Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

Page 14/380 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • Comet and [Session] TimeOut

    - by Amitd
    hi guys, Just Wondering how [session] timeouts are(or can be) implemented when using Comet? I'm using Long polling Comet solution and want to implement a kind of Timeout feature. Example : If the user is on a comet enabled page and doesn't respond to server events/notification for a period of time say 10 mins then invalidate his session and remove his request from server and redirect the user to a timeout page? Will this require Javascript XHR requests to check for a timeout explictly? Using ASP.NET 3.5 / C# Thanks

    Read the article

  • PHP Session timeout

    - by user342391
    I am creating a session when a user logs in like so: $_SESSION['id'] = $id; How can I specify a timeout on that session of X minutes and then have it perform a function or a page redirect once it has reached X minutes??

    Read the article

  • how to handle a array of objects in a session

    - by Robert
    Hello, In the project I'm working on I have got a list List<Item> with objects that Is saved in a session. Session.Add("SessionName", List); In the Controller I build a viewModel with the data from this session var arrayList = (List<Item>)Session["SessionName"]; var arrayListItems= new List<CartItem>(); foreach (var item in arrayList) { var listItem = new Item { Amount = item.Amount, Variant= item.variant, Id = item.Id }; arrayListItems.Add(listItem); } var viewModel = new DetailViewModel { itemList = arrayListItems } and in my View I loop trough the list of Items and make a form for all of them to be able to remove the item. <table> <%foreach (var Item in Model.itemList) { %> <% using (Html.BeginForm()) { %> <tr> <td><%=Html.Hidden(Settings.Prefix + ".VariantId", Item .Variant.Id)%> <td> <%=Html.TextBox(Settings.Prefix + ".Amount", Item.Amount)%></td> <td> <%=Html.Encode(Item.Amount)%> </td> <td> <input type="submit" value="Remove" /> </td> </tr> <% } %> <% } %> </table> When the post from the submit button is handeld the item is removed from the array and post back exactly the same viewModel (with 1 item less in the itemList). return View("view.ascx", viewModel); When the post is handled and the view has reloaded the value's of the html.Hidden and Html.Textbox are the value's of the removed item. The value of the html.Encode is the correct value. When i reload the page the correct values are in the fields. Both times i build the viewModel the exact same way. I cant find the cause or solution of this error. I would be very happy with any help to solve this problem Thanx in advance for any tips or help

    Read the article

  • session management: problem displaying username in the header

    - by aeonsleo
    hi, I am working on a simple login and logout module for my website without any security. I am using wamp on a windows xp machine. I am creating session when a user submits the login informaton it redirects to a process.php file which creates the session variables and starts session. Now if the login is successful user is redirected to the welcome page which includes a header file(which displays the header involving signin logout help options) The problem is the header is not changing the signin link to logout as the user logs successfully. The below code is from process.php which initiates a login. $username = $_POST['username']; $password = $_POST['password']; //echo "{$username}:{$password}"; $connection = mysql_connect("localhost","root",""); if(!$connection) { die("Database Connection Failed".mysql_error()); } $db_select = mysql_select_db("tester",$connection); if(!$db_select) { die("Database Selection Failed".mysql_error()); } $result = mysql_query("SELECT * FROM user",$connection); if(!$result) { die("Database Selection Failed".mysql_error()); } $q = "SELECT * FROM user " ."WHERE Name='".$username."' AND Password='".$password. "' "; // Run query $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) ) { session_start(); // Login good, create session variables $_SESSION["valid_id"] = session_id(); $_SESSION["valid_user"] = $_POST["username"]; $_SESSION["valid_time"] = time(); Header('Location: welcome.php'); The following code is from header.php which is included in welcome.php </div> <div id = "userdetail"> <?php if(isset($_SESSION["valid_user"])) { echo($_SESSION["valid_user"]." " ); echo("<a href=logout.php>Logout</a>"); } else { echo("<a href = login.php>Sign In</a>"); } ?> | Help | Search <input type = "text" name = "searchbox" value = "" /> </div> </div>

    Read the article

  • How to get dynamically session object in struts2

    - by Sujeet Singh
    I am trying to get dynamically session object in struts2 application. <s:if test="%{#session['resToken'].bookingType == 1}"> resToken can be get by <s:property value="%{resToken}">.. But I can't write <s:property> within <s:if test=""> its giving me error of double quotes.. org.apache.jasper.JasperException: /WEB-INF/jsp/booking/banquet/guest-Info-View.jsp(150,40) Unterminated &lt;s:if tag

    Read the article

  • Drupal how to set session or cookie?

    - by Gobi
    Hi, i jus friend reference function so i pass the user id through url like below www.example.com?fid=22 i need to set this as a session or cookie which access to all modules in drupal 6. if i set session it return for tht particular module . set cookie is not workin at all. $user-new_property works only on particular page where set if i move to another page no new_property in $user variable object list . Thanxs in advance, Gobi

    Read the article

  • Saving objects in servlet session and java.io.NotSerializableException

    - by EugeneP
    SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writi ng aborted; java.io.NotSerializableException: That means this object cannot be persisted on hard disk. Does it imply that it's not safe to keep in Session objects that do not implement "Serializable"? I haven't heard that there are limitations on saving non-serializable objects in Session object. It simply means that Tomcat will always keep them in memory, right?

    Read the article

  • Saving objects in servlet session and java.io.NotSerializableException

    - by EugeneP
    SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writi ng aborted; java.io.NotSerializableException: That means this object cannot be persisted on hard disk. Does it imply that it's not safe to keep in Session objects that do not implement "Serializable"? I haven't heard that there are limitations on saving non-serializable objects in Session object. It simply means that Tomcat will always keep them in memory, right?

    Read the article

  • session problem in rails

    - by piemesons
    I am getting this error. No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). I deleted all the cookies, values from sessions table. Restarted my server.Still geting the same error and this code was working yesterday.

    Read the article

  • Using Session Vars in a MVC Domain Model library

    - by 104286623826380127552
    Hello to all. I have a IQueryable function. In that function, I need to store and retrieve data to Session; can you guys point me in the right direction. I've looked at the HttpSessionStatBase where the session is usually taken from HttpContext.Current but this doesnt seem possible to do in the library. Am I missing something? Thanks in advance.

    Read the article

  • Selenium - Could not start Selenium session: Failed to start new browser session: Error while launching browser

    - by Yatendra Goel
    I am new to Selenium. I generated my first java selenium test case and it has compiled successfully. But when I run that test I got the following RuntimeException java.lang.RuntimeException: Could not start Selenium session: Failed to start new browser session: Error while launching browser at com.thoughtworks.selenium.DefaultSelenium.start <DefaultSelenium.java:88> Kindly tell me how can I fix this error. This is the java file I want to run. import com.thoughtworks.selenium.*; import java.util.regex.Pattern; import junit.framework.*; public class orkut extends SeleneseTestCase { public void setUp() throws Exception { setUp("https://www.google.com/", "*chrome"); } public void testOrkut() throws Exception { selenium.setTimeout("10000"); selenium.open("/accounts/ServiceLogin?service=orkut&hl=en-US&rm=false&continue=http%3A%2F%2Fwww.orkut.com%2FRedirLogin%3Fmsg%3D0&cd=IN&skipvpage=true&sendvemail=false"); selenium.type("Email", "username"); selenium.type("Passwd", "password"); selenium.click("signIn"); selenium.selectFrame("orkutFrame"); selenium.click("link=Communities"); selenium.waitForPageToLoad("10000"); } public static Test suite() { return new TestSuite(orkut.class); } public void tearDown(){ selenium.stop(); } public static void main(String args[]) { junit.textui.TestRunner.run(suite()); } } I first started the selenium server through the command prompt and then execute the above java file through another command prompt. Second Question: Can I do right click on a specified place on a webpage with selenium.

    Read the article

  • IIS: No Session being handed out, but only in production

    - by Wayne
    I've reproduced this in a simple project - details below. It's a WCF service in ASP.NET compatibility mode. What I'm seeing is that when run on the dev machine (Win7), a HTTP session id is available inside the service operation (HttpContext.Current.Session is non-null). But when deployed to the server (Win2k8R2), I get "No session". On both machines the app is configured to use the classic app pool, and the app pools themselves are configured identically as far as I can tell. The only differences I can discern between the two applications is that on the dev box, under "Handler Mappings", ISAPI-dll is disabled (not on the server), and on the server there's a spurious handler called "AboMapperCustom-7105160" (does not exist on the dev box). What should I be looking at next? Am I missing something head-slappingly simple? Service is this: [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] public class Service2 { [OperationContract] public string DoWork() { if (HttpContext.Current != null) { if (HttpContext.Current.Session != null) { return "SessionId: " + HttpContext.Current.Session.SessionID; } else { return "No Session"; } } else { return "No Context"; } } } Config is: <?xml version="1.0" encoding="UTF-8"?> <configuration> <configSections> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,log4net, Version=1.2.9.0, Culture=neutral, PublicKeyToken=b32731d11ce58905" /> <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> </sectionGroup> </sectionGroup> </sectionGroup> </configSections> <log4net> <appender name="LogFile" type="log4net.Appender.RollingFileAppender"> <file value="C:\Temp\Test.log4net.log" /> <rollingStyle value="Once" /> <maxSizeRollBackups value="10" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%d{ISO8601} [%5t] %-5p %c{1} %m%n" /> </layout> </appender> <root> <level value="DEBUG" /> <appender-ref ref="LogFile" /> </root> </log4net> <appSettings /> <connectionStrings /> <system.web> <compilation debug="true"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> </assemblies> </compilation> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <authentication mode="Windows" /> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. --> <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> <error statusCode="403" redirect="NoAccess.htm" /> <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> <pages> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </controls> </pages> <httpHandlers> <remove verb="*" path="*.asmx" /> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" /> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5" /> <providerOption name="WarnAsError" value="false" /> </compiler> </compilers> </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> <validation validateIntegratedModeConfiguration="false" /> <modules> <remove name="ScriptModule" /> <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated" /> <remove name="ScriptHandlerFactory" /> <remove name="ScriptHandlerFactoryAppServices" /> <remove name="ScriptResource" /> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </handlers> </system.webServer> <runtime> <assemblyBinding appliesTo="v2.0.50727" xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> </dependentAssembly> </assemblyBinding> </runtime> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_Service2" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <behaviors> <serviceBehaviors> <behavior name="WebApplication3.Service2Behavior"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="WebApplication3.Service2Behavior" name="WebApplication3.Service2"> <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service2" contract="WebApplication3.Service2" /> </service> </services> </system.serviceModel> <system.diagnostics> <sources> <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> <listeners> <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\Temp\Test2.svclog" /> </listeners> </source> </sources> <trace autoflush="true" indentsize="4"> <listeners> <add name="traceListener2" type="System.Diagnostics.TextWriterTraceListener" initializeData="c:\Temp\Test.log" traceOutputOptions="DateTime" /> </listeners> </trace> </system.diagnostics> </configuration> Testing with a simple console app: class Program { static void Main(string[] args) { ServiceReference1.Service2Client client = new ServiceReference1.Service2Client(); Console.WriteLine(client.DoWork()); Console.ReadKey(); } }

    Read the article

  • Losing Session between Classic ASP and ASP.NET

    - by Aaron
    The company that I work for is making a transition between classic ASP programs and ASP.NET programs for our intranet software. Eventually, everything will be written in ASP.NET, but because of time constraints, there are still a number of programs that use classic ASP. To compensate we've written features that allow for redirects and autologins between classic ASP programs and ASP.NET programs. I've been starting to see a problem, though, with holding the session state for our ASP.NET software. If a user uses an ASP.NET program, then does work in a classic ASP program, then goes back to that ASP.NET program, often times, the user's authentication for the ASP.NET program is still in place, yet the user's session is lost, resulting in an error whenever a function is performed within the program. I'm trying to capture the loss of the session state in global.asax's Session_End event, which would redirect the user to the login page, but that hasn't worked. Has anyone else faced a similar issue with users moving back and forth between classic ASP and ASP.NET and losing sessions? Is that even my real issue here? It's the only thing that I can see as being a problem. Thanks for any help.

    Read the article

  • Sharing session variables from http and https versio

    - by tangurena
    I am trying to fix an ASP.NET site that a friend had botched converting from older technologies. To the user, the site appears to have public and secured sections. Behind the scenes, the public and private sites are separate web applications with separate app pools. The difficulty arises because it appears that the applications share the same session IDs (when going from the public to the secured pages, the session ID remains the same), yet none of the (InProc) session variables are getting passed from the public site to the private one. Basically, the workflow consists of the user checking a checkbox ("I agree" type of stuff) on the public site (let's call that page http://www.boring.gov/iAgree.aspx), then logging in on the secured site (let's call that page https://www.boring.gov/login.aspx). The commandments from the parent agency in DC are that the user may not bookmark the login page, the user has to click "I agree" every time they log in, and that the "I agree" stuff has to be on a separate page. What am I missing? How would you do it? Notes: 1 - This is getting hosted on a single Windows 2003 server. 2 - Yes, it is a government agency. 3 - I would have done things very differently if I was doing the conversion, but I wasn't brought in until the poop hit the fan, and it is too late to redo things. 4 - Two previous SO threads that appear to be related, yet don't apply are this and that

    Read the article

  • Using ASP.NET session state with Silverlight (PRISM)

    - by Jon Andersen
    Hi, The scenario: I have a PRISM application developed in Silverlight (4), and I'm using a ASP.NET server side application to host several web-services (which, in turn, accesses WCF-services, but that's not really important here). The Silverlight application must be able to call the web services cross-domain (meaning that the web services isn't necessarily on the same server hosting the silverlight application). The Silverlight application consists of several modules, each accessing the ASP.NET web-services. I do not have much experience with Silverlight and PRISM, but as far as I can see, this is not a very unusual scenario... The problem: My challange is, that when 2 different modules access the web-services, I get 2 new sessions on the web-server. I would have thought that since both modules live on the same HTML-page (and then also in the same browser session), they would get the same session on the web-server...? I have tried to make the web-service Proxy-client globally available in the container (using Unity), by registering an instance (using Container.RegisterInstance), and then getting this instance whenever a module needs to make a web-service call (using Container.Resolve), but this doesn't seem to help. However, any calls made within the same module always gets the same session on the server. Can anyone see what I'm missing here...? Thanks! Jon

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >