Search Results

Search found 14610 results on 585 pages for 'session storage'.

Page 121/585 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • Yahoo account remains open after using openID to login.why?

    - by hd
    hi i have added openid login with Yahoo! and Google in my site. it is ok and works fine. when users select for example Yahoo! to login to my site, they will be logged in in their yahoo mail account too. i think it is not secure because maybe they don't notice to this issue and leave computer while their email account is availble. what do you think about this and what is your solution for your own sites? as i notice the same story is for stackoverflow.com.

    Read the article

  • Thread Local Memory for Scratch Memory.

    - by Hassan Syed
    I am using Protocol Buffers and OpensSSL to generate, HMACs and then CBC encrypt the two fields to obfuscate the session cookies -- similar Kerberos tokens. Protocol Buffers' API communicates with std::strings and has a buffer caching mechanism; I exploit the caching mechanism, for successive calls in the the same thread, by placing it in thread local memory; additionally the OpenSSL HMAC and EVP CTX's are also placed in the same thread local memory structure ( see this question for some detail on why I use thread local memory and the massive amount of speedup it enables even with a single thread). The generation and deserialization, "my algorithms", of these cookie strings uses intermediary void *s and std::strings and since Protocol Buffers has an internal memory retention mechanism I want these characteristics for "my algorithms". So how do I implement a common scratch memory ? I don't know much about the rdbuf of the std::string object. I would presumeably need to grow it to the lowest common size ever encountered during the execution of "my algorithms". Thoughts ?

    Read the article

  • Php function available on other php page

    - by Vafello
    I have a function that I use on index.php page and I would like to call it from other php page (other.php). How to make this function available without redeclaration? I think it's achievable using sessions, but I am not sure how to do it exactly.

    Read the article

  • Get UserToken from Logon ID (LUID) (C++)

    - by strDisplayName
    Hey Everybody I'm trying to understand better how windows sessions work, so if I have some weird mistakes in the question, please, let me know :-) . I use LsaEnumerateLogonSessions() to get all the logged on sessions in the system. Now I have LUID that represents a log-on, and if I understand correctly, it represents a user that logged on or a build it user like SYSTEM. Now, if user X starts a process, windows gives that process a token that represents X. So here comes my question: Is there a way (in a windows service) to get the user's token from LUID? I know I can get it from a process HANDLE, but that is not what I want... Thanks a lot!

    Read the article

  • Why do I get "could not load type" error with my custom SessionStateProvider

    - by Rising Star
    My associate has created a custom SessionStateProvider for me to use with my ASP.net application. I add the file CustomSessionStateProvider to my VS2008 Web Application Project and put the appropriate reference in the web.config and it works fine. However, my supervisor wants me to set this up as a GAC reference. At my office, we have many DLLs we've created that we use as GAC references across different projects. If I add my CustomSessionStateProvider to the Global Assembly Cache, my pages throw a could not load type CustomASP.CustomSessionStateProvider error. Simple removing the DLL from the GAC makes it work again, but I want to set this up as a GAC reference. What could be causing this problem?

    Read the article

  • How to pass variable from jsf managed bean to jsp page

    - by cyberziko
    How can I pass a variable from JSF managed bean to JSP page. PS: I'm in portal context (liferay). I tried this: in Managed Bean: HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); request.setAttribute("var", "someTxt"); in JSP: <% String var = (String)request.getAttribute("var"); %> I don't get any result.

    Read the article

  • Why I am not that user after I load cookies?

    - by MoreFreeze
    I want to grab some site data, but it must be a login account. So I register it and login, I found some API about this site that can be used to grab data. I use this Chrome plugin "cookie.txt export" export cookies.txt, I copy all content it export and use following cmd like wget -x --load-cookies cookies.txt http://www.example.com/api/name=xxxx but it doesn't work. It download the page that need I login. So I think this site has some other verification strategy, how can I pass it? Whether I must input in browser manually?

    Read the article

  • last_login_at not working (null) w/ Authlogic Magic Columns...

    - by bgadoci
    I am using the Authlogicgem for authentication and most of it seems to be working great. Authlogic provides several columns that you can add to your Users table (for example) that it knows to fill in if they are present. i.e. login_count, current_login_ip, last_request_at and last_login_at. All seem to be working fine with the exception of the last_login_at field which is null for each user. Is there anything specific that could be causing this perhaps having to do with the user sessions, etc? I can post code if needed but wasn't sure what would relate to this.

    Read the article

  • I am confused about how to use @SessionAttributes

    - by yusaku
    I am trying to understand architecture of Spring MVC. However, I am completely confused by behavior of @SessionAttributes. Please look at SampleController below , it is handling post method by SuperForm class. In fact, just field of SuperForm class is only binding as I expected. However, After I put @SessionAttributes in Controller, handling method is binding as SubAForm. Can anybody explain me what happened in this binding. ------------------------------------------------------- @Controller @SessionAttributes("form") @RequestMapping(value = "/sample") public class SampleController { @RequestMapping(method = RequestMethod.GET) public String getCreateForm(Model model) { model.addAttribute("form", new SubAForm()); return "sample/input"; } @RequestMapping(method = RequestMethod.POST) public String register(@ModelAttribute("form") SuperForm form, Model model) { return "sample/input"; } } ------------------------------------------------------- public class SuperForm { private Long superId; public Long getSuperId() { return superId; } public void setSuperId(Long superId) { this.superId = superId; } } ------------------------------------------------------- public class SubAForm extends SuperForm { private Long subAId; public Long getSubAId() { return subAId; } public void setSubAId(Long subAId) { this.subAId = subAId; } } ------------------------------------------------------- <form:form modelAttribute="form" method="post"> <fieldset> <legend>SUPER FIELD</legend> <p> SUPER ID:<form:input path="superId" /> </p> </fieldset> <fieldset> <legend>SUB A FIELD</legend> <p> SUB A ID:<form:input path="subAId" /> </p> </fieldset> <p> <input type="submit" value="register" /> </p> </form:form>

    Read the article

  • How would a user stay logged in to a REST-based website?

    - by unforgiven3
    A year or so ago I asked this question: Can you help me understand this? “Common REST Mistakes: Sessions are irrelevant”. My question was essentially this: Okay, I get that HTTP authentication is done automatically on every message - but how? Is the username/password sent with every request? Doesn't that just increase attack surface area? I feel like I'm missing part of the puzzle. The answers I received made perfect sense in the context of a mobile (iPhone, Android, WP7) app - when talking to a REST service, the app would just send user credentials along with each request. That worked great for me. But now, I would like to better understand how one would secure a REST-like website, like StackOverflow itself or something like Reddit. How would things work if it was a user logged in via a web browser instead of logged in via an iPhone app? What happens when a user logs in? Are the credentials saved in the browser somehow? How would the browser know what credentials to send with subsequent REST requests? What if it's a JavaScript call to a webservice? How would the JavaScript call include user credentials? I'll be quite frank: my understanding of security when it comes to websites is pretty limited. I enjoyed working with REST services from an app perspective, but now I want to try and build a website that is based on REST principles, and I'm finding myself to be pretty lost. If there is anything in the above question that is unclear that you'd like me to clarify, please leave a comment and I'll address it.

    Read the article

  • ASP MVC: Keeping track of logged in users.

    - by user323395
    I'm creating a ASP MVC application. And because of the complex authorization i'm trying to build my own login system. (So i'm not using asp membership providers, and related classes). Now i'm able to create new accounts in the database with hashed passwords. But how do i keep track that a user is logged in. Is generating a long random number and putting this with the userID in the database and cookie enough? Sorry for my rather bad english! Ty in advance :)

    Read the article

  • Sharepoint UserProfileService

    - by user365984
    I've got a sharepoint site and a custom aspx portal, both under Windows Authentication. With the same machine, it happens that my sharepoint site returning me my current login, while my custom aspx returning me my domain admin account instead. Is there anyway that I could ensure both logins are the same? Otherwise, is there anyway to consume SPUserProfileService from a custom aspx portal? Mainly, I need to have the custom aspx portal to get sharepoint logon id. Nevertheless, i could still trigger AccessDenied.aspx in sharepoint to prompt for logins.

    Read the article

  • What is the pros and cons in using FormsAuthentication to persist login cookie?

    - by stacker
    What is the pros and cons in using FormsAuthentication to persist a login cookie? I see that StackOverflow ignore FormsAuthentication and instead implemented a different strategy to persist a login cookie. Pros Out of the box implementation for persistent login feature. Cons The login feature depends on the machine key which mean that I need to make sure that the machine key is the same on all the servers in the farm. The cookie contains wired encrypted values that don't really make sense to store in the cookie.

    Read the article

  • Adding keys to superglobals in php

    - by gautam kumar
    Is there any way by which I can add keys to superglobals in php without defining the corresponding values to those key? For example: $_SESSION['key']='set';//key` automatically gets defined. But I want to do something like this add_key($_SESSION,'key')//key is added to $_SESSION array. Is it possible?

    Read the article

  • How to refresh site if $_SESSION variable has changed

    - by 4ndro1d
    I'm writing in my $_SESSION variable from a database, when i clicked a link. public function getProjectById($id){ $query="SELECT * FROM projects WHERE id=\"$id\""; $result=mysql_query($query); $num=mysql_numrows($result); while ($row = mysql_fetch_object($result)) { $_SESSION['projectid'] = $row->id; $_SESSION['projecttitle'] = $row->title; $_SESSION['projectinfo'] = $row->info; $_SESSION['projecttext'] = $row->text; $_SESSION['projectcategory'] = $row->category; } } Now my variable is overwritten and I want to show these variables in my index.php like this: <div id="textContent"> <?php if(isset($_SESSION['projecttext']) && !empty($_SESSION['projecttext'])) { echo $_SESSION['projecttext']; }else { echo 'No text'; } ?></div> But of course, my page will not refresh automatically. How can I do that?

    Read the article

  • Connection: Keep-Alive and PHP sessions not working

    - by user366667
    We have a VB application that needs to run an specific flow on a PHP page. This application was correctly catching the PHPSESSID cookie and using it for all subsequent requests. However, PHP wasn't able to restore any changes made on $_SESSION variable. The variable was changed, saved, and on the next request it was restored as an empty array. We found out that changing the Connection header from "Keep-Alive" to "Close" fixed the issue. I couldn't find anything on the web saying that PHP sessions shouldn't be restored under Keep-Alive connections. Does anyone know why this was happening? PS: We didn't find anything weird or different on Apache, ModSecurity or PHP configuration settings.

    Read the article

  • CF Client Variables: is the CDATA - CGLOBAL relationship always 1:1?

    - by ciaranarcher
    Hi We've noticed something odd with our Coldfusion 8 client variables DB. We have many more (about 3 times as many) CGlobal entries as we have CData entries. I would have assumed that the relationship would be 1:1 on the cfid column. Has any one else noticed this before? I have ruled out old data, my sample is less than 3 hours old. We're using SQL Server 2000 to host the tables. Thanks in advance, Ciaran

    Read the article

  • php variable persistance

    - by Illes Peter
    I have two files: index.php /lib/user.php Index contains the form: <div class="<? echo $msgclass; ?>"> <? echo $msg; ?> </div> <form id="signin" action="/lib/user.php" method="post"> ... </form> User.php makes all the processing. It sets $msg to 'some error message' and $msgalert to 'error' in case of any error. At the end of processing it uses header() to redirect to index.php But after redirection $msg and $msgalert no longer persist and index only gets empty vars. How can i fix this?

    Read the article

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >