Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 17/380 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

  • How Session out trigger on browser close?

    - by Hemant Kothiyal
    Hi, Yesterday morning i open gmail account in Internet Exlorer second tab. I checked my mail and closed that tab (not browser). Then at the time of evining i again open second tab of browser and enetr gmail.com, it automatically redirect me at my email account without asking login. I shocked and i thought i should remain browser open for whole night and today open gmail in second tab , it behave similar means without login screen it redirect in my gmail account. Then i closed that tab and open another browser session and enter gmail i again surprised that i redirect me login page. At the same time i open second tab of first browser and it automatically redirect me at mail account page. What i councluded by this behaviour is that might be gmail server keep my browser id at their server so that whenever i eneter gmail.com on second tab of first browser, it automatically redirect me at gmail account. I don't know i am right or not? Please clear me this concept? What happens with my session at gmail server when i closed my browser tab? As per my opinion it should automatically logout me but why this doesn't happened?

    Read the article

  • Signed_request lost in ASP.NET session, confusing my website

    - by Csabi
    I have an ASP.NET MVC 3 website which is available both from a specific public url, and I'm also making be available as a Facebook App. Inside my website logic, in some places I have to determine whether the current request is from the Facebook-app, or from the public website, because I want to display content based on this environment. So, for eg. if the user is using my site as a facebook-app, then I want to display a picture, and if the user is using my site normally, then I don't wanna display a picture. To determine whether I'm from a Facebook app, I check the "signed_request" in the HttpContext.Request, and store it in the HttpSession to be available for my other actions, not just for that action (url) which is defined for my Facebook app. So when a child-action is executed, I can determine based on the Session, that the website is used as a FB-app or not. The problem happens, when the Session times out, because then althought the logic is still running inside Facebook, my logic thinks it's not inside Facebook. Any advice?

    Read the article

  • Hibernate Session flush behaviour [ and Spring @Transactional ]

    - by EugeneP
    I use Spring and Hibernate in a web-app, SessionFactory is injected into a DAO bean, and then this DAO is used in a Servlet through webservicecontext. DAO methods are transactional, inside one of the methods I use ... getCurrentSession().save(myObject); One servlet calls this method with an object passed. The update seems to not be flushed at once, it takes about 5 seconds to see the changes in the database. The servlet's method in which that DAO's update method is called, takes a fraction of second to complete. After the @Transactional method of DAO is completed, flushing may NOT happen ? It does not seem to be a rule [ I already see it ]. Then the question is this: what to do to force the session to flush after every DAO method? It may not be a good thing to do, but talking about a Service layer, some methods must end with immediate flush, and Hibernate Session behavior is not predictable. So what to do to guarantee that my @Transactional method persists all the changes after the last line of that method code? getCurrentSession().flush() is the only solution? p.s. I read somewhere that @Transactional IS ASSOCIATED with a DB Transaction. Method returns, transaction must be committed. I do not see this happens.

    Read the article

  • DNS security (hijacking?)

    - by Jongsma
    I am hosting my website on Linode and am also using their DNS/naming servers. (ns1.linode.com etc.) It occurred to me that I never have had to authenticate that the domain is mine when I added it to the domain to the DNS manager, or at any other point. I now wonder whether it would be possible for other Linode users to 'hijack' my domain by simply adding the same domain zone and pointing it to their own server. I wouldn't know how Linode could determine which are the real/authentic records. How can I be sure this doesn't happen?

    Read the article

  • ASP.NET Session or global variables?

    - by WtFudgE
    Hi, I am creating an ASP.NET page where I need a couple of variables which hold pathnames and a chosen language etc... Not that many, let's say about 5. Should I use session variables for this? Atm I'm using public static variables but I'm not sure if this is the right way to do this. Any thoughts? Thx

    Read the article

  • PHP session cookie sessionid

    - by msaif
    in PHP i used session and cookie not urlrewriting with PHPSESSID. but when i opened cookie then i saw the key value pair.but one of them is path : / what does path mean,can you explain elaborately. if i change the path value to /abc/cdddddddddd/efc then what does that mean?

    Read the article

  • session id in php

    - by rajanikant
    hi every one i am trying to echo session id i saw that each time refreshing the page it chang thats why i cant login . please any one suggest wht prob should be there

    Read the article

  • Why not use PHP's built-in session handling?

    - by Dougal
    Is there currently - or has there ever been - any serious or significant problem with PHP's built-in session handling? I mean, it's always worked for me and my projects. But I see some codebases and frameworks out there seem to use a custom handler. Is this reinventing the wheel? Or improving on some flaws? What flaws?

    Read the article

  • Storing Requested URL in Global.asax without Session State in ASP.NET

    - by Mark Richman
    I have a complex URL rewriting scheme which breaks the built in Forms Authentication ReturnUrl mechanism. I would like to grab the requested URL for later redirection away from my login.aspx. I can get this URL in Application_BeginRequest via HttpContext.Current.Request.AppRelativeCurrentExecutionFilePath. However, Session state is not available in Application_BeginRequest. How can I store this URL prior to ASP.NET redirecting me to login.aspx?

    Read the article

  • authentication and session in Java

    - by Sephy
    hi, I would like to know if it is possible to maintain an authentication (like a session with login and password in php) on a website from a java program, and if anyone had any lead on the subject or some reading for me, that would be great. thanks

    Read the article

  • Using Session in Silverlight using simple WebServices (NOT WCF)

    - by Syed
    Hi, I need to use Session variables in my Silverlight application ( Using Visual Studio 2008, and Silverlight 3). I am already using a webservice (not WCF service) and would like to know if I can add two methods say GetSessionVariable and SetSessionVariable in my existing WebService Class? Any assistance with sample code would be great! Regards and Thanks in advance, Nadeem.

    Read the article

  • Rails creating a new session every page view

    - by danhere
    Hi everyone, I'm following the Agile RoR book somewhat to apply it to a project for school. It's going good until I get to sessions. I continually get Authenticity Invalid Tokens and when I look at my sessions table in the database, there's a new session being created every time I refresh the page. Is that right or is something messed up? Thanks.

    Read the article

  • Using memcached as a session storage with CodeIgniter

    - by Alex N.
    I am researching possibilities of using memcached as a session storage for a system built on CodeIgniter. Has anybody done this before(that's probably a stupid question :) and if so what's your experience folks? Have you used any existing libraries/extensions? As far as performance improvement what have you seen? Any caveats?

    Read the article

  • session cant be identified in subdomain

    - by Mac Taylor
    hey guys i installed phpbb3 on a subdomain forums.mywebsite.com everything is fine unless in subdomain session that set before in my portal cant be identified but if i go to forums with this url : mywebsite.com/forums problem will be solved is there any solution to solve this problem and user can be identified when subdomain is used ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >