NHibernateProfiler.Initialize() in production code

292 views
Skip to first unread message

DanPlaskon

unread,
Sep 17, 2013, 1:09:25 PM9/17/13
to nhp...@googlegroups.com
Hello,

Quick question: When we used NHProf version 1, we typically used the following pattern in our application start up:

If Not IsProduction Then
    NHibernateProfiler.Initialize()
End

As it was best practice not to initialize the profiler in a production environment (for obvious reasons)

I'm confused - is this still required with NHProf Version 2, since it features support for production profiling and so forth?

Thanks in advance!

-Dan

Oren Eini (Ayende Rahien)

unread,
Sep 18, 2013, 5:13:35 AM9/18/13
to nhprof
In 2.0 you have a dedicated in production mode, which is different than the dev mode.


--
You received this message because you are subscribed to the Google Groups "nhprof" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nhprof+un...@googlegroups.com.
To post to this group, send email to nhp...@googlegroups.com.
Visit this group at http://groups.google.com/group/nhprof.
For more options, visit https://groups.google.com/groups/opt_out.

Mehdi El Gueddari

unread,
Sep 18, 2013, 6:25:37 AM9/18/13
to nhp...@googlegroups.com
I'm sure you're not the only one confused. I've always been baffled at the complete lack of documentation for NHProf's best feature. The NHProf's page (http://www.hibernatingrhinos.com/products/NHProf) doesn't have any mention that a version 2.0 even exists, let alone any mention of what new features version 2.0 has.

The only mention of production profiling I've been able to find is in a screenshot caption and, as far as I can see, there is no explanation anywhere of what this mysterious "production profiling" is or how you're supposed to use it.

Which is a shame because it's awesome.

The only "documention" of production profiling I've been able to find is is this blog post: http://blog.hibernatingrhinos.com/12769/uber-prof-production-profiling-profiling-production-application-on-azure

It's been writen for Entity Framework Profiler but it works in the same way with NHProf. If there is a proper doc somewhere, I'd love to know about it.

What this blog post doesn't mention at all is how to restrict access to NHProf when production profiling is active. When you use production profiling, NHProf becomes accessible at http://yoursite.com/profiler/profiler.html as a Silverlight application. By default, access is not restricted, which is obviously a massive security hole. I'm sure the NHProf guys have got something in there that let you restrict access. But since there's no doc, it's anyone's guess what it is and how you configure it.

What we've done for our sites is adding this to our web.config to restrict access to logged-in users belonging to our Admin role:

<!-- Only allow administrators to access NHibernate Profiler -->

  <location path="profiler">

    <system.webServer>

      <security>

        <authorization>

          <remove users="*" roles="" verbs="" />

          <add accessType="Allow" users="" roles="Admin" />

        </authorization>

      </security>

    </system.webServer>

  </location>



Good luck!

Mehdi





--

DanPlaskon

unread,
Sep 18, 2013, 7:56:11 AM9/18/13
to nhp...@googlegroups.com
Ayende,

So....is it still advisable to do:

If Not IsProduction Then
    NHibernateProfiler.Initialize()
End

In NHProf version 2?

Also, I'm with Mehdi here - the first thing I did was go to the nhprof.com site to read up - and was bummed to see that site hasn't changed at all in the 2+ years since I purchased NHProf V1. I know documentation isn't anyone's favorite job, but can't we get some version 2 docs?

Oren Eini (Ayende Rahien)

unread,
Sep 20, 2013, 3:59:40 AM9/20/13
to nhprof
You are correct. We sucks at docs, I am afraid.
We will be correcting this in a week or so.

Oren Eini (Ayende Rahien)

unread,
Sep 20, 2013, 4:00:23 AM9/20/13
to nhprof
Regarding IsProduction, yes, that is advisable unless you setup production profiling.

DanPlaskon

unread,
Sep 20, 2013, 7:53:01 AM9/20/13
to nhp...@googlegroups.com
Ayende,

Awesome - thank you for the replies, looking forward to having some updated documentation available.

Regarding how profiling is setup - I have a suggestion:

Can't we have something like:

 NHibernateProfiler.InitializeAsConfigured()

And have the debug/production/off switch controlled by something like an app.config option?

Oren Eini (Ayende Rahien)

unread,
Sep 20, 2013, 8:02:02 AM9/20/13
to nhprof

DanPlaskon

unread,
Dec 19, 2013, 7:54:12 AM12/19/13
to nhp...@googlegroups.com
Any update on this documentation?

Fitzchak Yitzchaki

unread,
Dec 22, 2013, 10:49:06 AM12/22/13
to nhp...@googlegroups.com
Here is a page with instructions how to use the production profiling feature:

Best Regards,

Fitzchak Yitzchaki

Hibernating Rhinos Core Team



DanPlaskon

unread,
Jan 14, 2014, 2:14:37 PM1/14/14
to nhp...@googlegroups.com
Hey Fitzchak,

Sorry for the late reply - thanks for adding this!

Cheers,

Dan
Reply all
Reply to author
Forward
0 new messages