Search Results

Search found 3284 results on 132 pages for 'sessions'.

Page 100/132 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >

  • How does "Require SSL" affect ASP.NET MVC application lifecycle?

    - by Ragesh
    I have an application that taps into BeginRequest and EndRequest to set up and tear down NHibernate sessions like this: BeginRequest += delegate { CurrentSessionContext.Bind(SessionFactory.OpenSession()); }; EndRequest += delegate { var session = CurrentSessionContext.Unbind(SessionFactory); session.Dispose(); Container.Release(session); }; This works fine when deployed in IIS, until I check the "Require SSL" box. Once I do this, I get a NullReferenceException at session.Dispose(). I haven't debugged this yet and, yes, the fix is trivial, but I'm just curious about how "Require SSL" affects the lifecycle of a request. Is a session not set up on the server in these cases?

    Read the article

  • django objects.all() method issue

    - by xlione
    after I saved one item using MyModelClass.save() method of django in one view/page , at another view I use MyModelClass.objects.all() to list all items in MyModelClass but the newly added one always is missing at the new page. i am using django 1.1 i am using mysql middleware setting MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.middleware.locale.LocaleMiddleware', ) my model: class Company(models.Model): name = models.CharField(max_length=500) description = models.CharField(max_length=500,null=True) addcompany view def addcompany(request): if request.POST: form = AddCompanyForm(request.POST) if form.is_valid(): companyname = form.cleaned_data['companyname'] c = Company(name=companyname,description='description') c.save() return HttpResponseRedirect('/admins/') else: form = AddCompanyForm() return render_to_response('user/addcompany.html',{'form':form},context_instance=RequestContext(request)) after this page in another view i called this form in another view class CompanyForm(forms.Form): companies=((0,' '),) for o in CcicCompany.objects.all(): x=o.id,o.name companies+=(x,) company = forms.ChoiceField(choices=companies,label='Company Name') to list all companies but the recently added one is missing. The transaction should be successful, since after i do a apache server reboot , i can see the newly added company name Thanks for any help...

    Read the article

  • Flash, parameters, security

    - by Quandary
    Hi, I have a question: In Flash, I have the ability to save certain info onto the server. Now the problem is the user needs to be authenticated as admin in order to do so. I can't use sessions, since if you work longer than 20 minutes in the Flash application, the session is gone. The way I see it, I have 2 possibilities: 1. passing a parameter (bIsAdmin) to Flash from the Website. 2. Launch a http-get request, to get this value (bIsAdmin) from an ashx handler on application startup, when the session has not yet exired. In my opinion, both possibilities are not really secure... So, Which one is safer, 1 or 2? Or does anybody have a better idea ? In my opinion, 1 is safer, because with 2, you can just switch a packet tamperer in between, and bang, you're admin, with permission to save (or overwrite, =delete) anything.

    Read the article

  • grails Sql error

    - by Srinath
    Hi, I was getting issue wen using new Sql method in grails . import groovy.sql.Sql def datasource def organization_config = new Sql(dataSource) def orgs = organization_config.rows("select o.organizationId,o.name from organization o ") session.setAttribute("org_results", orgs); The application is running but getting these errors when restart tomcat server. SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: groovy.sql.GroovyRowResult java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: groovy.sql.GroovyRowResult Can any one please tell me wy this is coming . thanks in advance, sri..

    Read the article

  • Java - Google App Engine - InvalidClassException when I change a class that was stored in session sc

    - by Spines
    I updated my User class, and now whenever someone that had the old version of the User class stored in their session scope accesses my site, I get an InvalidClassException. javax.servlet.ServletException: java.lang.RuntimeException: java.io.InvalidClassException: User; local class incompatible: stream classdesc serialVersionUID = 4949038118012519093, local class serialVersionUID = -971500502189813151 How do I stop this error from happening for those users? I could probably invalidate everyone's sessions every time I want to update a class that gets stored in session scope, but is there a better way, so that my user's don't have to login again?

    Read the article

  • Amount of data stored in session

    - by srinannapa
    What technique should we use to make the httpsession object not loaded heavily with data. Example : Request 1 ---- httpSession loaded with an arraylist of 50,000 different objects. session.setAttribute("data",arraylist); Request 2 ---- httpSession loaded with an arraylist of 40,000 different objects. session.setAttribute("data",arraylist); Assume the server is loaded heavily with multiple sessions and huge data in them. Let us say from my above example request1..1000 at a time. Which means 1000 session objects with huge data. What is the alternate way to solve instead storing them in session like this?

    Read the article

  • Best Design for a Facebook clone on GAE Java

    - by charming30
    My current App is written in Python on GAE which can do Contacts management, Genealogy, Social Networking, Photo sharing, Telecom Integration (SMS, iVRS, URL Billing), CRON and performs business logic operations for our Mobile Apps. Current Architecture indlues python, django, jquery, memcache and few telecom APIs. Now, It feels that an SOA Architecture on GAE using Java would be really ideal and scalable for this kind of App where we want to build new features like widgets that users can turn on or off and third party developers can also develop and deploy features. Please correct me or improve the following design decision: UI (Current plan is GWT) Sessions, Security and ACL (Spring MVC 2.x) Reusable Business Logic components (?) Implementation of Web Services (?) Your advice would really help.

    Read the article

  • SDK for writing DVD's

    - by Matt Warren
    I need to add DVD writing functionality to an application I'm working on. However it needs to be able to write out files that are being grabbed "live" from a camera, over a long period of time. I can't wait until all the files are captured before I start writing them to the DVD, I need to write them out in chunks as I go along. I've looked at IMAPI v2, but the main problems seems to be that you need to point it to all the files you plan to write out to disk before you start the burning process. I know it has to concept of "sessions", which means you can write to the DVD in several parts, before you finally "close" it. But I was wondering if there were any other DVD writing SDK's that allow you to be constantly writing files to a DVD and in particular files that are only in memory. It would be more efficient if I didn't have to write the captured images out to hard before they are burned to DVD. The solution needs to work under .NET on Windows XP and vista

    Read the article

  • Session caching problem

    - by Levani
    I have a strange problem with php sessions. I use them for authorization on my site. I store two variables - currently logged in user's id and username in session. When I log in with one username, than log out and log in again with another username the previous user's id is returned using the session variable instead of the current user. The most strange thing is that this happens only when it comes to insert some data into database. When I directly echo this variable the correct id is displayed, but when I insert new record into database this variable sends incorrect id. Here is the php code I use for sending data into database: <?php session_start(); //connect database require_once 'dbc.php'; $authorID = $_SESSION['user_id']; if ( $authorID != 0 ) { $content = htmlentities($_POST["answ_content"],ENT_COMPAT,'UTF-8'); $dro = date('Y-m-d H:i:s'); $qID = $_POST["question_ID"]; $author = 'avtori'; $sql="INSERT INTO comments (comment_ID, comment_post_ID, comment_author, comment_date, comment_content, user_id) VALUES (NULL, '$qID', '$author', '$dro', '$content', '$authorID')"; $result = mysql_query($sql); } else { echo 'error'; } ?> Can anyone please help? Here is the logout function: function logout() { global $db; session_start(); if(isset($_SESSION['user_id']) || isset($_COOKIE['user_id'])) { mysql_query("update `users` set `ckey`= '', `ctime`= '' where `id`='$_SESSION[user_id]' OR `id` = '$_COOKIE[user_id]'") or die(mysql_error()); } /************ Delete the sessions****************/ unset($_SESSION['user_id']); unset($_SESSION['user_name']); unset($_SESSION['user_level']); unset($_SESSION['HTTP_USER_AGENT']); session_unset(); session_destroy(); /* Delete the cookies*******************/ setcookie("user_id", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); header("Location: index.php"); } Here is the authentication script: include 'dbc.php'; $err = array(); foreach($_GET as $key => $value) { $get[$key] = filter($value); //get variables are filtered. } if ($_POST['doLogin']=='Login') { foreach($_POST as $key => $value) { $data[$key] = filter($value); // post variables are filtered } $user_email = $data['usr_email']; $pass = $data['pwd']; if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE $user_cond AND `banned` = '0' ") or die (mysql_error()); $num = mysql_num_rows($result); // Match row found with more than 1 results - the user is authenticated. if ( $num > 0 ) { list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result); if(!$approved) { //$msg = urlencode("Account not activated. Please check your email for activation code"); $err[] = "Account not activated. Please check your email for activation code"; //header("Location: login.php?msg=$msg"); //exit(); } //check against salt if ($pwd === PwdHash($pass,substr($pwd,0,9))) { // this sets session and logs user in session_start(); session_regenerate_id (true); //prevent against session fixation attacks. // this sets variables in the session $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); //update the timestamp and key for cookie $stamp = time(); $ckey = GenKey(); mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error()); //set a cookie if(isset($_POST['remember'])){ setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/"); } if(empty($err)){ header("Location: myaccount.php"); } } else { //$msg = urlencode("Invalid Login. Please try again with correct user email and password. "); $err[] = "Invalid Login. Please try again with correct user email and password."; //header("Location: login.php?msg=$msg"); } } else { $err[] = "Error - Invalid login. No such user exists"; } }

    Read the article

  • How do I debug random Timeout::Error: execution expired

    - by ChrisH
    We are using Rails 2.3.5 and have been experiencing seemingly random Timeout::Error: execution expired errors. The errors reported by Hoptoad are not consistently in any particular controller and show up everywhere from user sessions to account settings to some of our core functionality controllers. The vast majority of requests do not Timeout but there are enough to cause concern. Is this normal? If so, what are some things to look at to decrease the occurance? If not, has anyone run into this and what are some common problems that can trigger an error like this.

    Read the article

  • ReSharper wrapping test result stacktraces?

    - by lance
    ReSharper 4.5's test runner will run MSTest tests out of the box, and that's what I'm doing. When a test fails, I click on the test to see the stacktrace and the failure reason. The pane I'm clicking in to do this is the "Unit Test Sessions" pane. The lower half of this pane (or the right half, if you have it configured that way) shows the reason and stacktrace for the failure. This section/pane does not word wrap, so I have to use the mouse to scroll left and right all the time. How can I make this reason/stacktrace pane word wrap?

    Read the article

  • How best to pre-install OR pre-load OR cache JavaScript library to optimize performance?

    - by Kabeer
    Hello. I am working for an intranet application. Therefore I have some control on the client machines. The JavaScript library I am using is somewhat big in size. I would like to pre-install OR pre-load OR cache the JavaScript library on each machine (each browser as well) so that it does not travel for each request. I know that browsers do cache a JavaScript library for subsequent requests but I would like the library to be cached once for all subsequent requests, sessions and users. What is the best mechanism to achieve this?

    Read the article

  • php custom forum error

    - by phillip morris
    i have a form, and i want to have it be limited at 10 characters minimum. that is no problem, but what i want to do is echo the error at the top of the page, which is being included, so i cant just do: echo '<div class="error">Error</div>'; i want to have a designated div that is empty (will be on the included header page), but when there is an error it gets filled with the error text to output. anyone know how to do this not using sessions or cookies?

    Read the article

  • How to integrate Facebook the new Graph Api with Authlogic in Ruby on Rails?

    - by amrnt
    I've began with a new project using Authlogic system for Authorization. And I'm now wondering how could I connect Facebook oAuth sessions with my Authlogic session! First of all I want to use and Authlogic-oAuth Gems/Plugins, I what I want to use are just http://github.com/intridea/oauth2 and the interesting http://github.com/nsanta/fbgraph and associate them all with Authlogic. I tried using Authlogic with authlogic-connect extension, but It didnt fill up my needs. And I think the three of the amazing gems above togother will make things done in quality and as I want. Thanks in advance.

    Read the article

  • Using Java server-side with PHP-generated front-end

    - by Storm
    Hi!  Does anyone have a real-world experience in building such a project? I'd like to move away questions about "is it good idea or not", but focus on possible solutions. I see one simple way - HTTP GET/POST + xml/json - and one more elegant - AJAX/DWR. As for the first one - I understand that it is possible, but needs quite a lot coding. As for second way - is it possible to use Java DWR engine with PHP front-end? Is DWR language-independent for client side (as it uses just JavaScript)?  Would it be a problem, that client page was generated by one web server (for example, apache+php) and served on server-side by another (for example, tomcat)? I suspect, that Tomcat will complain about sessions. Can this problem be fixed with allowing cross-domain AJAX? Thank you in advance. Denis.

    Read the article

  • Replay attacks for HTTPS requests

    - by MatthewMartin
    Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

    Read the article

  • Servlet Session - switch from URL Rewriting to Cookie

    - by lajuette
    Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to the target system. For that i need a valid session cookie. The target system is not under my control (could be a more or less public WFS, WMS, etc.), so i cannot add any SSO mechanism to it. Question: Is it possible to "steal" a Session forging a request which URL contains a valid session ID in the jsessionid parameter? Goal : Issue such a request to a Servlet and make it respond with a Set-Cookie header that contains the same id. That way the frontend joins the session and may do whatever the user, which was used to create the session, is able to do.

    Read the article

  • CascadeType problem in One to Many Relation

    - by Milad.KH
    Hi I have two classes which have a Unidirectional One to Many relation with each other. public class Offer{ ... @OneToMany(cascade=CascadeType.ALL) @JoinTable(name = "Offer_Fields", joinColumns = @JoinColumn(name = "OFFER_ID"), inverseJoinColumns = @JoinColumn(name = "FIELDMAPPER_ID")) private Set<FieldMapper> fields = new HashSet<FieldMapper>(); } public class FieldMapper{ ... } I want to store an Offer with a set of FieldMapper to database. When I Use CascadeType.ALL in my OneToMany, I got this error: org.hibernate.HibernateException: Illegal attempt to associate a collection with two open sessions and when I change CascadeType to something else I got this error: org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: com.RCSTT.library.FieldMapper Thanks for your help.

    Read the article

  • ActiveMQ - Removing queues programatically

    - by Eduardo Z.
    Fellow StackOverflowers, is there a way for me to remove a queue or a topic in ActiveMQ programatically? I am using ActiveMQ's standard persistency, and my application requires that, on startup, all new queues be dynamically re-created (unless there are messages stored in the queue, in which case, the queue should remain to exist). I am also creating all queues programatically through sessions. Is there an equivalent to that procedure, only to delete a queue? Querying and iterating through the existing queues would also be useful, but i haven't found a way to do that yet. Please help an ActiveMQ noob! =)

    Read the article

  • Using Java server-side with PHP front-end

    - by Storm
    Hi!  Does anyone have a real-world experience in building such a project? I'd like to move away questions about "is it good idea or not", but focus on possible solutions. I see one simple way - HTTP GET/POST + xml/json - and one more elegant - AJAX/DWR. As for the first one - I understand that it is possible, but needs quite a lot coding. As for second way - is it possible to use Java DWR engine with PHP front-end? Is DWR language-independent for client side (as it uses just JavaScript)?  Would it be a problem, that client page was generated by one web server (for example, apache+php) and served on server-side by another (for example, tomcat)? I suspect, that Tomcat will complain about sessions. Can this problem be fixed with allowing cross-domain AJAX? Thank you in advance. Denis.

    Read the article

  • Using a JMS Session from different threads

    - by Evan
    From the javadoc for Session it states: A Session object is a single-threaded context for producing and consuming messages. So I understand that you shouldn't use a Session object from two different threads at the same time. What I'm unclear on is if you could use the Session object (or children such as a Queue) from a different thread than the one it created. In the case I'm working on, I'm considering putting my Session objects into a pool of available sessions that any thread could borrow from, use, and return to the pool when it is finished with it. Is this kosher? (Using ActiveMQ BTW, if that impacts the answer at all.)

    Read the article

  • Oracle global lock across process

    - by Jimm
    I would like to synchronize access to a particular insert. Hence, if multiple applications execute this "one" insert, the inserts should happen one at a time. The reason behind synchronization is that there should only be ONE instance of this entity. If multiple applications try to insert the same entity,only one should succeed and others should fail. One option considered was to create a composite unique key, that would uniquely identify the entity and rely on unique constraint. For some reasons, the dba department rejected this idea. Other option that came to my mind was to create a stored proc for the insert and if the stored proc can obtain a global lock, then multiple applications invoking the same stored proc, though in their seperate database sessions, it is expected that the stored proc can obtain a global lock and hence serialize the inserts. My question is it possible to for a stored proc in oracle version 10/11, to obtain such a lock and any pointers to documentation would be helpful.

    Read the article

  • PHP multiuser login class or script

    - by FFish
    I am looking for a simple but secure login script with mySQL PHP: sessions, MD5 that I can use with my exsisting database. Cookies to store password + password recovery by email. Change login/pass. I do not need registering, I register the user myself with temp login/pass. table agents agent1 agent2 table albums album1, owner: agent1 album2, owner: agent1 album3, owner: agent2 ... login.php agent1 logs in and has access to his albums: - album1 - album2 agent1 can edit his albums: edit.php?ref=album1 but NOT edit.php?ref=album3 by changing the ?ref variable

    Read the article

  • Setting a property value on each of the results in a FetchedResults set

    - by RickiG
    Hi On my Core Data Entity "Book" i have a boolean property, 'wasViewed' (NSNumber numberWithBool) that tells me if the Book was "viewed". I would like to implement a sort of "reset" this property for all my NSManagedObjects "Book". So that I can set them all to NO between sessions. I use an NSPredicate to retrieve all the Books like this: NSPredicate *predicate = [NSPredicate predicateWithFormat:@"wasViewed == %@", [NSNumber numberWithBool:YES]]; // code for setting entity, request etc... NSMutableArray *mutableFetchResults = [[[managedObjectContext executeFetchRequest:request error:&error] mutableCopy] autorelease]; This is working just fine, however, now I need to set up a loop, go through each Book object, something like this: for(Book *b in mutableFetchResults) { [b setWasViewed:NO] } Is there a way to perform an action on each element that fits the predicate instead of retrieving it? So instead of executeFetchRequest on a managedObjectContext it could be executeOperationOnFetchRequestResults or something along those lines. Thanks for any input given:)

    Read the article

  • How to get JSON back from HTTP POST Request (to another domain)

    - by roman m
    I'm trying to use the API on a website, here's the part of the manual: Authenticated Sessions (taken from here) To create an authenticated session, you need to request an authToken from the '/auth' API resource. URL: http://stage.amee.com/auth (this is not my domain) Method: POST Request format: application/x-www-form-urlencoded Response format: application/xml, application/json Response code: 200 OK Response body: Details of the authenticated user, including API version. Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls. Parameters: username / password Example Request POST /auth HTTP/1.1 Accept: application/xml Content-Type: application/x-www-form-urlencoded username=my_username&password=my_password Response HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...; authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...== Content-Type: application/xml; charset=UTF-8 QUESTION: How do I get that to work? I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated. p.s. All I was looking for was WebClient class in C#

    Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >