Search Results

Search found 76 results on 4 pages for 'jsessionid'.

Page 1/4 | 1 2 3 4  | Next Page >

  • multiple stateful iframes per page will overwrite JSESSIONID?

    - by Nikita
    Hello, Looking for someone to either confirm or refute my theory that deploying two iframes pointing to two different stateful pages on the same domain can lead to JSESSIONIDs being overwritten. Here's what I mean: Setup suppose you have two pages that require HttpSession state (session affinity) to function correctly - deployed at http://www.foo.com/page1 and http://www.foo.com/page2 assume www.foo.com is a single host running a Tomcat (6.0.20, fwiw) that uses JSESSIONID for session id's. suppose these pages are turned into two iframe widgets to be embedded on 3rd party sites: http://www.site.com/page1" / (and /page2 respectively) suppose there a 3rd party site that wishes to place both widgets on the same page at http://www.bar.com/foowidgets.html Can the following race condition occur? a new visitor goes to http://www.bar.com/foowidgets.html browser starts loading URLs in foowidgets.html including the two iframe 'src' URLs because browsers open multiple concurrent connections against the same host (afaik up to 6 in chrome/ff case) the browser happens to simultaneously issue requests for http://www.foo.com/page1 and http://www.foo.com/page2 The tomcat @ foo.com receives both requests at about the same time, calls getSession() for the first time (on two different threads) and lazily creates two HttpSessions and, thus, two JSESSIONIDs, with values $Page1 and $Page2. The requests also stuff data into respective sessions (that data will be required to process subsequent requests) assume that the browser first receives response to the page1 request. Browser sets cookie JSESSIONID=$Page1 for HOST www.foo.com next response to the page2 request is received and the browser overwrites cookie JSESSIONID for HOST www.foo.com with $Page2 user clicks on something in 'page1' iframe on foowidgets.html; browser issues 2nd request to http://www.foo.com/page1?action=doSomethingStateful. That request carries JSESSIONID=$Page2 (and not $Page1 - because cookie value was overwritten) when foo.com receives this request it looks up the wrong HttpSession instance (because JSESSIONID key is $Page2 and NOT $Page1). Foobar! Can the above happen? I think so, but would appreciate a confirmation. If the above is clearly possible, what are some solutions given that we'd like to support multiple iframes per page? We don't have a firm need for the iframes to share the same HttpSession, though that would be nice. In the event that the solution will still stipulate a separate HttpSession per iframe, it is - of course - mandatory that iframe 1 does not end up referencing httpSession state for iframe 2 instead of own. off top of my head I can think of: map page1 and page2 to different domains (ops overhead) use URL rewriting and never cookies (messes up analytics) anything else? thanks a lot, -nikita

    Read the article

  • Setting httponly in JSESSIONID cookie (Java EE 5)

    - by mythandros
    I'm trying to set the httponly flag on the JSESSIONID cookie. I'm working in Java EE 5, however, and can't use setHttpOnly(). First I tried to create my own JSESSIONID cookie from within the servlet's doPost() by using response.setHeader(). When that didn't work, I tried response.addHeader(). That didn't work either. Then, I learned that the servlet handled converting the session into a JSESSIONID cookie and inserting it into the http header so if I want to play with that cookie, I'll have to write a filter. I wrote a filter and played with setHeader()/addHeader() there, again to no avail. Then, I learned that there's some flush/close action going on in the response object before it gets to the filter so if I want to manipulate the data, I need to extend HttpServletResponseWrapper and pass that to filterChain.doFilter(). This is done but I'm still not getting results. Clearly I'm doing something wrong but I don't know what. I'm not sure if this is at all relevant to the question at hand but no html document is being returned by the servlet to the browser. All that's really happening is that some objects are being populated and returned to a JSP document. I've sort of assumed that The Session object is turned into a JSESSIONID cookie and wrapped -- along with the objects added to the request -- in an http header before being sent to the browser. I'd be happy to post some code but I want to rule out the possibility that my difficulties stem from a misunderstanding of the theory first.

    Read the article

  • Accessing the JSESSIONID from JSF

    - by Frank Nimphius
    The following code attempts to access and print the user session ID from ADF Faces, using the session cookie that is automatically set by the server and the Http Session object itself. FacesContext fctx = FacesContext.getCurrentInstance(); ExternalContext ectx = fctx.getExternalContext(); HttpSession session = (HttpSession) ectx.getSession(false); String sessionId = session.getId(); System.out.println("Session Id = "+ sessionId); Cookie[] cookies = ((HttpServletRequest)ectx.getRequest()).getCookies(); //reset session string sessionId = null; if (cookies != null) { for (Cookie brezel : cookies) {     if (brezel.getName().equalsIgnoreCase("JSESSIONID")) {        sessionId = brezel.getValue();        break;      }   } } System.out.println("JSESSIONID cookie = "+sessionId); Though apparently both approaches to the same thing, they are different in the value they return and the condition under which they work. The getId method, for example returns a session value as shown below grLFTNzJhhnQTqVwxHMGl0WDZPGhZFl2m0JS5SyYVmZqvrfghFxy!-1834097692!1322120041091 Reading the cookie, returns a value like this grLFTNzJhhnQTqVwxHMGl0WDZPGhZFl2m0JS5SyYVmZqvrfghFxy!-1834097692 Though both seem to be identical, the difference is within "!1322120041091" added to the id when reading it directly from the Http Session object. Dependent on the use case the session Id is looked up for, the difference may not be important. Another difference however, is of importance. The cookie reading only works if the session Id is added as a cookie to the request, which is configurable for applications in the weblogic-application.xml file. If cookies are disabled, then the server adds the session ID to the request URL (actually it appends it to the end of the URI, so right after the view Id reference). In this case however no cookie is set so that the lookup returns empty. In both cases however, the getId variant works.

    Read the article

  • How to generate custom JSESSIONID, based on some hash of user's data in order to replicate session

    - by Shaman
    Is it possible to override Tomcat's embedded generator of JSESSIONID, to be able to create custom values of this cookie, based on user's login? Why do I need this: I have a load balancer with "sticky sessions", configured to route requests with the same JSESSIONID to the same server, and I want to prevent situation, when same user can start two different sessions on different servers.

    Read the article

  • How to generate custom JSESSIONID, based on some hash of user's data?

    - by Shaman
    Is it possible to override Tomcat's embedded generator of JSESSIONID, to be able to create custom values of this cookie, based on user's login? Why do I need this: I have a load balancer with "sticky sessions", configured to route requests with the same JSESSIONID to the same server, and I want to prevent situation, when same user can start two different sessions on different servers.

    Read the article

  • JSESSIONID collision between two servers on same ip but different ports

    - by Steve Armstrong
    I've got a situation where I have two different webapps running on a single server, using different ports. They're both running Java's Jetty servlet container, so they both use a cookie parameter named JSESSIONID to track the session id. These two webapps are fighting over the session id. Open a Firefox tab, and go to WebApp1 WebApp1's HTTP response has a set-cookie header with JSESSIONID=1 Firefox now has a Cookie header with JSESSIONID=1 in all it's HTTP requests to WebApp1 Open a second Firefox tab, and go to WebApp2 The HTTP reqeust to WebApp2 also has a Cookie header with JSESSIONID=1, but in the doGet, when I call req.getSession(false); I get null. And if I call req.getSession(true) I get a new Session object, but then the HTTP response from WebApp2 has a set-cookie header with JSESSIONID=20 Now, WebApp2 has a working Session, but WebApp1's session is gone. Going to WebApp1 will give me a new session, blowing away WebApp2's session. Continue forever So the Sessions are thrashing between each web app. I'd really like for the req.getSession(false) to return a valid session if there's already a JSESSIONID cookie defined. One option is to basically reimplement the Session framework with a HashMap and cookies called WEBAPP1SESSIONID and WEBAPP2SESSIONID, but that sucks, and means I'll have to hack the new Session stuff into ActionServlet and a few other places. This must be a problem others have encountered. Is Jetty's HttpServletRequest.getSession(boolean) just crappy?

    Read the article

  • Losing JSESSIONID when using ProxyHTMLURLMap

    - by Matthew Schmitt
    I've setup a reverse proxy between an Apache front-end and multiple Tomcat backends. The below block of code includes the ProxyHTMLURLMap param so that the HTML can be rewritten to remove the Tomcat context path. With this setup in place, after logging into my application, an initial JSESSIONID is set properly, but when navigating to any other page, this JSESSIONID is lost and another one is set by the application. I should mention that the initial login directs to a URL that includes the current context path (i.e. https://app.domain.com/context/home), but when navigating to another page, that context path is not present in the URL (i.e. https://app.domain.com/page2). <Proxy balancer://happcluster> BalancerMember ajp://happ01.h.s.com:8009 route=worker1 loadfactor=10 timeout=15 retry=5 BalancerMember ajp://happ02.h.s.com:8009 route=worker2 loadfactor=10 timeout=15 retry=5 BalancerMember ajp://happ03.h.s.com:8009 route=worker3 loadfactor=5 timeout=15 retry=5 BalancerMember ajp://happ04.h.s.com:8009 route=worker4 loadfactor=5 timeout=15 retry=5 BalancerMember ajp://happ05.h.s.com:8009 route=worker5 loadfactor=5 timeout=15 retry=5 ProxySet lbmethod=bytraffic ProxySet stickysession=JSESSIONID </Proxy> ProxyPass /context balancer://happcluster/context ProxyPass / balancer://happcluster/context/ <Location /context/> # Rewrite HTTP headers and HTML/CSS links for everything else ProxyPassReverse / ProxyPassReverseCookieDomain / app.domain.com ProxyPassReverseCookiePath / /context ProxyHTMLURLMap /context/ / # Be prepared to rewrite the HTML/CSS files as they come back # from Tomcat SetOutputFilter INFLATE;proxy-html;DEFLATE </Location> Has anyone ever run into a similar situation?

    Read the article

  • why jsessionid is appended to each url?

    - by sword101
    greetings all i am deploying an app using spring framework on the apache tomcat when running the application from the tomcat directly,there's no jsessionid appended to any url at all but after mapping the application to the domain,and trying to run it i got a jsessionid appended to each url in the application,i tried the spring security attribute disable-url-rewriting but it doesn't work,it removes the jsessionid from the url but the application doesn't work no more,the user cannot login. so i guess it's another problem,any ideas why this happens,how to solve it? thanks.

    Read the article

  • Java,Tomcat,Sessions - JSessionId disappear

    - by Bob
    Hi, I'm having a problem with java sessions. I'm developing a simple web app, where I have to use sessions and session attributes. Everything is fine until I close my browser. When I close my browser the JSessionId disappears. Here's my code: request.getSession().setMaxInactiveInterval(30*60); //it's 30 minutes request.getSession().setAttribute("someinteger", 10); It works great, but when I shut down the browser, and reopen it I can't find the jsessionId (before I closed the browser I could find it in the 'localhost' section). The strange thing is I can still find the "someinteger" cookie. What is the problem? What am I doing wrong? I'm using this, too: link text, and it shows that JSESSIONID cookie expires : "SESSION", and "someinteger" expires in 30 minutes Thanks in advance.

    Read the article

  • Java,Tomcat,Sessions - JSessionId disappears

    - by Bob
    Hi, I'm having a problem with java sessions. I'm developing a simple web app, where I have to use sessions and session attributes. Everything is fine until I close my browser. When I close my browser the JSessionId disappears. Here's my code: request.getSession().setMaxInactiveInterval(30*60); //it's 30 minutes request.getSession().setAttribute("someinteger", 10); It works great, but when I shut down the browser, and reopen it I can't find the jsessionId (before I closed the browser I could find it in the 'localhost' section). The strange thing is I can still find the "someinteger" cookie. What is the problem? What am I doing wrong? I'm using this, too: link text, and it shows that JSESSIONID cookie expires : "SESSION", and "someinteger" expires in 30 minutes Thanks in advance.

    Read the article

  • prevent generating new jsessionid?

    - by mr.lost
    greetings all my application uses spring framework,spring security 3.0.2 we use apache tomcat as app server the problem is that with each new request to the application a new jsessionid is generated and a new session is created so the user is logged out and that's weird,why generating new jsessionid,how to stop that? i reviewed the code,nothing is creating a new session? is it a framework problem or app server problem or what? your help is very appreciated. thank you.

    Read the article

  • Getting the JSESSIONID from the response Headers in C#

    - by acadia
    Hello, In my C# Windows application I am building a web request and getting the response back Uri uri = null; string workplaceURL = "http://filenet:9081/WorkPlaceXT"; uri = new Uri(workplaceURL + "/setCredentials?op=getUserToken&userId=" + encodeLabel(userName) + "&password=" + encodeLabel(pwd) + "&verify=true"); System.Net.WebRequest webRequest = System.Net.WebRequest.Create(uri); System.Net.WebResponse webResponse = webRequest.GetResponse(); StreamReader streamReader = new StreamReader(webResponse.GetResponseStream()); and I am getting the headers back as shown below ?webResponse.Headers {ResultXml: <?xml version="1.0"?><response><errorcode>0</errorcode><description>Success.</description></response> Content-Language: en-US Content-Length: 201 Cache-Control: no-cache="set-cookie, set-cookie2" Date: Thu, 03 Jun 2010 16:10:12 GMT Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: JSESSIONID=0000GiPPR9PPceZSv6d0FC4-vcT:-1; Path=/ Server: WebSphere Application Server/6.1 } base {System.Collections.Specialized.NameValueCollection}: {ResultXml: <?xml version="1.0"?><response><errorcode>0</errorcode><description>Success.</description></response> Content-Language: en-US Content-Length: 201 Cache-Control: no-cache="set-cookie, set-cookie2" Date: Thu, 03 Jun 2010 16:10:12 GMT Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: JSESSIONID=0000GiPPR9PPceZSv6d0FC4-vcT:-1; Path=/ Server: WebSphere Application Server/6.1 How do I fetch just the JSESSIONID? as I need to pass the JSESSIOID to a different URL. Please help

    Read the article

  • Spring MVC and Jetty: Prevent jsessionid from being used in RedirectView on redirect to external sit

    - by Moritz Both
    In Spring MVC 2.5 with Jetty - probably with any servlet container -, I want to redirect to an external site using RedirectView via the magic "redirect:" prefix for the view name in ModelAndView. Unfortunately, RedirectView uses response.encodeURL(), so my (otherwiese wanted) session id is appended to the URL. It is not only a security risk to carry the session id to the external site, the ";jsessionid=gagnbaba" string may also be interpreted as part of the ContextPath/PathInfo on the other site, resulting in a bad URL. Any "springish" options other than implement my own ExternalRedirectView... and also hack the ViewResolver to interpret a "externalRedirect:" prefix? (Requiring cookies is not an option.) Moritz

    Read the article

  • HttpWebRequest sessionID c# login

    - by warne
    Im trying to login to a website (www.vodafone.ie) with a console app and c# httpWebRequest. Problem is it works ok about 50% of the time. Im using fiddler to find out the GET and POST requests I need to make. Done that and my app is successfully recreating these as best as I can see. The steps are; 1) GET request with cookie container to login uri. server response sets new cookie called jsessionID 2) do POST request with login credentials and same cookie container containing previous jsessionID. Looking at the fiddler logs for successful POST request login (browser or my app) I see it sets a thing in the response header : "Set-cookie: supercookie=-; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=". What is this supercookie thing? Its not returned to me in the response cookie collection like the jsessionID. On rare occasions, there is along string of numbers with the supercookie instead of just "-". I made sure to clear all cookies before analyzing the request/response headers. If the super cookie thing is not being set in the reponse my login fails. So just wondering what's going on here? cheers!

    Read the article

  • Servlet Session - switch from URL Rewriting to Cookie

    - by lajuette
    Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to the target system. For that i need a valid session cookie. The target system is not under my control (could be a more or less public WFS, WMS, etc.), so i cannot add any SSO mechanism to it. Question: Is it possible to "steal" a Session forging a request which URL contains a valid session ID in the jsessionid parameter? Goal : Issue such a request to a Servlet and make it respond with a Set-Cookie header that contains the same id. That way the frontend joins the session and may do whatever the user, which was used to create the session, is able to do.

    Read the article

  • How to set up secure cookie on weblogic server

    - by adejuanc
    WebLogic Server allows a user to securely access HTTPS resources in a session that was initiated using HTTP, without loss of session data. To enable this feature, add AuthCookieEnabled="true" to the WebServer element in config.xml: <WebServer Name="myserver" AuthCookieEnabled="true"/>Setting AuthCookieEnabled to true, which is the default setting, causes the WebLogic Server instance to send a new secure cookie, _WL_AUTHCOOKIE_JSESSIONID, to the browser when authenticating via an HTTPS connection. Once the secure cookie is set, the session is allowed to access other security-constrained HTTPS resources only if the cookie is sent from the browser.Thus, WebLogic Server uses two cookies: the JSESSIONID cookie and the _WL_AUTHCOOKIE_JSESSIONID cookie. By default, the JSESSIONID cookie is never secure, but the _WL_AUTHCOOKIE_JSESSIONID cookie is always secure. A secure cookie is only sent when an encrypted communication channel is in use. Assuming a standard HTTPS login (HTTPS is an encrypted HTTP connection), your browser gets both cookies.For subsequent HTTP access, you are considered authenticated if you have a valid JSESSIONID cookie, but for HTTPS access, you must have both cookies to be considered authenticated. If you only have the JSESSIONID cookie, you must re-authenticate.To configure on Admin Console : Log into WebLogic Admin Console. Under Domain Structure, press click on <domainname> Select the "Web Applications" tab Select "Lock and Edit" in change center. Click on  "Auth Cookie Enabled" checkbox. Restart to confirm changes. Test an application and view the cookie which got stored as "JSESSIONID" To Configure the Web application's weblogic-application.xml file: Run the following to extract the file from the web application's weblogic-application.xml: $PATH_JDK_HOME\binjar -xvf easy-web-examples.ear META-INF/weblogic-application.xml Add <cookie-secure>true</cookie-secure> between <session-descriptor> </session-descriptor> to the weblogic-application.xml. Run the following to repackage the file to the application: $PATH_JDK_HOME\bin\jar -uvf easy-web-examples.ear META-INF/weblogic-application.xml Deploy the application into WebLogic For further information, please read the documentation on "Using Secure Cookies to Prevent Session Stealing " : http://download.oracle.com/docs/cd/E12840_01/wls/docs103/security/thin_client.html#wp1053780

    Read the article

  • Migrate apache->tomcat to nginx->tomcat

    - by Slezhuk
    Now we are using apache2 as frontend, and tomcat as backend. We are using mod_proxy_balancer and AJP. Also we are using stickysession by JSESSIONID cookie: <Proxy balancer://backend> BalancerMember ajp://127.0.0.1:8008 min=10 max=100 ping=5 connectiontimeout=40 ttl=60 retry=20 route=node-1 BalancerMember ajp://127.0.0.1:8009 min=10 max=100 ping=5 connectiontimeout=40 ttl=60 retry=20 route=node-2 ProxySet lbmethod=byrequests timeout=30 ProxySet stickysession=JSESSIONID|jsessionid nofailover=Off </Proxy> and using jvmRoute parameter in web.xml to add tail to JSESSIONID cookie: <Engine name="Catalina" defaultHost="localhost" jvmRoute="node-1"> So far i did not found way to do this in nginx. Is there any solution for this? We are not using session replication, so getting sequential requests to same backend is crucial.

    Read the article

  • Restoring web session in struts2

    - by bozo
    Hi, I have a classical scenario of a website and payment gateway integration, where the request for payment is sent to payment processor, and the payment processor calls back my application once it's done with some parameters I passed to it in the original request. Among parameters, we pass jsessionid and we expect that when the remote server makes request to our server (via customer browser redirect to our server) that the session will be the same as the session used to send the initial payment request. This does not happen, we have two different sessions, although the payment processor includes our original jsessionid in the request to us (https://blabla/?jsessionid=something). How should we go about recreating a session in struts2, in the only thing that connects the 'OLD' and 'NEW' session is the jsessionid in the request URL? Any ideas? Is this possible at all or is the 'OLD' session data deleted when the user moves away from our server onto a completely different domain of a payment processor with their data-entry form? This would explain our innability to recreate the session. Thanks a lot for your replies.

    Read the article

  • Tomcat cookies not working via my ProxyPass VirtualHost

    - by John
    Hi there. I'm having some issues with getting cookies to work when using a ProxyPass to redirect traffic on port 80 to a web-application hosted via Tomcat. My motivation for enabling cookies is to get rid of the "jsessionid=" parameter that is appended to the URLs. I've enabled cookies in my context.xml in META-INF/ for my web application. When I access the webapplication via http://url:8080/webapp it works as expected, the jsessionid parameter is not visible in the URL, instead it's stored in a cookie. When accessing my website via an apache2 virtualhost the cookies doesn't seem to work because now "jsessionid" is being appended to the URLs. How can I solve this issue? Here's my VHost configuration: <VirtualHost *:80 ServerName somedomain.no ServerAlias www.somedomain.no <Proxy * Order deny,allow Allow from all </Proxy ProxyPreserveHost Off ProxyPass / http://localhost:8080/webapp/ ProxyPassReverse / http://localhost:8080/webapp/ ErrorLog /var/log/apache2/somedomain.no.error.log CustomLog /var/log/apache2/somedomain.no.access.log combined </VirtualHost

    Read the article

  • AWStats log format for tomcat access logs which has X-Forwarded-For

    - by Nix
    What should be the AWStats log format for below tomcat access logs ? I tried these formats but the external IP addresses are not coming into AWStats reports. LogFormat="%host %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot %referer %other %other" LogFormat="%other %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot %host_proxy" tomcat valve settings: pattern="%h %l %{USER_ID}s %t &quot;%r&quot; %s %b &quot;%{Referer}i&quot; &quot;%{User-Agent}i&quot; &quot;X-Forwarded-For=%{X-Forwarded-For}i&quot; &quot;JSESSIONID=%{JSESSIONID}c&quot; %D" Log entry: 127.0.0.1 - - [04/Nov/2013:13:39:55 +0000] "GET / HTTP/1.1" 200 12345 "https://www.google.com/url?some_url" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36" "X-Forwarded-For=real_ip, proxy_server_internal_ip" "JSESSIONID=-" 12345

    Read the article

  • Mixing RewriteRule and ProxyPass in Apache

    - by Taylor L
    I was working on debugging an issue today related to mixing mod_proxy and mod_rewrite together and I ended up having to use balancer://mycluster in the RewriteRule in order to stop receiving a 404 error from Apache. I have two questions: 1) Is there any other way to get the rewritten URL to go through the balancer without adding balancer://mycluster into the RewriteRule? 2) Is there a way to define all the parameters I defined in ProxyPass (stickysession=JSESSIONID|jsessionid scolonpathdelim=On lbmethod=bytraffic nofailover=Off) in either the <Proxy> or RewriteRule? I'm concerned the requests that match the new RewriteRule won't load balance in the same fashion as those that go through ProxyPass (like /app1/something.do)? Below are the relevant sections of the httpd.conf. I am using Apache 2.2. <Proxy balancer://mycluster> Order deny,allow Allow from all BalancerMember ajp://my.domain.com:8009 route=node1 BalancerMember ajp://my.domain.com:8009 route=node2 </Proxy> ProxyPass /app1 balancer://mycluster/app1 stickysession=JSESSIONID|jsessionid scolonpathdelim=On lbmethod=bytraffic nofailover=Off ProxyPassReverse /app1 ajp://my.domain.com:8009/app1 ... RewriteRule ^/static/cms/image/(.*)\.(.*) balancer://mycluster/app1/$1.$2 [P,L]

    Read the article

  • struts2-json-plugin not retrieving json data from action class for Struts-JQuery-Plugin grid

    - by thebravedave
    Hello, Im having an issue getting json working with the struts-jquery-plugin-2.1.0 I have included the struts2-json-plugin-2.1.8.1 in my classpath as well. Im sure that I have my struts-jquery-plugin configured correctly because the grid loads, but doesnt load the data its supposed to get from the action class that has been json'ized. The documentation with the json plugin and the struts-jquery plugin leaves ALOT of gaps that I cant even find with examples/tutorials, so I come to the community at stackoverflow. My action class has a property called gridModel thats a List with a basic POJO called Customer. Customer is a pojo with one property, id. I have a factory that supplies the populated List to the actions List property which i mentioned called gridModel. Heres how i set up my struts.xml file: <constant name="struts.devMode" value="true"/> <constant name="struts.objectFactory" value="guice"/> <package name="org.webhop.ywdc" namespace="/" extends="struts-default,json-default"> <result-types> <result-type name="json" class="com.googlecode.jsonplugin.JSONResult"> </result-type> </result-types> <action name="login" class="org.webhop.ywdc.LoginAction" > <result type="json"></result> <result name="success" type="dispatcher">/pages/uiTags/Success.jsp</result> <result name="error" type="redirect">/pages/uiTags/Login.jsp</result> <interceptor-ref name="cookie"> <param name="cookiesName">JSESSIONID</param> </interceptor-ref> </action> <action name="logout" class="org.webhop.ywdc.LogoutAction" > <result name="success" type="redirect">/pages/uiTags/Login.jsp</result> </action> </package> In the struts.xml file i set the and in my action i listed in the action configuration. Heres my jsp page that the action loads: <%@ taglib prefix="s" uri="/struts-tags" % <%@ taglib prefix="sj" uri="/struts-jquery-tags"% <%@ taglib prefix="sjg" uri="/struts-jquery-grid-tags"% <%@ page language="java" contentType="text/html" import="java.util.*"% Welcome, you have logged in! <s:url id="remoteurl" action="login"/> <sjg:grid id="gridtable" caption="Customer Examples" dataType="json" href="%{remoteurl}" pager="false" gridModel="gridModel" > <sjg:gridColumn name="id" key="true" index="id" title="ID" formatter="integer" sortable="false"/> </sjg:grid> Welcome, you have logged in. <br /> <b>Session Time: </b><%=new Date(session.getLastAccessedTime())%> <h2>Password:<s:property value="password"/></h2> <h2>userId:<s:property value="userId"/></h2> <br /> <a href="<%= request.getContextPath() %>/logout.action">Logout</a><br /><br /> ID: <s:property value="id"/> session id: <s:property value="JSESSIONID"/> </body> Im not really sure how to tell what json the json plugin is creating from the action class. If i did know how i could tell if it wasnt formed properly. As far as I know if I specificy in my action configuration in struts.xml, that the grid, which is set to read json and knows to look for "gridModel" will then automatically load the json to the grid, but its not. Heres my action class: public class LoginAction extends ActionSupport { public String JSESSIONID; public int id; private String userId; private String password; public Members member; public List<Customer> gridModel; public String execute() { Cookie cookie = new Cookie("ywdcsid", password); cookie.setMaxAge(3600); HttpServletResponse response = ServletActionContext.getResponse(); response.addCookie(cookie); HttpServletRequest request = ServletActionContext.getRequest(); Cookie[] ckey = request.getCookies(); for(Cookie c: ckey) { System.out.println(c.getName() + "/cookie_name + " + c.getValue() + "/cookie_value"); } Map requestParameters = ActionContext.getContext().getParameters();//getParameters(); String[] testString = (String[])requestParameters.get("password"); String passwordString = testString[0]; String[] usernameArray = (String[])requestParameters.get("userId"); String usernameString = usernameArray[0]; Injector injector = Guice.createInjector(new GuiceModule()); HibernateConnection connection = injector.getInstance(HibernateConnection.class); AuthenticationServices currentService = injector.getInstance(AuthenticationServices.class); currentService.setConnection(connection); currentService.setInjector(injector); member = currentService.getMemberByUsernamePassword(usernameString, passwordString); userId = member.getUsername(); password = member.getPassword(); CustomerFactory customerFactory = new CustomerFactory(); gridModel = customerFactory.getCustomers(); if(member == null) { return ERROR; } else { id = member.getId(); Map session = ActionContext.getContext().getSession(); session.put(usernameString, member); return SUCCESS; } } public String logout() throws Exception { Map session = ActionContext.getContext().getSession(); session.remove("logged-in"); return SUCCESS; } public List<Customer> getGridModel() { return gridModel; } public void setGridModel(List<Customer> gridModel) { this.gridModel = gridModel; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getUserId() { return userId; } public void setUserId(String userId) { this.userId = userId; } public String getJSESSIONID() { return JSESSIONID; } public void setJSESSIONID(String jsessionid) { JSESSIONID = jsessionid; } } Please help me with this problem. You will make my week, as this is a major bottleneck for me :( thanks so much, thebravedave

    Read the article

  • Tomcat cookies not working via my ProxyPass VirtualHost

    - by John
    Hi there. I'm having some issues with getting cookies to work when using a ProxyPass to redirect traffic on port 80 to a web-application hosted via Tomcat. My motivation for enabling cookies is to get rid of the "jsessionid=" parameter that is appended to the URLs. I've enabled cookies in my context.xml in META-INF/ for my web application. When I access the webapplication via http://url:8080/webapp it works as expected, the jsessionid parameter is not visible in the URL, instead it's stored in a cookie. When accessing my website via an apache2 virtualhost the cookies doesn't seem to work because now "jsessionid" is being appended to the URLs. How can I solve this issue? Here's my VHost configuration: <VirtualHost *:80 ServerName somedomain.no ServerAlias www.somedomain.no <Proxy * Order deny,allow Allow from all </Proxy ProxyPreserveHost Off ProxyPass / http://localhost:8080/webapp/ ProxyPassReverse / http://localhost:8080/webapp/ ErrorLog /var/log/apache2/somedomain.no.error.log CustomLog /var/log/apache2/somedomain.no.access.log combined </VirtualHost

    Read the article

1 2 3 4  | Next Page >