ISArc drags the Kiosk into the 21st Century

WebFence
WebFence

So today we began another revolution – to drag the humble “web-kiosk” into the 21st century.

Our goals were clear:

  • Create kiosk software that actually works and allows users to browse the web un-hindered by previous users
  • 100% remotely controlled by a central web-based information management system
  • Allow for whitelist of approved websites
  • Must run on low-power Atom-based PCs (but still require Windows 7 – for now)
  • Must use Internet Explorer 9 (or an implemention of the IE browser engine)
  • Must have “session” management – allowing for the creation of individual session logons
  • Must provide reporting on time-spent, number of users etc
  • Must have a catchy name
  • Must be very very very easy to use and manage
  • Must be “self-fixing” – and require zero maintenance call-outs
  • Must allow for the recording of activity
  • Must allow for the remote termination of a session

the result….

www.webfence.co.uk

A visual basic (framework 4) custom browser application that replaces Windows Explorer, connects using web services to an information management system written in ASP.Net Framework 4 with Microsoft SQL Server running behind the scenes and automatically re-sets everything at the end of the browsing session.

Simple.

the work continues!

Storing session state in SQL Server for use with ASP.NET

We have recently been working on migrating all of our systems over to asp.net (from classic ASP) and one of the opportunities was to do “proper” session state management, not only allowing us to increase performance of the session state, but minimise server memory load during peak times, so we investigated putting the session into SQL Server (on a separate server) so that it can be shared with multiple servers.

Its actually very straight-forward:

1. On the SQLServer, open a new command window (as Administrator, which it is by default in Server 2003/2008).

Go to the root by typing (after each line press Enter)

CD\

CD Windows

CD Microsoft.NET

CD Framework

CD v2.0.50727

You should end up with:

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>

Now type in the actual command to add the session to SQL Server (it is case sensitive)

aspnet_regsql -ssadd -S <servername> -U <sa or admin user on the SQLServer> -P <password for chosen account> -sstype p

The most common problem is that the SQLServer cannot be found – things to check are:

1. Is the server name correct – if you installed SQLServer and did not use the default instance then you need to put the instance name after the server name. e.g. SERVERNAME\SQLServer or SERVERNAME\MSSQLServer

2. Does the account you are using have access to create databases. In general, we have found that using the sa account works best, however if you encounter problems (like we have on numerous occasions) then creating a new account that has equivalent rights to create a database.

3. From a security standpoint we only enable the sa account to add session state and then instantly disable it again – it is highly dangerous to leave the sa account enabled, as this (as we have experienced) can lead to some rather nasty persons trying to brute-force break into the SQLServer

Update (September 2018): To add session state using the Windows account you are logged in as (if your instance of SQL Server allows the windows user to  log in). You can just copy and paste this directly in to the command line

c:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql -ssadd -S localhost -E -sstype p