|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Note: This original post is considered outdated. It is no longer necessary to write additional code to convert a page that requires login. See our follow up post for more details.
The original method described below is still valid and is kept for your reference.
Very often you must login through a login page first before you can access a page. For example, for an online shopping website, in order to access OrderHistory.aspx, the user must login to establish his/her identify first. In this case, if the user accesses OrderHistory.aspx directly without login, they will usually be presented the login page.
The situation will be exactly the same for EO.Pdf HTML to PDF converter. If you pass OrderHistory.aspx directly to the converter, the converter will not be able to access that page because it can not establish its identity with the web server. The web server will serve the login page instead. In that case the converted result will be the login page instead of the order history page.
In order to avoid such situation, you must provide enough information to the converter so that the converter can establish an identity with the server. If you have control over the server side code, you can:
1. Modify web.config to allow anonymous access to such pages. For example, add a location element to your web.config to allow anonymous access to OrderHistory.aspx;
2. Since the page now allows anonymous access, you must now check the user's identity in your page. If user has already logged in, then you can proceed to the normal logic; Otherwise proceed to step 3;
3. You can code your page to check additional query string arguments to establish user identity. For example, allowing user to pass such information to your page:
OrderHistory.aspx?user_id=1234&password=5678
In your code you can then check the passed in user_id and password and use that information to establish user identity.
Note: Do not pass user name and password in clear text in your real application. The above link is for demonstration only. Encrypt the information you pass in through query string in your real application.
If you do not have control over the server side code, you can capture the authentication cookie information and then pass the cookie to the server through HtmlToPdf.Options.AdditionalHeaders. The server will decode the authentication cookie and establish user identify with the cookie information.
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Update: Now this can be done with the new ASPXToPDF control. Simply put the control into your form and call RenderAsPDF when needed. It works regardless the page requres log in or not: http://www.essentialobjects.com/Products/EOPdf/ASPXToPDF.aspx
|
|
Rank: Newbie
Groups: Member
Joined: 3/21/2012
Posts: 8
|
"If you do not have control over the server side code, you can capture the authentication cookie information and then pass the cookie to the server through HtmlToPdf.Options.AdditionalHeaders. The server will decode the authentication cookie and establish user identify with the cookie information. "
This would be ideal for our use. I have the Authentication Cookie (encrypted) and the Authentication Ticket (decrypted), so how do I add this information to HtmlToPdf.Options.AdditionalHeaders?
This code should be close, but I don't know what goes in the questionmarks:
Dim authcookie As HttpCookie = HttpContext.Current.Request.Cookies.Get(FormsAuthentication.FormsCookieName)
Dim authticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(authcookie.Value)
HtmlToPdf.Options.AdditionalHeaders = New String() {String.Format("Cookie: $Version=1; {0}={1}", ???, ???)}
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Hi Rocco,
This method is usually much harder than it looks. If you are in the same application (thus the same authentication cookie would work), you should use ASPXToPDF instead. That control is free so you do not need to pay extra for it. If you are in a different application, then your cookie is not the same cookie for the other application and you cannot use the above code. Usually you will only manually put the cookie information through headers if you know the details about the headers and cookies very well and you can easily verify and troubleshoot in case something goes wrong with your own code (note cookies and headers are HTTP standard so it has nothing to do with us, thus you should be able to test and troubleshoot them with your own code or other methods, for example, by tracing network packages with a network traffic monitor). If you do not already know the detail, then we would not encourage you to go there as we won't troubleshoot for you if a problem occurs.
Thanks
|
|
Rank: Newbie
Groups: Member
Joined: 3/21/2012
Posts: 8
|
My page uses a MasterPage with UpdatePanel. ASPXtoPDF does not work well there but HTMLtoPDF does. The only problem is forms authentication, which is a requirement of my project. The calling page is in the same application as the page to be printed.
Your documentation says that "you can capture the authentication cookie information and then pass the cookie to the server through HtmlToPdf.Options.AdditionalHeaders" and I am just asking for an example showing this.
Second question: does ASPXtoPDF work with MVC3? Another project I am working on will need authenticated forms converted to PDF. If HTMLtoPDF.ConvertURL is not recommended for forms requiring authentication, is ASPXtoPDF the appropriate solution for a secure MVC3 application?
Thanks,
Rocco
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Hi,
ASPXToPDF should work fine with UpdatePanel as long as you do not put inside an UpdatePanel.
If you do want to pass the cookies yourself, you usually have to pass two cookies: ASP.NET authentication cookie and ASP.NET session cookie (note they may not exist all the time). Once you have your HttpCookie, you would simply do something like this to your header:
string cookie = string.Format("{0}={1};", cookie.Name, cookie.Value);
This will give you something like "ASP.NET_SessionId=xxxxxxx;". If you have multiple cookies, you would append them all together and it will be something like "Cookie: name1=value1; name2=value2;....". That would then appear as a single header entry in HtmlToPdf.Options.AdditionalHeaders. You do not have encrypt/decrypt it anyway.
ASPXToPDF does not work with MVC unless you use WebForm view engine because it requires a Web Form to function.
Once again, we HIGHLY discourage you to handle cookies yourself because on the server side, the cookies are handled by ASP.NET and there is no way for you to debug it. It is very easy for us to pass them in ---- we simply take whatever you pass in and hand it over without doing anything, but it's very difficult to debug once things goes wrong. The alternative method of passing additional query string mentioned in the original post is a much practical and easier method even though it would look like more code.
Thanks!
|
|
Rank: Newbie
Groups: Member
Joined: 3/21/2012
Posts: 8
|
Okay. Passing the authentication cookie would be best for my situation, and your marketing documentation makes it sound like a reasonable option, but I will take your advice and abandon that approach.
I have reworked the "Printer Friendly" ASPX form and added the ASPXtoPDF control to it. My specs require that from a different page, the user will click a button ("Display PDF") that needs to pop-up this form as a PDF. (yes, ConvertURL would have been perfect) They do not go to the page and then click a button. So, my "Display PDF" button pops up a window for my "Printer Friendly" form with RenderAsPDF() at the end of its Form_Load procedure. This workaround is very close to what I'm looking for. The only hurdle is the "Open Save Cancel" dialog box. I need it to just open. The user already clicked my button to display the PDF making the dialog redundant and confusing. Note: they can "save as" from the Adobe Reader tools, so they really don't need that dialog box.
My question: Is there a property I can set to just display the newly rendered page without forcing the user to answer a dialog box.
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Rocco wrote:Okay. Passing the authentication cookie would be best for my situation, and your marketing documentation makes it sound like a reasonable option, but I will take your advice and abandon that approach. I am not sure what you meant by "marketing documentation" here. I believe all the documentations we provided to you are technical in nature. One of the striking difference between us and our competitor is we DO NOT promise you the moon and then tell you that we actually don't have the moon later. Our goal is to help you to best use our product, not to sell you a product that does not work for you. We are able to do that because we have a solid product and we rely much more on the quality of the product and word of mouth rather than questionable marketing gimmicks. So if you believe there is anything in our documentation is intentionally misleading for "marketing purpose", please let us know and we will be more than happy to correct it. If for some reason you just believe that we are trying to intentionally misleading you anyway, then we will be more than happy to ask you to just use one of our competitors instead. We don’t want to get into a business of pointing fingers. Rocco wrote:I have reworked the "Printer Friendly" ASPX form and added the ASPXtoPDF control to it. My specs require that from a different page, the user will click a button ("Display PDF") that needs to pop-up this form as a PDF. (yes, ConvertURL would have been perfect) They do not go to the page and then click a button. So, my "Display PDF" button pops up a window for my "Printer Friendly" form with RenderAsPDF() at the end of its Form_Load procedure. This workaround is very close to what I'm looking for. The only hurdle is the "Open Save Cancel" dialog box. I need it to just open. The user already clicked my button to display the PDF making the dialog redundant and confusing. Note: they can "save as" from the Adobe Reader tools, so they really don't need that dialog box.
My question: Is there a property I can set to just display the newly rendered page without forcing the user to answer a dialog box. It has nothing to do with clicking a button or not. The button is just there to trigger the call, in the case of ASPXToPDF the key call is RenderAsPDF. If you don't want the button, just make the call in Page_Load. Thanks
|
|
Rank: Newbie
Groups: Member
Joined: 3/21/2012
Posts: 8
|
The popup dialog box was being delivered by the browser when displaying ASPXtoPDF rendered page. I was able to avoid this by saving the PDF to the server in AfterRender event and then redirecting to the PDF file. It may help others who get similar requirements, so here is my code: Quote:Protected Sub ASPXToPDF1_AfterRender(sender As Object, e As System.EventArgs)
Handles ASPXToPDF1.AfterRender
Dim filepath As String = "~/TempFiles/"
Dim filename As String = Guid.NewGuid().ToString() & ".pdf"
Dim result As HtmlToPdfResult = CType(ASPXToPDF1.Result, HtmlToPdfResult)
result.PdfDocument.Save(Path.Combine(Server.MapPath(filepath), filename))
Server.Transfer(ResolveUrl(filepath & filename))
End Sub
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,195
|
Great. Thanks for sharing!
|
|