Search Results

Search found 1869 results on 75 pages for 'rich armstrong'.

Page 14/75 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • How to get a debug flow of execution in C++

    - by Rich
    Hi, I work on a global trading system which supports many users. Each user can book,amend,edit,delete trades. The system is regulated by a central deal capture service. The deal capture service informs all the user of any updates that occur. The problem comes when we have crashes, as the production environment is impossible to re-create on a test system, I have to rely on crash dumps and log files. However this doesn't tell me what the user has been doing. I'd like a system that would (at the time of crashing) dump out a history of what the user has been doing. Anything that I add has to go into the live environment so it can't impact performance too much. Ideas wise I was thinking of a MACRO at the top of each function which acted like a stack trace (only I could supply additional user information, like trade id's, user dialog choices, etc ..) The system would record stack traces (on a per thread basis) and keep a history in a cyclic buffer (varying in size, depending on how much history you wanted to capture). Then on crash, I could dump this history stack. I'd really like to hear if anyone has a better solution, or if anyone knows of an existing framework? Thanks Rich

    Read the article

  • Long primitive or AtomicLong for a counter?

    - by Rich
    Hi I have a need for a counter of type long with the following requirements/facts: Incrementing the counter should take as little time as possible. The counter will only be written to by one thread. Reading from the counter will be done in another thread. The counter will be incremented regularly (as much as a few thousand times per second), but will only be read once every five seconds. Precise accuracy isn't essential, only a rough idea of the size of the counter is good enough. The counter is never cleared, decremented. Based upon these requirements, how would you choose to implement your counter? As a simple long, as a volatile long or using an AtomicLong? Why? At the moment I have a volatile long but was wondering whether another approach would be better. I am also incrementing my long by doing ++counter as opposed to counter++. Is this really any more efficient (as I have been led to believe elsewhere) because there is no assignment being done? Thanks in advance Rich

    Read the article

  • MySQL connection attempt works fine in 5.2.9 but not in 5.3.0 - Help?

    - by Rich
    Hi, I'm having trouble making a secondary MySQL connection (to a separate, external DB) in my code. It works fine in PHP 5.2.9 but fails to connect in PHP 5.3.0. I'm aware of (at least some) of the changes needed to make successful MySQL connections in the newer version of PHP, and have succeeded before, so I'm not sure why it isn't working this time. I already have a db connection open to a local database. This function below is then used to make an additional connection to a separate, remote directory. The included config file simply contains the external database details (host, user, pass and name). I have checked and it is being included correctly. function connectDP() { global $dpConnection; include("secondary_db_config.php); $dpConnection = mysql_connect($dp_dbHost, $dp_dbUser, $dp_dbPass, true) or DIE("ERROR: Unable to connect to Deployment Platform"); mysql_select_db($dp_dbName, $dpConnection) or DIE("ERROR 006: Unable to select Deployment Platform Database"); } I then attempt to make this new connection simply by calling this function externally: connectDP(); But when loading the page (in 5.3.0), I get the message: ERROR: Unable to connect to Deployment Platform I'm using the optional new_link flag boolean as the fourth argument in the mysql_connect() function and it's still not working. I've been wracking my brain this morning trying to figure out why this connection doesn't work (while I've done something very similar elsewhere to a separate second database that does work). Any help would be appreciated. Thanks! Rich

    Read the article

  • Is there a maximum number of input controls that can be used on an HTML form?

    - by Rich
    I have an ambitious requirement for an asp.net 2.0 web page that contains a table (gridview), and each row in the grid contains 6 select (dropdown) controls for data entry. The number of rows that will be displayed is dependent upon the user's search parameters, which are specified in another area of the page. Unfortunately, with the default (and even basic) search parameters specified, the grid could contain several hundred rows. I've noticed that the browser, in this case IE8, starts behaving rather erratically once I reach a large number of rows -- no documented evidence for the number of rows where this begins to be a problem. For example, trying to view the source of the page results in a message from IE stating that there was a problem with the page that forced the browser to reload it, and I never get the source. Obviously the page loads and renders rather slowly also. I know that my solution is probably going to involve paging the gridview such that it only displays 20 or so rows per page, and I'll have to write code to handle the saving of changes in the dropdown values when the user changes pages. I can probably turn off viewstate on the gridview also. However, the question I really want to pose is this -- has anyone seen a documented rule indicating the maximum number of input controls that an HTML browser form is supposed to be able to contain? I could not find anything on the Internet after doing a search, and I suspect the answer may be whatever the browser can handle based on the machine configuration it is running on. Any rules of thumb you use? Thanks for any suggestions. Rich

    Read the article

  • Webcast Replay Available: E-Business Suite Data Protection

    - by BillSawyer
    I am pleased to release the replay and presentation for the latest ATG Live Webcast: E-Business Suite Data Protection (Presentation)   Robert Armstrong, Product Strategy Security Architect and Eric Bing, Senior Director discussed the best practices and recommendations for securing your E-Business Suite data.Finding other recorded ATG webcasts The catalog of ATG Live Webcast replays, presentations, and all ATG training materials is available in this blog's Webcasts and Training section.

    Read the article

  • Perl IO modules possibly causing issues in Net::DNS module

    - by Rich
    Hi! I’m porting some software that I wrote for a White Russian OpenWRT system to a new Kamikaze 8.09.1 OpenWRT system but I am having some serious issues that I’m hoping you can help me with. Old system Linux kernel 2.4.34 MIPSEL arch Perl 5.8.7 Net::DNS 0.48 IO 1.21 IO::Socket 1.28 IO::Socket::INET 1.28 New system Linux kernel 2.6.26.8 MIPS arch Perl 5.10.0 Net::DNS 0.66 IO 1.23_01 IO::Socket 1.30_01 IO::Socket::INET 1.31 First, let me provide some background information… I am trying to resolve my server (clearprobe.winbeam.com) from within my Perl program and see the following if I enable debugging in Net::DNS: resolve: Server 'clearprobe-ddns.winbeam.com' ;; query(clearprobe-ddns.winbeam.com) ;; setting up an AF_INET() family type UDP socket ;; send_udp(192.168.88.1:53) ;; send_udp(4.2.2.2:53) ;; send_udp(192.168.88.1:53) ;; send_udp(4.2.2.2:53) resolve: res->errorstring: query timed out Both of these servers resolve clearprobe.winbeam.com fine from the command line: root@cwb-2-11:~# echo “nameserver 192.168.88.1” > /etc/resolv.conf root@cwb-2-11:~# nslookup clearprobe-ddns.winbeam.com Server: 192.168.88.1 Address 1: 192.168.88.1 router Name: clearprobe-ddns.winbeam.com Address 1: 64.13.48.40 64-13-48-40.war.clearwire-dns.net root@cwb-2-11:~# echo “nameserver 4.2.2.2” > /etc/resolv.conf root@cwb-2-11:~# nslookup clearprobe-ddns.winbeam.com Server: 4.2.2.2 Address 1: 4.2.2.2 vnsc-bak.sys.gtei.net Name: clearprobe-ddns.winbeam.com Address 1: 64.13.48.40 64-13-48-40.war.clearwire-dns.net Using Perl’s call to the C gethostbyaddr() function works fine, but I need to do another lookup later in the software which requires that I specify the nameserver (clearprobe-ddns.winbeam.com is the authority for my internal DNS zone), hence my Net::DNS requirement. Now, here is the IO module-specific information: What I am seeing is that the reply is coming back from the nameserver (confirmed via tcpdump – I can send the captures if you’d like), but the UDP packets are sitting in the process’s UDP receive queue pending reception by Net::DNS (the approx 1752 bytes per response stay queued waiting for $sel-can_read()): root@cwb-2-11:~# netstat -una Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 1752 0 0.0.0.0:52680 0.0.0.0:* root@cwb-2-11:~# netstat -una Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 5256 0 0.0.0.0:52680 0.0.0.0:* If I force $sock[AF_INET]-recv($buf, $self-_packetsz) around line 803 of /usr/lib/perl5/5.10/Net/DNS/Resolver/Base.pm, instead of waiting for IO::Select’s can_read() function ( @ready = $sel-can_read($timeout)) to populate @ready, the response is received and processed. Any idea what could be causing this issue? In a possibly related matter, I noticed in another script that the following code fails in the same manner (network responses stay in the process’s TCP receive queue) with the new system: $sock = new IO::Socket::INET( PeerAddr => "$server", PeerPort => 37, Proto => 'tcp', Timeout => 5 ); Whereas the following code works: $sock = new IO::Socket::INET( PeerAddr => "$server", PeerPort => 37, Proto => 'tcp' ); I have looked through the NET::DNS code and don’t see a timeout passed for the UDP sockets, so I am not sure if that this is related or not. Please let me know if I can provide you with any further information in order to help diagnose this issue. Thanks! -Rich

    Read the article

  • Is That REST API Really RPC? Roy Fielding Seems to Think So.

    - by Rich Apodaca
    A large amount of what I thought I knew about REST is apparently wrong - and I'm not alone. This question has a long lead-in, but it seems to be necessary because the information is a bit scattered. The actual question comes at the end if you're already familiar with this topic. From the first paragraph of Roy Fielding's REST APIs must be hypertext-driven, it's pretty clear he believes his work is being widely misinterpreted: I am getting frustrated by the number of people calling any HTTP-based interface a REST API. Today’s example is the SocialSite REST API. That is RPC. It screams RPC. There is so much coupling on display that it should be given an X rating. Fielding goes on to list several attributes of a REST API. Some of them seem to go against both common practice and common advice on SO and other forums. For example: A REST API should be entered with no prior knowledge beyond the initial URI (bookmark) and set of standardized media types that are appropriate for the intended audience (i.e., expected to be understood by any client that might use the API). ... A REST API must not define fixed resource names or hierarchies (an obvious coupling of client and server). ... A REST API should spend almost all of its descriptive effort in defining the media type(s) used for representing resources and driving application state, or in defining extended relation names and/or hypertext-enabled mark-up for existing standard media types. ... The idea of "hypertext" plays a central role - much more so than URI structure or what HTTP verbs mean. "Hypertext" is defined in one of the comments: When I [Fielding] say hypertext, I mean the simultaneous presentation of information and controls such that the information becomes the affordance through which the user (or automaton) obtains choices and selects actions. Hypermedia is just an expansion on what text means to include temporal anchors within a media stream; most researchers have dropped the distinction. Hypertext does not need to be HTML on a browser. Machines can follow links when they understand the data format and relationship types. I'm guessing at this point, but the first two points above seem to suggest that API documentation for a Foo resource that looks like the following leads to tight coupling between client and server and has no place in a RESTful system. GET /foos/{id} # read a Foo POST /foos/{id} # create a Foo PUT /foos/{id} # update a Foo Instead, an agent should be forced to discover the URIs for all Foos by, for example, issuing a GET request against /foos. (Those URIs may turn out to follow the pattern above, but that's beside the point.) The response uses a media type that is capable of conveying how to access each item and what can be done with it, giving rise to the third point above. For this reason, API documentation should focus on explaining how to interpret the hypertext contained in the response. Furthermore, every time a URI to a Foo resource is requested, the response contains all of the information needed for an agent to discover how to proceed by, for example, accessing associated and parent resources through their URIs, or by taking action after the creation/deletion of a resource. The key to the entire system is that the response consists of hypertext contained in a media type that itself conveys to the agent options for proceeding. It's not unlike the way a browser works for humans. But this is just my best guess at this particular moment. Fielding posted a follow-up in which he responded to criticism that his discussion was too abstract, lacking in examples, and jargon-rich: Others will try to decipher what I have written in ways that are more direct or applicable to some practical concern of today. I probably won’t, because I am too busy grappling with the next topic, preparing for a conference, writing another standard, traveling to some distant place, or just doing the little things that let me feel I have I earned my paycheck. So, two simple questions for the REST experts out there with a practical mindset: how do you interpret what Fielding is saying and how do you put it into practice when documenting/implementing REST APIs? Edit: this question is an example of how hard it can be to learn something if you don't have a name for what you're talking about. The name in this case is "Hypermedia as the Engine of Application State" (HATEOAS).

    Read the article

  • Parsing Twitter API Datestamp

    - by Chris Armstrong
    I'm using the twitter API to return a list of status updates and the times they were created. It's returning the creation date in the following format: Fri Apr 09 12:53:54 +0000 2010 What's the simplest way (with PHP or Javascript) to format this like 09-04-2010?

    Read the article

  • Get UiBinder widget to display inline instead of block

    - by Steve Armstrong
    I'm trying to get my UiBinder-defined widget to display inline, but I can't. My current code is: <ui:UiBinder xmlns:ui='urn:ui:com.google.gwt.uibinder' xmlns:g='urn:import:com.google.gwt.user.client.ui'> <ui:style> .section { border: 1px solid #000000; width: 330px; padding: 5px; display: run-in; } </ui:style> <g:HTMLPanel> <div class="{style.section}"> <div ui:field="titleSpan" class="{style.title}" /> <div class="{style.contents}"> <g:VerticalPanel ui:field="messagesPanel" /> </div> </div> </g:HTMLPanel> </ui:UiBinder> This works fine in terms of how the widget looks internally, but I want to throw a bunch of these widgets into a FlowPanel and have them flow when the window is resized. The HTMLPanel is a div, but I can't get the display attribute to assign. I can't force the style name, since the following throws an error: <g:HTMLPanel styleNames="{style.section}"> And I can assign an additional style, but it doesn't apply the display setting. <g:HTMLPanel addStyleNames="{style.section}"> This displays the border and sets the size, as expected, but it doesn't flow. Firebug shows the styles on the div are border, width, and padding, but no display. Is there a way to make a widget in UiBinder so that it'll display inline instead of block? And if so, can I make it compatible with having a VerticalPanel inside (can I do it without making the entire widget pure HTML without any GWT widgets)? PS: I saw question 2257924 but it hasn't had any answers lately, and he seems to be focused on getting a tag, not specifically getting inline layout. I don't care directly about , if I can just get the top-level tag for my widget to flow inline, I'm happy.

    Read the article

  • Paypal subscriptions IPN - problem with users subscribing multiple times

    - by Brian Armstrong
    I'm using paypal subscriptions and the instant payment notification (IPN) to handle subscribers on my site. For the most part it works well but there is one occasional problem I've encountered. Usually if a user cancels their subscription, I wait for the "end of term" (subscr_eot) notification before disabling access to my site. So if they prepay for the whole month, and then cancel right away, they still have access for the rest of the month (as it should be). But some users are having this problem where they: Cancel their subscription Before the "end of term" is reached they decide to re-subscribe When the "end of term" is reached for their first subscription, my app receives the notification and fires off an email to the user with something like "your account has been disabled, if you ever want to sign up again, you can re-subscribe by clicking here". This confuses them because they are thinking...that's weird, I thought I subscribed like a week ago (and they did). So they go subscribe AGAIN. Now they have two concurrent running subscriptions to my site and I get a support email in a month or two ("wtf you billed me twice this month jerk!!") So I haven't found a good way to fix this. I guess the best solution would be to do an additional API call when the "end of term" notification is received which asks paypal "hey did this person already re-subscribe?". If so then no need to fire off that email. But I haven't seen any way to do this API call yet. Another solution is to disable their account immediately when they cancel (the "subscr_cancel" notification) but then I get different angry support emails "hey I prepaid for the whole month why was my account disabled already!!". Anyone else solved this?

    Read the article

  • Is there a difference between plain text emails, and multipart emails with only plain text?

    - by Brian Armstrong
    I'm using Rails to send emails and I just want to send a plain text email (there is no corresponding HTML part). I've noticed that if I just have one file named email.text.plain.erb it actually generates a multipart email with one part (the plain text part) like this: Content-Type: multipart/alternative; boundary=mimepart_4c04a2d34c4bb_690a4e56b0362 --mimepart_4c04a2d34c4bb_690a4e56b0362 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: Quoted-printable Content-Disposition: inline text of the email here... --mimepart_4c04a2d34c4bb_690a4e56b0362-- But if I take out the text.plain part and name it email.erb ActionMailer generates a regular plain text email without multipart like this: Content-Type: text/plain; charset=utf-8 text of the email here... Both work fine most of the time (so this is kind of nitpicky), but I guess my question is whether the second one is more correct. My goal here is just to make sure deliverability is as high as possible across a wide variety of devices and email clients. I've read that plain text emails can have slightly better deliverability rates than html and was just curious if throwing in this multipart (even if it only contained a plain text part) might throw off some of the dumber email clients. Thanks for your help!

    Read the article

  • Is it possible to use OAuth starting from the service provider website?

    - by Brian Armstrong
    I want to let people create apps that use my API and authenticate them with OAuth. Normally this process starts from the consumer service website (say TwitPic) and they request an access token from the service provider (Twitter). The user is then taken to the service provider website where they have to allow/deny access to to the consumer. I'm wondering if it's possible to initiate this process from the service provider website instead. So in this example you would start on Twitter's site, and maybe there is a section marked "do you want to turn on access for TwitPic?". If you click yes, it passes the access token directly to TwitPic which now has access to your account. Basically, fewer steps. I'm looking at the OAuth docs and it looks like the request token is generated on the consumer side and used later to turn it into an access token. So it's not really designed with what I described above in mind, but I thought there might be a way. http://oauth.net/core/1.0/ (Search for "steps") Thanks!

    Read the article

  • UIPickerView Custom Font

    - by Lee Armstrong
    I have the following code that I have found and tried to implement. I want to set the UIPickerView to have labels that I can customize the text in... When loading this it is just blank at the moment! - (UIView *)pickerView:(UIPickerView *)pickerView viewForRow:(NSInteger)row forComponent:(NSInteger)component reusingView:(UIView *)view { UILabel *pickerLabel = (UILabel *)view; NSString *text = @"TTT"; // Reuse the label if possible, otherwise create and configure a new one if ((pickerLabel == nil) || ([pickerLabel class] != [UILabel class])) { //newlabel CGRect frame = CGRectMake(0.0, 0.0, 270, 32.0); pickerLabel = [[[UILabel alloc] initWithFrame:frame] autorelease]; pickerLabel.textAlignment = UITextAlignmentLeft; pickerLabel.backgroundColor = [UIColor clearColor]; pickerLabel.font = [UIFont fontWithName:@"AmericanTypewriter" size:28]; } pickerLabel.textColor = [UIColor brownColor]; return pickerLabel; }

    Read the article

  • Android AppWidget maps activity problem

    - by Andy Armstrong
    Right. So I have an app widget. It has 4 buttons, one one of the buttons I want it to show me the current location of the user on the map. So - I make a new activity as below: package com.android.driverwidget; import java.util.List; import android.os.Bundle; import com.google.android.maps.MapActivity; import com.google.android.maps.MapController; import com.google.android.maps.MapView; import com.google.android.maps.MyLocationOverlay; import com.google.android.maps.Overlay; public class MyLocation extends MapActivity{ public void onCreate(Bundle icicle) { super.onCreate(icicle); setContentView(R.layout.main); MapView myMapView = (MapView)findViewById(R.id.mapview); MapController mapController = myMapView.getController(); List<Overlay> overlays = myMapView.getOverlays(); MyLocationOverlay myLocationOverlay = new MyLocationOverlay(this, myMapView); overlays.add(myLocationOverlay); myLocationOverlay.enableMyLocation(); } protected boolean isRouteDisplayed() { return false; } } And then I added the appropriate uses library line to the manifest <activity android:name=".MyLocation" android:label="myLocation"> </activity> <uses-library android:name="com.google.android.maps" /> Ok yet - when I run the app the following errors occur, looks like it cannot find the MapActivity class, im running it on the GoogleApps 1.5 instead of normal android 1.5 as well. http://pastebin.com/m3ee8dba2 Somebody plz help me - i am now dying.

    Read the article

  • secure rest API for running user "apps" in an iframe

    - by Brian Armstrong
    I want to let users create "apps" (like Facebook apps) for my website, and I'm trying to figure out the best way to make it secure. I have a REST api i want to run the user apps in an iframe on my own site (not a safe markup language like FBML) I was first looking at oAuth but this seems overkill for my solution. The "apps" don't need to be run on external sites or in desktop apps or anything. The user would stay on my site at all times but see the user submitted "app" through the iframe. So when I call the app the first time through the iframe, I can pass it some variables so it knows which logged in user is using it on my site. It can then use this user session in it's own API calls to customize the display. If the call is passed in the clear, I don't want someone to be able to intercept the session and impersonate the user. Does anyone know a good way to do this or good write up on it? Thanks!

    Read the article

  • Rails - operation outside of a rollback

    - by Brian Armstrong
    I have a before_create filter that checks if people are posting too many comments. If they are I want to flag their account. class Comment < ActiveRecord::Base before_create :check_rate_limit def check_rate_limit comments_in_last_minute = self.user.comments.count(:conditions => ["comments.created_at > ?", 1.minute.ago]) if comments_in_last_minute > 2 user.update_attribute :status, "suspended" return false end true end end The before filter returns false to stop the comment from being created. The problem is that this triggers a ROLLBACK which also undoes the changes I made to the user model. What's the correct pattern to accomplish this? Specifically: running a check each time an object is created and being able to edit another model if the check fails.

    Read the article

  • Is it possible to do AJAX calls in a liquid template?

    - by Brian Armstrong
    I'm looking at the liquid templating language for Rails apps: http://wiki.github.com/tobi/liquid/ I'd like my users to also be able to make AJAX calls (just like the ones in rails for periodically_call_remote, observe_field, etc). Is this possible? Assuming the rails helpers can be added as filters, how will the user be able to modify what gets returned by the AJAX call? They cannot modify an rjs file on the server or anything like that. I suppose the AJAX call could return JSON (instead of rendered html) and then the javascript could use that to render something. But I'm having a little trouble envisioning how it would work exactly. If anyone can point me to an example of this or clarify it'd be much appreciated. Thanks!

    Read the article

  • Dynamically pixelate an html image element

    - by Chris Armstrong
    I'm to take an image on a webpage, and then use javascript (or whatever would be best suited) to dynamically 'pixelate' it (e.g. into 20px squares). Then, as the user scrolls down the page, I need the image to gradually increase in resolution, till it is no longer pixelated. Any ideas how I could go about doing this? I realise I could use php to resize an image and several times and just switch out the image, but that would require loading several extra images. Also, I know I could probably do the effect with flash & pixelbender, but I want to achieve it within the limitations of HTML5, CSS & Javascript if possible. Appreciate any thoughts!

    Read the article

  • Can you let users upload Sinatra apps and run them inside Rails as middleware?

    - by Brian Armstrong
    I want to let users write small custom apps (think themes or plugins on Wordpress) and upload/run them on my site. I'm thinking about using Sinatra apps for this since it would give the users a lot of flexibility, and then running them as middleware inside my rails app. But I can't figure out the security implications of this. I tried creating a simple sinatra app as middleware, and it has access to all the rails models and everything - so that is bad. Is there a way for rack to keep these separate so that the sinatra apps are effectively sandboxed and can't do any bad things (outside of an API or some specific way I setup for them to communicate)? There may be an easier way to accomplish this that I haven't thought of too, so ideas welcome. Thanks!

    Read the article

  • How to safely let users submit custom themes/plugins for a Rails app

    - by Brian Armstrong
    In my rails app I'd like to let users submit custom "themes" to display data in various ways. I think they can get the data in the view using API calls and I can create an authentication mechanism for this. Also an authenticated API to save data. So this is probably safe. But i'm struggling with the best way to let users upload/submit their own code for the theme. I want this to work sort of like Wordpress themes/plugins where people can upload the thing. But there are some security risks. For example, if I take the uploaded "theme" a user submits and put it in it's own directory somewhere inside the rails app, what are the risks of this? If the user inserts any rails executable code in their theme, even though it's the view they have full access at that point to all the models, everyone's data, etc. Even from other users. So that is not good. I need some way to let the uploaded themes exist in a sandbox of the rails app, but I haven't seen a good way to do this. Any ideas?

    Read the article

  • JSESSIONID collision between two servers on same ip but different ports

    - by Steve Armstrong
    I've got a situation where I have two different webapps running on a single server, using different ports. They're both running Java's Jetty servlet container, so they both use a cookie parameter named JSESSIONID to track the session id. These two webapps are fighting over the session id. Open a Firefox tab, and go to WebApp1 WebApp1's HTTP response has a set-cookie header with JSESSIONID=1 Firefox now has a Cookie header with JSESSIONID=1 in all it's HTTP requests to WebApp1 Open a second Firefox tab, and go to WebApp2 The HTTP reqeust to WebApp2 also has a Cookie header with JSESSIONID=1, but in the doGet, when I call req.getSession(false); I get null. And if I call req.getSession(true) I get a new Session object, but then the HTTP response from WebApp2 has a set-cookie header with JSESSIONID=20 Now, WebApp2 has a working Session, but WebApp1's session is gone. Going to WebApp1 will give me a new session, blowing away WebApp2's session. Continue forever So the Sessions are thrashing between each web app. I'd really like for the req.getSession(false) to return a valid session if there's already a JSESSIONID cookie defined. One option is to basically reimplement the Session framework with a HashMap and cookies called WEBAPP1SESSIONID and WEBAPP2SESSIONID, but that sucks, and means I'll have to hack the new Session stuff into ActionServlet and a few other places. This must be a problem others have encountered. Is Jetty's HttpServletRequest.getSession(boolean) just crappy?

    Read the article

  • How do you authenticate user generated "apps" for your app?

    - by Brian Armstrong
    I'm think something like Facebook apps here. User generated pieces of code that people can write to interact with my app. I understand how an authenticated API works, but this seems a little more complicated because not only does the APP have to authenticate itself (with a regular api-key) but the USER using the app has to be authenticated somehow too, without giving the app free reign. I've been reading a bit here to see how FB does it: http://wiki.developers.facebook.com/index.php/How_Facebook_Authenticates_Your_Application And it looks like you have to pass a signature in addition to the api-key along with every call, but I'm having trouble wrapping my head around how this gets generated and used on the other end (my server). Figure there must be a simple explanation of this out there? Thanks! P.S. I'm building a Rails app if there are any applicable gems/plugins.

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >