Name,
Context.Current.Session["token"].ToString(),
recNo
); The parameters which are given to the GetUserRec-method are correct. I checked the token in the database. The token, username and record number are correct. Do you have any ideas where the problem is? With your original code for version 1.0.6.0 the users can logged in without problems. I use in my version the same dlls and config-xmls. thanks Anke | | |
|
|
Archie
ArGoSoft Developer
Basic Member
Posts:152
| | 09 Feb 2009 04:01 PM |
| Validation token has a lifetime. By default is is 30 minutes, and it is configurable from Options - Server Options - Advanced. Your users may get similar error, if they are inactive for longer than that amount of time.
Archie
| | | |
| Anke
New Member
Posts:6
| | 10 Feb 2009 02:17 AM |
| The lifetime is not the problem. The time is 30 minutes and it is correct in the database. Have you other ideas? Anke | | | |
| Archie
ArGoSoft Developer
Basic Member
Posts:152
| | 10 Feb 2009 06:57 AM |
| Hmm... no, more ideas... But, 30 minutes is correct, it does not mean that your users do not pause for over 30 minutes. Can you temporarily make it 60 minutes, and see if your users are having less trouble?
Archie
| | | |
| Anke
New Member
Posts:6
| | 10 Feb 2009 10:20 AM |
| The problem is, that the user get the error directly after the login. So the goes to default.aspx (in root folder) and login with his data... The token will be generated and it is saved correctly in database. The expiration date is correct, too. Then the user will be redirected to "Auth/Default.aspx". Here I will load the user record for the user, to get some details, for example last login time or so... Here is the problem, I can't load the user record. The method: UserRec userRec = rAdmin.GetUserRec
(
HttpContext.Current.User.Identity.Name,
Context.Current.Session["token"].ToString(),
recNo
); has after correct authorization for some users an errer, everytime! The can not see an difference between the users, who can login and the users who can not... We add a new user and he can not login, too. It is very strange. I can not explain this. I am software developers since other 4 years and word since over 6 years with C#, so I have some experiences... but i can not explain this error :-( Anke | | | |
| Archie
ArGoSoft Developer
Basic Member
Posts:152
| | 10 Feb 2009 04:38 PM |
| OK, token is saved as a session parameter. I am not sure whether there is anything in the client (web browser) settings that would not allow to maintain session...
How many users do you have who are having similar problems? I have not really heard of anyone reporting similar problems so far...
Archie
| | | |
| Anke
New Member
Posts:6
| | 11 Feb 2009 03:54 AM |
| Yeah - I have found the error today :-) The problem is, that I have implement some logic from the old webmail interface, which shows the message count for folders in the treeview. For this I take the method: IRAdmin rAdmin = (IRAdmin) Activator.GetObject(typeof (IRAdmin), dgUrl); UserRec userRec = rAdmin.GetUserRec(HttpContext.Current.User.Identity.Name, Utilities.UserData.Token, recNo ); You use tis method in you Webmail Frontend only for the EditUsers-Page. So I had the Idea that the problem is, that our test users are all "Domain Group Admins". For testing I set the user with the problems als domain group admin and she could login correctly. Do you have another way to get the user record, so that users which are not domain group admin can read there one properties like DisplayMessageCount and MailBoxSize? These 2 properties I like to know also for normal users ;-) Anke | | | |
| Anke
New Member
Posts:6
| | 16 Feb 2009 05:59 AM |
| Do you have no other way, to read the own user record? It is possible to expand the method in next version, so that the user can read his own record. In the moment can only the admins use this method :-( Anke | | | |
| Archie
ArGoSoft Developer
Basic Member
Posts:152
| | 17 Feb 2009 07:44 AM |
| Sorry, I do not understand the question... Do you mean, from web interface? Users definitely can read and update certain data in their records, you just click Settings link...
| | | |
| Anke
New Member
Posts:6
| | 17 Feb 2009 08:04 AM |
| I like to use the method '' from file UsersLogic.cs: UserRec userRec = rAdmin.GetUserRec
(
HttpContext.Current.User.Identity.Name,
Context.Current.Session["token"].ToString(),
recNo
); This method I can use only for domain group admins, all other users get an "Invalid token" exception The settings are not that I like to have. I need to know the value for 'DisplayMessageCount' and 'MailboxSize'. Which properties are not contained in the UserSettings-object, but they contains in UserRec-object. Also, how can I get the UserRec-object for non-admins?
Anke | | | |
|
| You are not authorized to post a reply. |
|
|
|  | | Mail Server v1.0.8.3 |
- Added support of STARTTLS (STLS) command for SMTP, POP3, IMAP, and SMTP relay and delivery, which will
allow secure, fully encrypted connections, when possible;
| | 11/6/2011 1:10:34 PM |
| Mail Server v1.0.8.2 |
- Optimized delivery speed. In earlier versions each "tick" which was checking whether messages were
in the outbox queue, was picking up only one message at a time. Now it will attempt to pick MaximumAllowedThreads-ActiveDelivery threads
messages, which should considerably increase deliver speed;
- Optimized SEARCH and STATUS IMAP commands. They appear to be used very extensively by Android, and (not that extensively, but still) by
iPhone. Now users who use mobile phones to access their IMAP accounts will see considerable improvement;
- Optimized STORE IMAP command. Before storing of IMAP flags was occuring one message at a time, which seemed to be fine
with SQL server, but proved to be slow for SQLite... Now it happens with single SQL call.
| | 10/8/2011 7:59:35 PM |
| ArGoSoft Mail Server v1.0.8.1 | -
Fixed a bug: when using IMAP via Firefox with "When I delete a message, move it
to Trash folder" option, marking messages in the trash folder was causing high CPU usage,
and was taking some time, making the server pretty much non-responsive. The problem was
happening only when using SQLite.
| | 6/6/2011 9:33:36 PM |
| ArGoSoft Mail Server v1.0.8.0 |
- Fixed a problem with web interface - was showing only first page of messages, and would not
switch to other pages; In order to fix the web interface, mail server itself has to be updated;
- When installint initially, was still using SQLite, even when SQL was requested;
- There was a problem with switching from SQLite database engine to SQL server database engine:
the SQL database was not being created;
| | 5/23/2011 5:53:55 PM |
| ArGoSoft Mail Server .NET v1.0.7.9 |
- The server no longer requires Microsoft SQL Server. If SQL server is not found, it will use
SQLite engine, which does not require separate installation. If SQL server is found, then user will be
prompted whether he wants to use it;
- Made other improvements, such as, now mailbox rebuild indexes orphaned records, rather then deleting them,
also added an opotion to increment UIDL validity of folder (both on the Mailbox viewer box);
- Made minor improvements on web interface;
| | 4/26/2011 9:47:25 PM |
| |
|  |  | |  |
|