Search Results

Search found 3284 results on 132 pages for 'sessions'.

Page 101/132 | < Previous Page | 97 98 99 100 101 102 103 104 105 106 107 108 | Next Page >

How to get JSON back from HTTP POST Request (to another domain)

- by roman m

I'm trying to use the API on a website, here's the part of the manual: Authenticated Sessions (taken from here) To create an authenticated session, you need to request an authToken from the '/auth' API resource. URL: http://stage.amee.com/auth (this is not my domain) Method: POST Request format: application/x-www-form-urlencoded Response format: application/xml, application/json Response code: 200 OK Response body: Details of the authenticated user, including API version. Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls. Parameters: username / password Example Request POST /auth HTTP/1.1 Accept: application/xml Content-Type: application/x-www-form-urlencoded username=my_username&password=my_password Response HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...; authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...== Content-Type: application/xml; charset=UTF-8 QUESTION: How do I get that to work? I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated. p.s. All I was looking for was WebClient class in C#

Read the article
How do I reuse code in Zend Framework

- by Mario

I am working on a web application which requires the user to login before they see or do anything. No part of this app should be accessible without being logged in. (Except of course, the login controller) Currently I am using sessions to handle the authentication and I have put code in each controller in the init() function to check if their session is valid. This was a temporary workaround, but it is redundant and inefficient. I would like my init() function to be similar to the following, but I am not sure how to achieve it: public function init() { // If user not logged in redirect to login controller $myLibrary = Zend_Library_MyLibrary(); $myLibrary->CheckAuth(); } So my question really has two parts: Where is the best place to store code that will be used in multiple controllers? How do I then call that function from a controller? Thanks.

Read the article
Why Shouldn't I Programmatically Submit Username/Password to Facebook/Twitter/Amazon/etc?

- by viatropos

I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save some time. But I keep wondering, not being an authentication guru, why couldn't I just have a sleek login page saying "Enter username and password, and check your login service", and then in the background either scrape the login page from say EventBrite and programmatically submit the form with Mechanize, or use an API if there was one? It would be so much cleaner and such a better user experience if they didn't have to go through popups and redirects and they could use any previously existing accounts. My question is: What are the reasons why I shouldn't do something like that? I don't know much about the serious details of cookies/sessions/security, so if you could be descriptive or point me to some helpful links that would be awesome. Thanks!

Read the article
Restoring web session in struts2

- by bozo

Hi, I have a classical scenario of a website and payment gateway integration, where the request for payment is sent to payment processor, and the payment processor calls back my application once it's done with some parameters I passed to it in the original request. Among parameters, we pass jsessionid and we expect that when the remote server makes request to our server (via customer browser redirect to our server) that the session will be the same as the session used to send the initial payment request. This does not happen, we have two different sessions, although the payment processor includes our original jsessionid in the request to us (https://blabla/?jsessionid=something). How should we go about recreating a session in struts2, in the only thing that connects the 'OLD' and 'NEW' session is the jsessionid in the request URL? Any ideas? Is this possible at all or is the 'OLD' session data deleted when the user moves away from our server onto a completely different domain of a payment processor with their data-entry form? This would explain our innability to recreate the session. Thanks a lot for your replies.

Read the article
Exception handling in Boost.Asio

- by Alex B

Boost.Asio documentation suggests the following exception handling pattern: boost::asio::io_service io_service; ... for (;;) { try { io_service.run(); break; // run() exited normally } catch (my_exception& e) { // Deal with exception as appropriate. } } The problem with it is that the context of exception is lost at the point when it's handled. For example, if I have multiple socket sessions going on, I don't know which one caused the exception to be thrown. What would be a better way to handle the exceptions from asynchronous handlers without wrapping them in try/catch blocks?

Read the article
Ruby Equivalent of Python Requests Library (HTTP Client)

- by Hartator

There is a library in python that I love called requests. requests is a http client build on urllib3, top-notch :) (http://docs.python-requests.org/en/latest/) I am looking for something similar in ruby, basically what I need is : Upload files support (multipart/form-data) Easy get/post Cookies can be passed from a response object to a request object (build manually login script) Stable and Flexible Sessions support (to not have to handle cookies manually if we don't have too) I've looked at Typhoeus, but the code example in the home page doesn't work (they have moved code along and the get method is not longer directly accessible like that), so it's not starting well! :) Curb seems nice and I like curl, there is alson RestClient which seems popular and em-http seems pretty fast according to benchmark. There is a aso Patron and CurlFu which I haven't have the time to try. And of course Net:Http. But it doesn't seems to have a main stream solution that everyone point. I think a lot of people have been in my situation and I wonder what they have choosen and why?

Read the article
Vim 80 column layout concerns

- by cdleary

I feel like the way I do 80-column indication in Vim is incorrect: set columns=80. At times I also set textwidth but I like to be able to see and anticipate line overflow with the set columns alternative. This has some unfortunate side effects -- I can't set number for fear of splitting between files that have different orders of line numbers; i.e. < 100 line files and = 100 line files will require two different set columns values because of the extra column used for the additional digit display. I also start new (g)Vim sessions instead of splitting windows vertically, which forces me to use the window manager's clipboard -- vsplits force me to do set columns every time I open or close a pane, so starting a new session is less hassle. How do you handle the 80-character indication when you want to set numbers, vertically split, etc.?

Read the article
How do I assign a non-persistent (in-memory) cookie in ASP.NET?

- by Jørn Schou-Rode

The following code will send a cookie to the user as part of the response: var cookie = new HttpCookie("theAnswer", "42"); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); The cookie is of the persistent type, which by most browsers will be written to disk and used across sessions. That is, the cookie is still on the client's PC tomorrow, even if the browser and the PC has been closed in between. After a week, the cookie will be deleted (due to line #2). Non-persistent/in-memory cookies are another bread of cookies, which have a lifespan determined by the duration of the client's browsing session. Usually, such cookies are held in memory, and they are discarded when the browser is closed. How do I assign an in-memory cookie from ASP.NET?

Read the article
VB.Net 2008 Chrome or Firefox control

- by AndyD273

I'm trying to figure out a way to have multiple sessions at the same website at the same time. I've been using the SHDocVw.InternetExplorer control in Visual Studio 2008 to open a web browser and log in, but at times we need to use a separate login. I haven't found a way to do this using just internet explorer (it just uses the credentials of the first login), so I figure if I can find a similar control for another brower that allows DOM level access then I can just use that. If anyone knows of anything I can try that would be very helpful.

Read the article
PHP: session isnt saving before header redirect

- by Matt

Hi guys, I have read through the php manual for this problem and it seems quite a common issue but i have yet to find a solution. I am saving sessions in a database. My code is as follows: // session $_SESSION['userID'] = $user->id; header('Location: /subdirectory/index.php'); Then at the top of index.php after the session_start(), i have var_dumped the $_SESSION global and the userID is not in there. As i said ive looked through the PHP manual (http://php.net/manual/en/function.session-write-close.php) and neither session_write_close or session_regenerate_id(true) worked for me. Does anybody know a solution? Edit: I have session_start() at the top of my file. When i var_dump the session global before the header redirect, i see the userID in there, but not in the other file, which is in a subdirectory of this script Thanks, Matt

Read the article
how to setup rails Authenticity Token to work with multiple domains?

- by bwizzy

I'm building an app that uses subdomains as account handles (myaccount.domain.com) and I have my sessions configured to work across the sub-domains like so: config.action_controller.session = {:domain => '.domain.com'} In addition to the subdomain a user can input a real domain name when they are creating their account. My Nginx config is setup to watch for *.com *.net etc, and this is working to serve out the pages. The problem comes when a site visitor submits a comment form on a custom domain that was input by the user. The code is throwing an "Invalid AuthenticityToken" exception. I'm 99% sure this is because the domain the user is on isn't specified as the domain in the config.action_controller.session. Thus the authenticity token isn't getting matched up because Rails can't find their session. So, the question is: Can you set config.action_controller.session to more than 1 domain, and if so can you add / remove from that value at runtime without restarting the app?

Read the article
how to check session upon start in masterpage or in global.asax

- by user572276

i am new in asp.net form authentication and sessions i would like to know how to save session in masterpage or in global.asax and how to clear session how to better handle session timeout by redirecting to a page this is my web.config session settings <sessionState mode="InProc" cookieless="false" timeout="1"></sessionState> code in my masterpage if (Request.Url.AbsolutePath.EndsWith("SessionExpired.aspx", StringComparison.InvariantCultureIgnoreCase)) { HtmlMeta meta = new HtmlMeta(); meta.HttpEquiv = "Refresh"; meta.Content = "7; URL=./Login.aspx"; Page.Header.Controls.Add(meta); } else HttpContext.Current.Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + "; Url=./Public/SessionExpired.aspx");

Read the article
Does PHP session conflict with Share-Nothing-Architecture?

- by Morgan Cheng

When I first meet PHP, I'm amazed by the idea Sharing-Nothing-Architecture. I once in a project whose scalaiblity suffers from sharing data among different HTTP requests. However, as I proceed my PHP learning. I found that PHP has sessions. This looks conflict with the idea of sharing nothing. So, PHP session is just invented to make counterpart technology of ASP/ASP.NET/J2EE? Should high scalable web sites use PHP session?

Read the article
IIS 6 session timing out a lot quicker than expected

- by Echiban

I am working with an web application that has its sessions timing out a lot quicker than expected. We expected a timeout of 15 minutes but it's timing out at 3-4 minutes. Info about environment: IIS6 classic ASP / COM+ app timeout OK on current PROD, much quicker in dev / QA environments We already disabled app pool recycling, and even put IIS in isolation mode - no effect HTTP err log doesn't display any lines when session times out We've done a close comparison of PROD and DEV / QA environments, and given we use virtual machines on all of them, settings should be preserved. I tried to find IIS blog notes from David Wang but many of them now have HTTP 404 errors, and I don't know what else to do. Please help! At the very least, is there a way to get IIS to log every time a session expires? At the very least some means of logging / debugging IIS would be useful. Thanks in advance.

Read the article
gvim "open in new window" should change directory to the one of the current file

- by Flavius

Hi I'm working in gvim with sessions and tabs, and everything works great. However there is something that is bothering me. Say I have two files open: /A/B/foo.ext and /C/D/E/bar.ext, the latter being opened last. Now say I want to open /A/B/foobar.ext. I have to go through the hassle of navigating upwards to / and from there to /A/B. I would like to simply change my active tab to /A/B/foo.ext and have gvim automatically change its active directory to /A/B/, so that when I want to open /A/B/foobar.ext with /A/B/foo.ext being active, I'm already in the right CWD. This would be very time-saving if you work with two different projects at a time and need to switch back and forth between the two. Is there any such script that does just that? Thanks.

Read the article
Wicket app in embedded Jetty causes UnsupportedClassVersionError

- by Ondra Žižka

I've tried to run a Wicket app in an embedded Jetty, using this code: public static void main( String[] args ){ Server server = new Server(8080); Context root = new Context( server, "/", Context.SESSIONS ); FilterHolder filterHolder = new FilterHolder( new WicketFilter() ); filterHolder.getInitParameters().put("applicationClassName", cz.dw.test.WicketApplication.class.getName() ); root.addFilter( filterHolder, "/*" , Handler.ALL ); try { server.start(); } catch (Exception ex) { ex.printStackTrace(); } } But I got java.lang.UnsupportedClassVersionError: Bad version number in .class file. Switching the target class version for my app (1.6 - 1.5) did not help. I use Sun JDK 1.6.0_17, Wicket 1.4.8, Jetty 6.1.24. I tried to debug, but the JRE classes have no debug data. The stacktrace is of no use as it happens when loading the classes into JVM. Any ideas what could be wrong? How can I find which class is causing this? Thanks, Ondra

Read the article
How Can I switch the session storage according to the client on Ruby on Rails 2.3.5

- by mojalin

Hi! I have a question about sessions on ruby-on-rails. We have a several options about session storage such as cookie, active_record_store, etc.. I primarily use the cookie storage, but, there are some client which doesn't support cookie function. In that case, I have to make that client to use the "active_record_store". My rails version is 2.3.5. I found out that even though I use the active_record_store, the cookie is still available. In my situation, both session storage might be available. So, I want to make the framework to primarily use the cookie, when the cookie is available. On the other hand, the client doesn't support the cookie, secondly to use the active_record_store. I think this function requires some override to the framework, but I don't know how to do it. Do you have any idea for that? Thank you very much in advance.

Read the article
Debugging kernel hang

- by l.thee.a

I am trying to run an app which is using a kernel mode driver. System locks up every hour and the only way to recover it is a hard reset. Sysrq stops responding, telnet sessions hang and there are no error messages of any kind. Unfortunately the board does not have ejtag support. I have been trying to isolate it functionally, but this is like looking for a needle in a hay stack. Any suggestions? PS: This is a mips linux system (2.6.31).

Read the article
Selectively prevent Session from being created

- by Jean Barmash

In my app, I have an external monitor that pings the app ever few minutes and measures its uptime / response time Every time the monitor connects, a new server session is created, so when I look at the number of sessions, it's always a minimum of 15, even during times where there are no actual users. I tried to address this with putting the session creation code into a filter, but that doesn't seem to do it - I guess session automatically gets created when the user opens the first page? all() { before = { if (actionName=='signin') { def session = request.session //creates session if not exists } } } I can configure the monitor to pass in a paramter if I need to (i.e. http://servername.com/?nosession, but not sure how to make sure the session isn't created.

Read the article
NHibernate parent-childs save redundant sql update executed

- by Broken Pipe

I'm trying to save (insert) parent object with a collection of child objects, all objects are new. I prefer to manually specify what to save\update and when so I do not use any cascade saves in mappings and flush sessions by myself. So basically I save this object graph like: session.Save(Parent) foreach (var child in Parent.Childs) { session.Save(child); } session.Flush() I expect this code to insert Parent row, then each child row, however NHibernate executes this SQL: INSERT INTO PARENT.... INSERT INTO CHILD .... UPDATE CHILD SET ParentId=@1 WHERE Id=@2 This update statement is absolutely unnecessary, ParentId was already set correctly in INSERT. How do I get rid of it? Performance is very important for me.

Read the article
align WMD editor's preview HTML with server-side HTML validation (e.g. no embedded javascript)

- by Justin Grant

There are many SO questions (e.g. here and here) about how to do server-side scrubbing of Markdown produced by the WMD editor to ensure the HTML generated doesn't contain malicious script, like this: <img onload="alert('haha');" src="http://www.google.com/intl/en_ALL/images/srpr/logo1w.png" /> This doesn't affect the WMD client's preview box. I doubt this is a big deal since if you're scrubbing the HTML on the server, an attacker can't save the bad HTML so no one else will be able to see it later and have their cookies stolen or sessions hijacked by the bad script. But it's still kinda odd to allow an attacker to run any script in the context of your site, and it's probably a bad idea to allow the client preview window to allow different HTML than your server will allow. StackOverflow has clearly plugged this hole. How did they do it? [NOTE: I already figured this out but it required some tricky javascript debugging, so I'm answering my own question here to help others who may want to do ths same thing]

Read the article
Templating Engine Pros and Cons with Zend Framework

- by manyxcxi

I am getting familiar with Zend Framework (and MVC with PHP in general) for a personal project. I have previous experience with Smarty and have no major gripes with it, but I would like to use this project as a good in-depth learning exercise. Those of you familiar with different templating engines and ZF: Do you believe there are better templating engines than Smarty in conjunction with ZF and why? I would like to apply what I learn to the real world and production environments. The personal project will be fairly robust. User management, sessions, security, database interaction, form input, jQuery, etc.

Read the article
how to initialize spring bean from database

- by wavelet

hi,i use spring security and my config is in database: <sec:http auto-config="true" entry-point-ref="casProcessingFilterEntryPoint"> <sec:remember-me /> <sec:session-management> <sec:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" /> </sec:session-management> <sec:logout logout-success-url="${host.url}/logout/" /> <sec:custom-filter ref="casAuthenticationFilter" after="CAS_FILTER" /> <sec:custom-filter ref="filterInvocationInterceptor" before="FILTER_SECURITY_INTERCEPTOR" /> </sec:http> like ${host.url} is in database how can i initialize ?

Read the article
TSQL ID generation

- by Markus

Hi. I have a question regarding locking in TSQL. Suppose I have a the following table: A(int id, varchar name), where id is the primary key, but is NOT an identity column. I want to use the following pseudocode to insert a value into this table: lock (A) uniqueID = GenerateUniqueID() insert into A values (uniqueID, somename) unlock(A) How can this be accomplished in terms of TSQL? The computation of the next id should be done with the table A locked in order to avoid other sessions to do the same operation at the same time and get the same id.

Read the article
ASP.NET MVC Session across subdomains

- by nccsbim071

Hi, In my website i have implemented custom session values. In which, on log on i set the session value to some object. This object is used to extract user specific data from db. now the problem is If user logs in with : test1.somesite.com and logs off and again logs in with: test2.somesite.com that user is still receiving the data from object specific to test1.somesite.com. the point is whichever site user frist logs in with the second time if he logs in with anathor subdomain he is always getting the data from previous sub domain login. on log out from specific domain i cleared all the sessions(tried everything): by putting HttpContext.session["UserDetail"] = null;, HttpContext.Session.Abandon() and also HttpContext.Session.Clear(); but nothing seems to work any help please

Read the article

< Previous Page | 97 98 99 100 101 102 103 104 105 106 107 108 | Next Page >