Search Results

Search found 20743 results on 830 pages for 'session management'.

Page 18/830 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

  • Proper way to configure ~/.Xsession with a standalone window manager to gracefully end a session

    - by cYrus
    I'm using xdm and my ~/.Xsession looks like this: # <initialization stuff here> exec openbox It works, but I've noticed that when I log out Openbox doesn't gracefully kill all the applications. In particular Google Chrome complains about that. How can I make sure to wait for all processes to exit (just like others configurations: Gnome, KDE, Windows ...)? The only (ugly) solution that I've found involves sleep and kill into ~/.Xsession.

    Read the article

  • ASP.NET MVC Session Expiration

    - by Andrew Flanagan
    We have an internal ASP.NET MVC application that requires a logon. Log on works great and does what's expected. We have a session expiration of 15 minutes. After sitting on a single page for that period of time, the user has lost the session. If they attempt to refresh the current page or browse to another, they will get a log on page. We keep their request stored so once they've logged in they can continue on to the page that they've requested. This works great. However, my issue is that on some pages there are AJAX calls. For example, they may fill out part of a form, wander off and let their session expire. When they come back, the screen is still displayed. If they simply fill in a box (which will make an AJAX call) the AJAX call will return the Logon page (inside of whatever div the AJAX should have simply returned the actual results). This looks horrible. I think that the solution is to make the page itself expire (so that when a session is terminated, they automatically are returned to the logon screen without any action by them). However, I'm wondering if there are opinions/ideas on how best to implement this specifically in regards to best practices in ASP.NET MVC.

    Read the article

  • Checking if a session is active

    - by Josh
    I am building a captcha class. I need to store the generated code in a PHP session. This is my code so far: <?php class captcha { private $rndStr; private $length; function generateCode($length = 5) { $this->length = $length; $this->rndStr = md5(time() . rand(1, 1000)); $this->rndStr = substr($rndStr, 0, $this->length); return $rndStr; if(session_id() != '') { return "session active"; } else { return "no session active"; } } } ?> And using this code to check: <?php include('captcha.class.php'); session_start(); $obj = new captcha(); echo $obj->generateCode(); ?> But it doesn't output anything to the page, not even a PHP error. Does someone know why this is? And is there a better way I can check if I've started a session using session_start()? Thanks.

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

  • Rails 2.3 session

    - by Sam Kong
    Hi, I am developing a rails 2.3.2 app. I need to keep session_id for an order record, retrieve it and finally delete the session_id when the order is completed. It worked when I used cookies as session store but it doesn't for active_record store. (I restarted my browser, so no cache issue.) I know rails 2.3 implements lazy session load. I read some info about it but am still confused. Can somebody clarify how I use session_id for such a case? What I am doing is... A user make an order going through several pages. There is no sign-up, neither login. So I keep session_id in the order record so that no other user can access the order. @order = Order.last :conditions = {:id = params[:id], :session_id = session[:session_id] } When the order is finished, I set nil to session_id column. How would you implement such a case in lazy session(and active_record store) environment? Thanks. Sam

    Read the article

  • Session Variable Not Being Updated? ASP.NET

    - by davemackey
    I have a three step wizard. On the first step I use a repeater to create a series of buttons that an individual can select from. When the user selects one of the buttons the value of the button is saved to session state. They are taken to the next step and shown a similar list of buttons that are based on what they previously selected. Thus, if you choose "Hamburger" you might receive the options of "onion", "lettuce", "tomato" while if you choose "Hot Dog" you might receive "sauerkraut" and "ketchup". Lets say an individual chooses Hamburger. This is saved into session state like so: Public Sub Button_ItemCommand(ByVal Sender As Object, ByVal e As RepeaterCommandEventArgs) ' ******** Lets pass on the results of our query in LinqDataSource1_Selecting. Session("food_select") = RTrim(e.CommandName) Wizard1.ActiveStepIndex = 1 End Sub Now, this works fine and dandy. But lets say I select hamburger and then realize I'm really hankering for a hot dog. I go back to the first wizard step and click on the hot dog button - but when the wizard progresses to the next step I still see the options for hamburgers! The session variable has not been updated. Why? Thanks!

    Read the article

  • "Session is Closed!" - NHibernate

    - by Alexis Abril
    This is in a web application environment: An initial request is able to successfully complete, however any additional requests return a "Session is Closed" response from the NHibernate framework. I'm using a HttpModule approach with the following code: public class MyHttpModule : IHttpModule { public void Init(HttpApplication context) { context.EndRequest += ApplicationEndRequest; context.BeginRequest += ApplicationBeginRequest; } public void ApplicationBeginRequest(object sender, EventArgs e) { CurrentSessionContext.Bind(SessionFactory.Instance.OpenSession()); } public void ApplicationEndRequest(object sender, EventArgs e) { ISession currentSession = CurrentSessionContext.Unbind( SessionFactory.Instance); currentSession.Dispose(); } public void Dispose() { } } SessionFactory.Instance is my singleton implementation, using FluentNHibernate to return an ISessionFactory object. In my repository class, I attempt to use the following syntax: public class MyObjectRepository : IMyObjectRepository { public MyObject GetByID(int id) { using (ISession session = SessionFactory.Instance.GetCurrentSession()) return session.Get<MyObject>(id); } } This allows code in the application to be called as such: IMyObjectRepository repo = new MyObjectRepository(); MyObject obj = repo.GetByID(1); I have a suspicion my repository code is to blame, but I'm not 100% sure on the actual implementation I should be using. I found a similar issue on SO here. I too am using WebSessionContext in my implementation, however, no solution was provided other than writing a custom SessionManager. For simple CRUD operations, is a custom session provider required apart from the built in tools(ie WebSessionContext)?

    Read the article

  • PHP does not store all variables in session

    - by Flurin Juvalta
    Dear all I'm assigning session variables by filling the $_SESSION - Array throughout my script. My problem is, that for some reason not all variables are available in the session. here is a shortened version of my code for explaining this issue: session_start(); print_r($_SESSION); $_SESSION['lang'] = 'de'; $_SESSION['location_id'] = 11; $_SESSION['region_id'] = 1; $_SESSION['userid'] = 'eccbc87e4b5ce2fe28308fd9f2a7baf3'; $_SESSION['hash'] = 'dce57f1e3bc6fba32afab93b0c38b662'; print_r($_SESSION); first call prints something like this: Array ( ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) the second call prints: Array ( [lang] => de [location_id] => 11 [region_id] => 1 ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) As you can see, the important login information is not stored in the session. Does anybody has an idea what could be wrong with my session? Thanks for your answers!

    Read the article

  • ASP.Net Session Storage provider in 3-layer architecture

    - by Tedd Hansen
    I'm implementing a custom session storage provider in ASP.Net. We have a strict 3-layer architecture and therefore the session storage needs to go through the business layer. Presentation-Business-Database. The business layer is accessed through WPF. The database is MSSQL. What I need is (in order of preference): A commercial/free/open source product that solves this. The source code of a SqlSessionStateStore (custom session store) (not the ODBC-sample on MSDN) that I can modify to use a middle layer. I've tried looking at .Net source through Reflector, but the code is not usable. Note: I understand how to do this. I am looking for working samples, preferably that has been proven to work fine under heavy load. The ODBC sample on MSDN doesn't use the (new?) stored procs that the build in SqlSessionStateStore uses - I'd like to use these if possible (decreases traffic). Edit1: To answer Simons question on more info: ASP.Net Session()-object can be stored in either InProc, ASP.Net State Service or SQL-server. In a secure 3-layer model the presentation layer (web server) does not have direct/physical access to the database layer (SQL-server). And even without the physical limitations, from an architectural standpoint you may not want this. InProc and ASP.Net State Service does not support load balancing and doesn't have fault tolerance. Therefore the only option is to access SQL through webservice middle layer (business layer).

    Read the article

  • Codeigniter Inputting session data from model for a simple authentication system

    - by user1616244
    Trying to put together a simple login authentication. Been at this for quite sometime, and I can't find where I'm going wrong. Pretty new to Codeigniter and OOP PHP. I know there are authentication libraries out there, but I'm not interested in using those. Model: function login($username, $password){ if ($this->db->table_exists($username)){ $this->db->where('username', $username); $this->db->where('password', $password); $query = $this->db->get($username); if($query->num_rows >= 1) { return true; $data = array( 'username' => $this->input->post('username'), 'login' => true ); $this->session->set_userdata($data); } } } Controller function __construct(){ parent::__construct(); $this->logincheck(); } public function logincheck(){ if ($this->session->userdata('login')){ redirect('/members'); } } If I just echo from the controller: $this-session-all_userdata(); I get an empty array. So the problem seems to be that the $data array in the model isn't being stored in the session.

    Read the article

  • Session and Pop Up Window

    - by imran_ku07
     Introduction :        Session is the secure state management. It allows the user to store their information in one page and access in another page. Also it is so much powerful that store any type of object. Every user's session is identified by their cookie, which client presents to server. But unfortunately when you open a new pop up window, this cookie is not post to server with request, due to which server is unable to identify the session data for current user.         In this Article i will show you how to handle this situation,  Description :         During working in a application, i was getting an Exception saying that Session is null, when a pop window opens. After seeing the problem more closely i found that ASP.NET_SessionId cookie for parent page is not post in cookie header of child (popup) window.         Therefore for making session present in both parent and child (popup) window, you have to present same cookie. For cookie sharing i passed parent SessionID in query string,   window.open('http://abc.com/s.aspx?SASID=" & Session.SessionID &','V');           and in Application_PostMapRequestHandler application Event, check if the current request has no ASP.NET_SessionId cookie and SASID query string is not null then add this cookie to Request before Session is acquired, so that Session data remain same for both parent and popup window.    Private Sub Application_PostMapRequestHandler(ByVal sender As Object, ByVal e As EventArgs)           If (Request.Cookies("ASP.NET_SessionId") Is Nothing) AndAlso (Request.QueryString("SASID") IsNot Nothing) Then               Request.Cookies.Add(New HttpCookie("ASP.NET_SessionId", Request.QueryString("SASID")))           End If       End Sub           Now access Session in your parent and child window without any problem. How this works :          ASP.NET (both Web Form or MVC) uses a cookie (ASP.NET_SessionId) to identify the user who is requesting. Cookies are may be persistent (saved permanently in user cookies ) or non-persistent (saved temporary in browser memory). ASP.NET_SessionId cookie saved as non-persistent. This means that if the user closes the browser, the cookie is immediately removed. This is a sensible step that ensures security. That's why ASP.NET unable to identify that the request is coming from the same user. Therefore every browser instance get it's own ASP.NET_SessionId. To resolve this you need to present the same parent ASP.NET_SessionId cookie to the server when open a popup window.           You can confirm this situation by using some tools like Firebug, Fiddler,  Summary :          Hopefully you will enjoy after reading this article, by seeing that how to workaround the problem of sharing Session between different browser instances by sharing their Session identifier Cookie.

    Read the article

  • PayPal IPN - having trouble accessing session data?

    - by Martin Bean
    Hello, all. I'm having issues with PayPal IPN integration where it seems I cannot get my solution to read session variables. Basically, in my shop module script, I store the customer's details as provided by PayPal to an orders table. However, I also wish to save products ordered in a transaction to a separate table linked by the order ID. However, it's the second part of the script that's not working, where I loop through the products in the session and then save them to the orders_products table. Is there a reason why the session data not being read? The code within shop.php is as follows: if ($paypal->validate_ipn()) { $name = $paypal->ipn_data['address_name']; $street_1 = $paypal->ipn_data['address_street']; $street_2 = ""; $city = $paypal->ipn_data['address_city']; $state = $paypal->ipn_data['address_state']; $zip = $paypal->ipn_data['address_zip']; $country = $paypal->ipn_data['address_country']; $txn_id = $paypal->ipn_data['txn_id']; $sql = "INSERT INTO orders (name, street_1, street_2, city, state, zip, country, txn_id) VALUES (:name, :street_1, :street_2, :city, :state, :zip, :country, :txn_id)"; $smt = $this->pdo->prepare($sql); $smt->bindParam(':name', $name, PDO::PARAM_STR); $smt->bindParam(':street_1', $street_1, PDO::PARAM_STR); $smt->bindParam(':street_2', $street_2, PDO::PARAM_STR); $smt->bindParam(':city', $city, PDO::PARAM_STR); $smt->bindParam(':state', $state, PDO::PARAM_STR); $smt->bindParam(':zip', $zip, PDO::PARAM_STR); $smt->bindParam(':country', $country, PDO::PARAM_STR); $smt->bindParam(':txn_id', $txn_id, PDO::PARAM_INT); $smt->execute(); // save products to orders relationship $order_id = $this->pdo->lastInsertId(); // $cart = $this->session->get('cart'); $cart = $this->session->get('cart'); foreach ($cart as $product_id => $item) { $quantity = $item['quantity']; $sql = "INSERT INTO orders_products (order_id, product_id, quantity) VALUES ('$order_id', '$product_id', '$quantity')"; $res = $this->pdo->query($sql); } $this->session->del('cart'); mail('[email protected]', 'IPN result', 'IPN was successful on wrestling-wear.com'); } else { mail('[email protected]', 'IPN result', 'IPN failed on wrestling-wear.com'); } And I'm using the PayPal IPN class for PHP as found here: http://www.micahcarrick.com/04-19-2005/php-paypal-ipn-integration-class.html, but the contents of the validate_ipn() method is as follows: public function validate_ipn() { $url_parsed = parse_url($this->paypal_url); $post_string = ''; foreach ($_POST as $field => $value) { $this->ipn_data[$field] = $value; $post_string.= $field.'='.urlencode(stripslashes($value)).'&'; } $post_string.= "cmd=_notify-validate"; // append IPN command // open the connection to PayPal $fp = fsockopen($url_parsed[host], "80", $err_num, $err_str, 30); if (!$fp) { // could not open the connection. If logging is on, the error message will be in the log $this->last_error = "fsockopen error no. $errnum: $errstr"; $this->log_ipn_results(false); return false; } else { // post the data back to PayPal fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n"); fputs($fp, "Host: $url_parsed[host]\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: ".strlen($post_string)."\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $post_string . "\r\n\r\n"); // loop through the response from the server and append to variable while (!feof($fp)) { $this->ipn_response.= fgets($fp, 1024); } fclose($fp); // close connection } if (eregi("VERIFIED", $this->ipn_response)) { // valid IPN transaction $this->log_ipn_results(true); return true; } else { // invalid IPN transaction; check the log for details $this->last_error = 'IPN Validation Failed.'; $this->log_ipn_results(false); return false; } }

    Read the article

  • PHP Session when using desktop app

    - by Jonathan
    In this question I asked how to POST to a php file form a vb.net app: http://stackoverflow.com/questions/2615335/post-to-webpage-in-vb-net-win-forms-desktop-not-asp-net So now I've logged in the user user by posting their username and password to the php file, the php file then does security/checks they exist/etc and if both username and password are correct is stores the user ID in a session variable. Now if the vb.net app tries to download data off a page which needs the user to logged in, it checks this by doing: if (!isset($_SESSION['uid'])) { header("Location: index.php"); } However after having logged correctly in the app the session variable is not set. How does session work with a vb.net app like this? When the user logs in successfully should I download the user id and keep it in the vb.net app and then post it to each page that requires authentication?

    Read the article

  • PHP session starter detect for visitor counting

    - by zapping
    Is there a way to find out on session being started. Like for instance the session start event in the global.ascx file of .net. The requirement is to find the no. of visits the user has done on the site. Instead of checking each time during posts or gets to the server. Is there something in php to find out if the session is a new one. Zen framework is also used for the app.

    Read the article

  • Rails session cookie not getting set

    - by bwizzy
    I have a rails app that is a CMS that uses dynamic subdomains for each site. For some reason when I deployed to production the session cookie is not getting set. I'm thinking this is leading to the "Invalid Authenticity Token" errors that are being thrown everywhere. I have my production.rb setup so that I can share sessions across subdomains. What could be going wrong that the cookie isn't being set at all? #production.rb config.action_controller.session[:domain] = '.domain.com' #environment.rb config.action_controller.session = { :session_key => '_app_session', :secret => '.... nums and chars .....' }

    Read the article

  • PHP Session Cookies fail with users changing IP

    - by Columbo
    Hello, I have a login script for a small application that works by storing session cookies and checking them on each page to make sure the user is logged in. One of the two users who uses the system keeps getting logged out randomly. This appears to be down to the session cookie that shows then authenticated no longer being present. After a lot of investigation the only thing I can see that is different about this user is that their IP address is changing (today it was changing every hour (their on Sky)). The only thing is the change of IP address has happened 5 times this morning and only once has the user been logged off. Has anyone had a similar issue? Are session cookies in someway tied to IP addresses? Any help or links much appreciated. Thanks C

    Read the article

  • Maintaining session across relay domain?

    - by Steffen
    I'm building a payment page in asp.net, however the page where you order your items is run in HTTP (non-secure) on my domain. When redirecting the user to the payment site, I have to go through a different domain (my payment provider, from whom I borrow the SSL certificate), so my payment url ends up like https://www.paymentprovider.com/somescript.cgi/www.mydomain.com/mypaymentpage.aspx Now the problem is my session is lost, but I store the order in session, so I desperately needs it. Can I somehow send the SessionID in querystring, and restore the session from it - or do I need to stuff the entire order into querystring ? (Not too certain it'll fit though, it's rather long) Any help will be highly appreciated :-)

    Read the article

  • Securely persist session between https://secure.yourname.com and http://www.yourname.com on rails ap

    - by Matt
    My rails site posts to a secure host (e.g. 'https://secure.yourname.com') when the user logs into the site. Session data is stored in the database, with the cookie containing only the session ID. The problem is that when the user returns to a non-https page, such as the home page (e.g. 'http://www.yourname.com') the user appears to have logged out. I believe the reason for this is that a separate cookie is stored for each host (www vs. secure). Is this correct? What is the best secure way to persist the session between both the http and https sections of the site? Does anyone know of any plugins that address this problem? The site runs on Heroku.

    Read the article

  • ASP.NET MVC Session usage

    - by Ben
    Currently I am using ViewData or TempData for object persistance in my ASP.NET MVC application. However in a few cases where I am storing objects into ViewData through my base controller class, I am hitting the database on every request (when ViewData["whatever"] == null). It would be good to persist these into something with a longer lifespan, namely session. Similarly in an order processing pipeline, I don't want things like Order to be saved to the database on creation. I would rather populate the object in memory and then when the order gets to a certain state, save it. So it would seem that session is the best place for this? Or would you recommend that in the case of order, to retrieve the order from the database on each request, rather than using session? Thoughts, suggestions appreciated. Thanks Ben

    Read the article

  • PHP: session isnt saving before header redirect

    - by Matt
    Hi guys, I have read through the php manual for this problem and it seems quite a common issue but i have yet to find a solution. I am saving sessions in a database. My code is as follows: // session $_SESSION['userID'] = $user->id; header('Location: /subdirectory/index.php'); Then at the top of index.php after the session_start(), i have var_dumped the $_SESSION global and the userID is not in there. As i said ive looked through the PHP manual (http://php.net/manual/en/function.session-write-close.php) and neither session_write_close or session_regenerate_id(true) worked for me. Does anybody know a solution? Edit: I have session_start() at the top of my file. When i var_dump the session global before the header redirect, i see the userID in there, but not in the other file, which is in a subdirectory of this script Thanks, Matt

    Read the article

  • PHP Session code work differently on two servers

    - by williamsdb
    I have some code which works fine on one server but is giving a session header warning: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent on another. I have checked the php.ini settings on the two servers and they are identical. I know that the warning message is supposed to suggest that something has been outputted before the session_start but what I don't understand is why the same code works on one server but not the other. Is there anything else that could be explaining it other than the php.ini settings?

    Read the article

  • Grails Unit testing a function with session object

    - by Suganthan
    I having a Controller like def testFunction(testCommand cmdObj) { if (cmdObj.hasErrors()) { render(view: "testView", model: [cmdObj:cmdObj]) return } else { try { testService.testFunction(cmdObj.var1, cmdObj.var2, session.user.username as String) flash.message = message(code: 'message') redirect url: createLink(mapping: 'namedUrl') } catch (GeneralException error) { render(view: "testView", model: [cmdObj:cmdObj]) return } } } For the above controller function I having a Unit test function like: def "test function" () { controller.session.user.username = "testUser" def testCommandOj = new testCommand( var1:var1, var2:var2, var3:var3, var4:var4 ) testService service = Mock(testService) controller.testService = service service.testFunction(var2,var3,var4) when: controller.testFunction(testCommandOj) then: view == "testView" assertTrue model.cmdObj.hasErrors() where: var1 | var2 | var3 | var4 "testuser" | "word@3" | "word@4" | "word@4" } When running this test function I getting the error like Cannot set property 'username' on null object, means I couldn't able to set up the session object. Can someone help to fix this. Thanks in advance

    Read the article

  • Weblogic Apache plugin and session stickiness

    - by h4tech
    If two webserver are configured in between a load balancer and weblogic cluster, will the two Apache server maintain session stickiness.?? Say for e.g. the load balancer forwards the first request to the 1st apache and inturn 1st apache forwards to 1st WL managed instance.Even if the second req from the same user is forwarded by the load balancer to the second apache, will the sec apache be able to forward it to the 1st WLManaged instance which served the first request rather than the sec WLManaged instance which is not aware of the session information at all.What should ideally be the behaviour of weblogic apache plugin??.Catch is i dont want ot enable the session replication @ the wl server cluster..Pls help.

    Read the article

  • Java Session Like Object

    - by scriptmonster
    I have been developing a project and in this project i have designed my code to do the same job after a specified time interval continuously. The job that wanted to be done has a lot of distinct cycles. The interval is small to execute them normally thus i used threads. Until that point everything is clear for me. To decrease the process and information transaction i wanted to put an session like object that holds the given data and provide it to any thread at anytime. With this object i plan to not query the same configuration information from database at everytime but if it exists on the session take it else query and store on session. I'm not sure how to implement this structure. Regards,

    Read the article

  • JSF - Session Bean restart on logout and login

    - by Ben
    Hi, I have a web application with a backing bean which has the context of the current logged in user. It is implemented on JSF. When the user logs out he is forwarded to a login screen (in another JSP page). I would like the current session to be erased when that happens and a new one to be created the next time the user logs in and enters the application. My question is - how do you delete a session? (I guess the new session will be created automatically the next time the user enters the link) This is kinda newb i guess, but I couldn't find a solution for this. Thanks for the Help!

    Read the article

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >