Search Results

Search found 9460 results on 379 pages for 'session'.

Page 10/379 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Uploadify (Session and authentication) with ASP.NET MVC

    - by Dragouf
    When I use Authorize filter on an action or a controller used by uplodify (http://www.uploadify.com/) the action isn't reach... moreover Session are not retrieved. I found this to retrieved user session : http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx But how to use it with [Authorize] filter and retrieved session ?

    Read the article

  • NHibernate, Databinding to DataGridView, Lazy Loading, and Session managment - need advice

    - by Tom Bushell
    My main application form (WinForms) has a DataGridView, that uses DataBinding and Fluent NHibernate to display data from a SQLite database. This form is open for the entire time the application is running. For performance reasons, I set the convention DefaultLazy.Always() for all DB access. So far, the only way I've found to make this work is to keep a Session (let's call it MainSession) open all the time for the main form, so NHibernate can lazy load new data as the user navigates with the grid. Another part of the application can run in the background, and Save to the DB. Currently, (after considerable struggle), my approach is to call MainSession.Disconnect(), create a disposable Session for each Save, and MainSession.Reconnect() after finishing the Save. Otherwise SQLite will throw "The database file is locked" exceptions. This seems to be working well so far, but past experience has made me nervous about keeping a session open for a long time (I ran into performance problems when I tried to use a single session for both Saves and Loads - the cache filled up, and bogged down everything - see http://stackoverflow.com/questions/2526675/commit-is-very-slow-in-my-nhibernate-sqlite-project). So, my question - is this a good approach, or am I looking at problems down the road? If it's a bad approach, what are the alternatives? I've considered opening and closing my main session whenever the user navigates with the grid, but it's not obvious to me how I would do that - hook every event from the grid that could possibly cause a lazy load? I have the nagging feeling that trying to manage my own sessions this way is fundamentally the wrong approach, but it's not obvious what the right one is.

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • What is the purpose of WCF reliable session?

    - by bsnote
    The documentation around this topic is poor. I use WCF services with NetTcpBinding hosted in Windows service. The problem is that a session is dropped when it is inactive for some time. What I need is the session which is always alive. Is WCF reliable session something that can help? Or I can just play with timeout settings?

    Read the article

  • Eclipse RAP - Firefox doesn't forget session

    - by Fritz H
    We've got an Eclipse RAP application that's behaving a bit strangely in Firefox - two distinct problems. When you browse around, you can click on a button in one part of the system. This opens a popup window like so: IWorkbenchBrowserSupport bs; bs = PlatformUI.getWorkbench().getBrowserSupport(); int style = IWorkbenchBrowserSupport.AS_EXTERNAL; IWebBrowser b = bs.createBrowser(style, getRandomID(), "Hello world", ""); b.openURL(new URL(...)); where the URL is another servlet in the application. This servlet is in the same runtime, but has nothing to do with RAP - it takes a binary blob from in-memory storage and dumps it in the output stream. Problem 1: This causes the HTTP session to die in firefox, and shows the "session expired" RAP error page with a link to restart the session. Problem 2: Now, when you click on the link to restart the session, it shows the application's dialog again, but the session expired error is shown again the moment you do anything. This prevents the user from using the system again, unless Firefox is closed down completely and restarted. A quick peek with FireBug reveals that the JSESSIONID passed by Firefox does not change. Has anyone seen this before?

    Read the article

  • Session state in asp.net mvc

    - by tiff
    I would like to know how to use session state in a simple log in log out in asp.net mvc.. I have a code here in my controller that I've retrieved from my mysql database for my session log in..but I don't really know how to manipulate it.. <AcceptVerbs(HttpVerbs.Post)> _ Function Index(ByVal username As String, ByVal password As String, ByVal department As String) As ActionResult Dim user As DataTable user = Account.userSelect(username:=username, password:=password, department:=department) If user.Rows.Count = 0 Then Return RedirectToAction("Index", "Home") Else Session("username") = user.Rows(0).Item("username") Session("department") = user.Rows(0).Item("department") Return RedirectToAction("News", "Administration") End If End Function Thank you!

    Read the article

  • ASP.NET Session State Error only on default document

    - by schmidty
    I have a site where when accessing via site.com/default.aspx everything is fine, however when accessing via site.com/ I get a session error as follows: "Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the \\ section in the application configuration." I have confirmed that default.aspx is the highest priority default document and that it is the page being loaded. However why is this session error only occurring when accessing via the default document? The server is 2008 R2 and IIS 7.5.

    Read the article

  • Sharing session state between 2 ASP.NET applications using SQL Server

    - by Dave
    Hi I'm working on a site that has a requirement to share session between a cms application and an online store application on the same domain eg. mydomain.com and store.mydomain.com I've made some progress with it and it works on my local build between localhost/cms and localhost/store Basically I have done what is suggested in this article http://blogs.msdn.com/toddca/archive/2007/01/25/sharing-asp-net-session-state-across-applications.aspx and hacked the TempGetAppID Stored Procedure to return the same application id (1). This appears to work as it creates sessions with ids like 'abv5d2urx1asscfwuzw3wp4500000001', which is what I'd expect. My issue is that when I deploy it to our testing environment, it creates a new session when I navigate between the 2 sites. So when I start a session on the cms site, if I navigate to the store, it creates a new session. These are set up as 2 different websites in IIS7. In the web.config files for both sites, the and elements are both the same and are as follows (minus sensitive information) Has anyone got an ideas why this might not be working? I am sharing Forms Authentication across the 2 sites and that works fine. Any help or ideas would be greatly appreciated! Many thanks Dave

    Read the article

  • PHP Session variables not passing across pages

    - by mitch
    Common problem, but I'm stumped. Session variables are passing across pages on my local (localhost) deployment, but not on my (www) host. I use a common includes file for each page with this code: $sessionDomain = "/"; @ini_set("session.cookie_path",$sessionDomain); $sessionName = "ccSID".md5('/store/'); session_name($sessionName); session_start(); I confirmed that the session ID cookie (ccSIDxxxxx...) remains the same across pages in my browser, but session variables don't seem to hold up when changing to a page in a different directory.

    Read the article

  • CodeIgniter extend user's session expiration time

    - by spacemonkey
    Hi, Is it possible to extend user's session expiration time in CI. What I want to do is, by default every user's session cookie lasts for example 1 day, but every time user visits the site his session expiration time is extended by one more day. I don't know if it is a good idea to do this, maybe I should just set cookies life time for like a week and that's it? Thanks!

    Read the article

  • ASP.NET and Session State/Login info

    - by V-Man
    Are Session variables (in ASP.NET) the safest way to store data relating to whether a user is logged in or not? i.e. Session["LoggedIn"] = 'No' I know Session variables can be spoofed so I assume there must be a safer way. Any ideas for ASP.NET? Thanks!

    Read the article

  • How to work with session variables in php mvc pattern

    - by Richard
    Hello, I just found out that I loose any reference to the session array if I create a new view and try to set a session variable in the controller. The array just comes out as empty. I actually try to use the session array to store the post vars from a multistep registration form. This was actually working when the php was spachetticode, but now that I dumpt everything in a mvc pattern, it is not functioning anymore. Can anyone explain what is going om here and possibly offer a solution om how to work with the session array? Thanks in adv, Richard

    Read the article

  • How to work with session variables in php mvc pattern

    - by Richard
    Hello, I just found out that I loose any reference to the session array if I create a new view and try to set a session variable in the controller. The array just comes out as empty. I actually try to use the session array to store the post vars from a multistep registration form. This was actually working when the php was spachetticode, but now that I dumpt everything in a mvc pattern, it is not functioning anymore. Can anyone explain what is going om here and possibly offer a solution om how to work with the session array? Thanks in adv, Richard

    Read the article

  • [java bean]hibernate Session breaks a java bean?

    - by blow
    Hi all, i have a simple JPanel bean in my projects, now i want to drag my panel bean class into my jframe. My panel bean class is like this: public class BeanPanel extends javax.swing.JPanel { /** Creates new form BeanPanel */ public BeanPanel () { initComponents(); Session session=HibernateUtil.getSessionFactory().openSession(); } This code seem to break the bean: Session session=HibernateUtil.getSessionFactory().openSession(); When i try to drag the class into my JFrame bean i had this error message: This component cannot be instantiated. Please make sure it is a JavaBeans Component If i comment it all works fine. What is the reason of this? Thanks.

    Read the article

  • stuck with enable session state

    - by Shrewd Demon
    hi i have an application wherein i am accessing the Session object in the CommonCode.cs file that resides in the App_Code folder. But when the session object is accessed the application throws me an error: Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the \\ section in the application configuration. Now i have already enabled the session state property in the web.config file, here is my code from the web.config file: <pages enableSessionState="true" autoEventWireup="true"> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </controls> </pages> I dont understand why am i still getting that error !! please help ! thanks a lot.

    Read the article

  • Session in Iframe working in Firefox but not in Internet Explorer

    - by Younes
    Im trying to get a form working in Internet Explorer. I see that when i submit this form in Firefox I can start a session and send my webbrowser to the right page based on that Session. In Internet Explorer however when i'm debugging the $_SESSION i retrieve an empty array back, this means that in Internet Explorer the session isn't started on my second page. This is the code i'm using to print the session on my second page: session_start(); //unset($_SESSION['bp_email']); include("includes/_dbconnect.php"); print_r($_SESSION); die();

    Read the article

  • Do session use cookies?

    - by Pandiya Chendur
    This is an interview question asked a month ago.... Do session use cookies? If so,how do they do so? Assume Session["UserId"]=1 how does this session variable uses cookies internally? If so, what will be the name of the cookie and what is the value of that cookie....

    Read the article

  • I Can Not Use Session In Page _Load And I Got Bellow Error

    - by LostLord
    hi my dear friends .... why i got this error : (Object reference not set to an instance of an object.) when i put this code in my page_load.: protected void Page_Load(object sender, EventArgs e) { BackEndUtils.OverallLoader(); string Teststr = Session["Co_ID"].ToString(); } ========================================================================== this session is made when user logins to my web site and this session works in other areas... thanks for your attention

    Read the article

  • Flex 3 / ColdFusion Session Issue?

    - by dcolumbus
    Alright so this is an odd one... I have an application built in ColdFusion with a lot of the interactivity done with Flex. When a user logs in, there are session variables, as well as the client session that is evoked. When you browse to any given Flex Application, the variables are read in a used accordingly... however, on Windows (it seems XP and maybe others) for some reason session information like USER are randomly undefined... Could this be an issue with the session timing out? Even if I force a logout and log back in, it doesn't really seem to fix the issue... mind you, I cannot duplicate the bug myself, but it constantly happens on PCs.

    Read the article

  • Zend_Auth and database session SaveHandler

    - by takeshin
    I have created Zend_Auth adapter implementing Zend_Auth_Adapter_Interface (similar to Pádraic's adapter) and created simple ACL plugin. Everything works fine with default session handler. So far, so good. As a next step I have created custom Session SaveHandler to persist session data in the database. My implementation is very similar to this one from parables-demo. Seems that everything is working fine. Session data are properly saved to the database, session objects are serialized, but authentication does not work when I enable this custom SaveHandler. I have debugged the authentication and all works fine up till the next request, when the authentication data are lost. I suspected, that is has something to do with the fact, that I use $adapter->write($object) instead $adapter->write($string), but the same happens with strings. I'm bootstrapping Zend_Application_Resource_Session in the first Bootstrap method, as early as possible. Does Zend_Auth need any extra configuration to persist data in the database? Why the authentity is being lost?

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >