rails session questions?
- by fsfsd
i run my rails program in linux , then i shutdown , after i run it agian, server report session are expired,
Search Results
Search found 10564 results on 423 pages for 'stateful session bean'.
Page 19/423 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26 | Next Page >
-
-
Attaching events to Session OnStart and OnEnd using HttpModules
- by cbp
Does anyone know a clean way of adding events to Session's OnStart and OnEnd events using an HttpModule (without touching the Global.asax file)?Read the article
-
JSF session issue
- by user234194
I have got a situation where I have list of records say 10,000, I am using datatable and I am using paging,(10 records per display). I wanted to put put that list in the session as: facesContext........put("mylist", mylist); And in the getters of the mylist, I have public List<MyClass> getMyList() { if(mylist== null){ mylist= (List<MyClass>) FacesContext......getSessionMap().get("mylist"); } return mylist; } Now the problem is whene ever i click on paging button to go to second page, only the first records are displayed, I know i am missing some thing, and I have few questions: Is the way of putting the list in session correct. Is this the way I should be calling the list in my case. Thnaks in advance...Read the article
-
Is encrypting session id (or other authenticate value) in cookie useful at all?
- by Ji
In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption. Be be more specific, For authentication purpose, turn off session, i don't want to deal with session time out any more store some sort of id value in the cookie, on the server side, check if the id value exists and matches, if it is, authenticate user. let the cookie value expire when browser session is ended, this way. vs Asp.net form authentication mechanism (it relies on session or session id, i think) does latter one offer better security?Read the article
-
Session State Anti-Pattern
- by Curiosity
I know the SOLID principles and other design patterns fairly well and have been programming for some time now - seeing many a bit of code throughout the years. Having said that, I'm having trouble coming up with a name to give the pattern, or lack thereof, to bits of code I've been dealing with at a current engagement. The application is an ASP.NET C# WebForms application, backed by a SQL Server/Mainframe backend (more mainframe than backend) and it's riddled with Session State properties being accessed/mutated from multiple pages/classes. Accessing/mutating global variables/application state was usually shunned upon while I was in school. Apparently the creators of this magnificent application didn't think it was such a bad idea. Question: Is there a name for such a pattern/anti-pattern that relies so heavily on Session State? I'd like to call the pig by its name ...Read the article
-
Expiring an IE session using WatiN
- by Steve Wilkes
I'm trying to write an acceptance test using WatiN which checks that a user is redirected to the login page if they navigate to a page after their session times out. I'm using WatiN's IE class for the browser, and trying the following: // 1. Login // 2. Do this: Browser.ClearCookies(); Browser.ClearCache(); // 3. Navigate to a different page But the user is always still logged in. Other info: I'm running the test through the NUnit GUI running as an administrator It's an ASP.NET MVC 3 site, using forms authentication and in-process session state I'm using IE9. If I manually clear all cookies in Chrome, the user is logged out If I manually clear all cookies in IE the user stays logged in If I call Browser.Eval("alert(document.cookie)"); in IE it alerts an empty string Given the above, I'm assuming this is a quirk with IE; any ideas how I can work around it?Read the article
-
What's a good FOSS java servlet session replication solution
- by Bossy Joe
I work on a very high volume public website running on Tomcat 5.5. Currently we require stickiness to a particular server in order to maintain session. I'd like to start replicating session, but have had trouble finding a good FOSS solution. I've written my own Manager (using memcached as the store) but am having trouble dealing with race conditions if more than one server is handling the requests for the same user. Is there a solution out there I should be looking at? I'm looking for not just something that works as a fallback if stickiness fails, but that would work if user requests are regularly spread to multiple servers.Read the article
-
Creating a session user login php
- by user2419393
I'm stuck on how to create a session for a user who logs in. I got the part of checking to make sure the log in information corresponds with the database information, but is stuck on how to take the email address and store into a session. Here is my php code below. <?php include '../View/header.php'; session_start(); require('../model/database.php'); $email = $_POST['username']; $password = $_POST['password']; $sql = "SELECT emailAddress FROM customers WHERE emailAddress ='$email' AND password = '$password'"; $result = mysql_query($sql, $db); if (!$result) { echo "DB Error, could not query the database\n"; echo 'MySQL Error: ' . mysql_error(); exit; } while ($row = mysql_fetch_assoc($result)) { echo $row['emailAddress']; } mysql_free_result($result); ?>Read the article
-
PHP - How to retrieve session in php
- by Klaus Jasper
I created a table that contains id - names - jobs and page that shows the names only and beside each name there is button Job and session that contains the id. this is my code $query = mysql_query("SELECT * FROM table"); while($fetch = mysql_fetch_array("$query")){ $name = $fetch['names']; $id = $fetch['id']; echo '</br>'; echo $name; $_SESSION['name'] = $id; echo "<button>Job</button>"; } I want when the user click on button Job redirect to a page that contains the job of that session. so how can I do it?Read the article
-
GWT : NULL Session
- by jidma
I'm using spring4gwt in my project. I have the following login service implementation: @Service("loginService") public class LoginServiceImpl extends RemoteServiceServlet implements LoginService { @Override @Transactional(propagation = Propagation.REQUIRED, rollbackFor = Exception.class) public UserBean checkUser(String userName, String password) throws Exception { HttpSession httpSession = getThreadLocalRequest().getSession(); } } When i call the loginService.checkUser("test","test") (In hosted mode), I get a null pointer exception, as getThreadLocalRequest() returns NULL instead of the actual session. I didn't try in web mode yet. Why would I get a null session ? Does it have something to do with spring4gwt ? Thank youRead the article
-
Session variables return completely after unsetting.
- by RemiX
I have a script that should log the user out of the site. It unsets all $_SESSION and $_COOKIE variables related to the login data of the user. But somehow, it seems impossible to log out. I checked the $_SESSION array at the end of the logout script, and at the beginning of each page. At the end of the logout script it says 'array()', but when I click the home button - or any link on the site - the full session data is back again and I don't know where it comes from. This is how I try to unset the session data: unset($_SESSION); unset($_COOKIE["usid"]); unset($_COOKIE["pw"]); unset($_COOKIE["adm"]); -- I don't know how to put it on different lines, but it's not that hard to read. Why do these data keep coming back?!Read the article
-
how to get http get request params in jsf 2.0 bakcing bean?
- by Marko
Hi all, I having trouble with passing http get parameters to jsf 2.0 backing bean. User will invoke URl with some params containing id of some entity, which is later used to persist some other entity in db. whole process can be summarized by fallowing: 1. user open page http://www.somhost.com/JsfApp/step-one.xhtml?sid=1 2. user fills some data and goes to next page 3. user fills some more data and then entity is saved to db with sid param from step one. I have session scoped backing bean that hold data from all the pages (steps), but I cant pass param to bean property.. any ideas?Read the article
-
PHP sessions causing Apache to hang indefinitely
- by Kmaid
The problem is that every so often a page that writes to a Session will cause apache to hang forever for a particular session. Once this error occurs for one user any further modifications to any session of any user will cause the website to hang for this user. This problem has been my sole focus for days. I have a development VPS running Windows 2003 and default latest version of XAMPP using the standard PHP session handler. The code in question actually runs on two other machines perfectly normally so although my common sense says it’s a web server configuration issue but at this point I am willing to try anything. On further investigation there are no errors in the Apache, PHP or System event log. Resources are abundant and there is no “AJAX shit storm” or more than a couple writes to a session per page. I have also implemented session_write_close() wherever possible to try and help elevate the problem. I have checked the session’s directory which is set to “C:\windows\Temp” and found that once a user enters this hanging phase that the corresponding session file is exclusively locked and the only way to resolve this is to stop Apache and wait a few moments for the files to become unlocked and delete them. I am not wondering if deletion is required. The Sessions themselves only contain 4 bits of information. ShoppingCartID, UserID, UserLevel and Refering URL and are alphanumerical with an occasional slash. My PHP.INI’s session section is configured like this: session.save_handler = files session.save_path = "C:\WINDOWS\Temp" session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 100 session.gc_maxlifetime = 1440 session.bug_compat_42 = 1 session.bug_compat_warn = 1 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = 0 session.hash_bits_per_character = 4 I have tried everything I can think of and the whole problem is now a blur to me. Any ideas would be appreciated and thanks for your time reading this :)Read the article
-
JavaOne 2012 Java Jungle Session!
- by HecklerMark
Well, it's official - the proposal I submitted to JavaOne 2012 was accepted! Pending management approval, I'll be leading the following session: Session ID: CON3519 Session Title: Building Hybrid Cloud Apps: Local Databases + The Cloud = Extreme Versatility If you've been struggling with ways to "move to the cloud" without losing the advantages you currently enjoy/require in your current environment, I hope you'll consider signing up for this session. Hope to see you there! MarkRead the article
-
What's new in EJB 3.2 ? - Java EE 7 chugging along!
- by arungupta
EJB 3.1 added a whole ton of features for simplicity and ease-of-use such as @Singleton, @Asynchronous, @Schedule, Portable JNDI name, EJBContainer.createEJBContainer, EJB 3.1 Lite, and many others. As part of Java EE 7, EJB 3.2 (JSR 345) is making progress and this blog will provide highlights from the work done so far. This release has been particularly kept small but include several minor improvements and tweaks for usability. More features in EJB.Lite Asynchronous session bean Non-persistent EJB Timer service This also means these features can be used in embeddable EJB container and there by improving testability of your application. Pruning - The following features were made Proposed Optional in Java EE 6 and are now made optional. EJB 2.1 and earlier Entity Bean Component Contract for CMP and BMP Client View of an EJB 2.1 and earlier Entity Bean EJB QL: Query Language for CMP Query Methods JAX-RPC-based Web Service Endpoints and Client View The optional features are moved to a separate document and as a result EJB specification is now split into Core and Optional documents. This allows the specification to be more readable and better organized. Updates and Improvements Transactional lifecycle callbacks in Stateful Session Beans, only for CMT. In EJB 3.1, the transaction context for lifecyle callback methods (@PostConstruct, @PreDestroy, @PostActivate, @PrePassivate) are defined as shown. @PostConstruct @PreDestroy @PrePassivate @PostActivate Stateless Unspecified Unspecified N/A N/A Stateful Unspecified Unspecified Unspecified Unspecified Singleton Bean's transaction management type Bean's transaction management type N/A N/A In EJB 3.2, stateful session bean lifecycle callback methods can opt-in to be transactional. These methods are then executed in a transaction context as shown. @PostConstruct @PreDestroy @PrePassivate @PostActivate Stateless Unspecified Unspecified N/A N/A Stateful Bean's transaction management type Bean's transaction management type Bean's transaction management type Bean's transaction management type Singleton Bean's transaction management type Bean's transaction management type N/A N/A For example, the following stateful session bean require a new transaction to be started for @PostConstruct and @PreDestroy lifecycle callback methods. @Statefulpublic class HelloBean { @PersistenceContext(type=PersistenceContextType.EXTENDED) private EntityManager em; @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW) @PostConstruct public void init() { myEntity = em.find(...); } @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW) @PostConstruct public void destroy() { em.flush(); }} Notice, by default the lifecycle callback methods are not transactional for backwards compatibility. They need to be explicitly opt-in to be made transactional. Opt-out of passivation for stateful session bean - If your stateful session bean needs to stick around or it has non-serializable field then the bean can be opt-out of passivation as shown. @Stateful(passivationCapable=false)public class HelloBean { private NonSerializableType ref = ... . . .} Simplified the rules to define all local/remote views of the bean. For example, if the bean is defined as: @Statelesspublic class Bean implements Foo, Bar { . . .} where Foo and Bar have no annotations of their own, then Foo and Bar are exposed as local views of the bean. The bean may be explicitly marked @Local as @Local@Statelesspublic class Bean implements Foo, Bar { . . .} then this is the same behavior as explained above, i.e. Foo and Bar are local views. If the bean is marked @Remote as: @Remote@Statelesspublic class Bean implements Foo, Bar { . . .} then Foo and Bar are remote views. If an interface is marked @Local or @Remote then each interface need to be explicitly marked explicitly to be exposed as a view. For example: @Remotepublic interface Foo { . . . }@Statelesspublic class Bean implements Foo, Bar { . . .} only exposes one remote interface Foo. Section 4.9.7 from the specification provide more details about this feature. TimerService.getAllTimers is a newly added convenience API that returns all timers in the same bean. This is only for displaying the list of timers as the timer can only be canceled by its owner. Removed restriction to obtain the current class loader, and allow to use java.io package. This is handy if you want to do file access within your beans. JMS 2.0 alignment - A standard list of activation-config properties is now defined destinationLookup connectionFactoryLookup clientId subscriptionName shareSubscriptions Tons of other clarifications through out the spec. Appendix A provide a comprehensive list of changes since EJB 3.1. ThreadContext in Singleton is guaranteed to be thread-safe. Embeddable container implement Autocloseable. A complete replay of Enterprise JavaBeans Today and Tomorrow from JavaOne 2012 can be seen here (click on CON4654_mp4_4654_001 in Media). The specification is still evolving so the actual property or method names or their actual behavior may be different from the currently proposed ones. Are there any improvements that you'd like to see in EJB 3.2 ? The EJB 3.2 Expert Group would love to hear your feedback. An Early Draft of the specification is available. The latest version of the specification can always be downloaded from here. Java EE 7 Specification Status EJB Specification Project JIRA of EJB Specification JSR Expert Group Discussion Archive These features will start showing up in GlassFish 4 Promoted Builds soon.Read the article
-
Alert user when their session is about to expire
- by budugu
Note: Cross posted from Vijay Kodali's Blog. Permalink Here is a quick and dirty trick to alert users on session timeout. This is not a perfect solution. But it will give reader an idea to work on... Some facts before we start: Session doesn't end When the user closes his browser When the user navigates away from your page When user connection lost. Session ends, when the server hasn't gotten a request from the user in a specific time (Session timeout value)....PermalinkRead the article
-
How do I pass session variables from one domain to another in PHP
- by Dave
Hi everyone, I have encountered a situation where I need to pass $_SESSION variables from one domain to an iFrame page from another domain. I have spent the last 16 days trying various methods to no avail. I think that the only logical way would be to encode the variables in the url that calls the iFrame and decode them in th iFrame page. I am not sure how to go about this and I am looking for any samples, assistance etc that I can find. Thanks for any and all suggestions. Here is an example of what I am trying to do... Example: <!-- Note only using hidden as I didn't want to build the form at test phase--> <form name="test" method="post" action="iframe_test.php"> <input type="submit" name="Submit" /> <input type="hidden" name="fName" value="abc" /> <input type="hidden" name="lName" value="def" /> <input type="hidden" name="address1" value="ghi" /> <input type="hidden" name="address2" value="jkl" /> <input type="hidden" name="country" value="mno" /> <input type="hidden" name="postal_code" value="pqr" /> <input type="hidden" name="city" value="stu" /> <input type="hidden" name="retUrl" value="vwx"> <input type="hidden" name="decUrl" value="yz"> So from here I am hitting the iframe_test.php and doing the following: PHP Code: function StripSpecChar($val) { return (preg_replace('/[^a-zA-Z0-9" "-.@\:\/_]/','', $val)); } foreach ($_POST as $key => $val) { $_SESSION[$key] = StripSpecChar($val); } and I get a session array that looks like this: Code: Array ( [fName] => abc [lName] => def [address1] => ghi [address2] => jkl [country] => mno [postal_code] => pqr [city] => stu [retUrl] => vwx [decUrl] => yz ) Still all good so far....call the iFrame Code: <body> Some page stuff here <div align="center"><span class="style1"><strong>This is the iFrame Page</strong></span> </div> <div align="center"> <iframe src="https://www.other_domain.org/iframe/reserve.php" width="500" height="350" frameBorder="0"></iframe> </div> </body> So HOW do I take... $_SESSION['fName']['abc']; $_SESSION['lName']['def']; $_SESSION['address1']['ghi']; $_SESSION['address2']['jkl']; $_SESSION['country']['mno']; $_SESSION['postal_code']['pqr']; $_SESSION['city']['stu']; $_SESSION['retUrl']['vwx']; $_SESSION['decUrl']['yz']; and turn it into the encoded url that I am looking for? Further once that is done how to I get the session vars back as session vars on that new domain iFrame page...Read the article
-
IIS7 Session ID rotating with Classic ASP
- by ManiacZX
I am trying to migrate a Classic ASP app onto a Windows 2008 R2 server. The application features run fine, but I am having issue with session. The application keeps the logged in user information in session and I am constantly getting knocked out as if the session had expired. While debugging I have discovered the sessions are not expiring but instead I am getting 2-3 different Session IDs in use by one browser. I am outputting Response.Write(Session.SessionID) on various pages in the application and I can sit there and hit refresh over and over and watch the number changed between these 2-3 SessionIDs randomly. The sessions are still valid because when I refresh and get the Session ID that I logged in under the page is displayed (because the security check was successful) and when I get one of the other Session IDs I get the "you aren't logged in, you need to log in" message. If I close and re-open the browser, same story just the set of IDs are new. This happens with IE8, Firefox and Chrome from multiple computers. Things I've tried: - AppPool set to No Managed Code and Classic - Output Caching set .asp to never cache - ASP Session Properties enabled and disabled asp session state and confirmed it affected page (error trying to read Session.SessionID when disabled) Things I've tried just in case but shouldn't have anything to do with ASP Session: - Disabled compression - Changed ASP.Net Session State properties (InProc, StateServer, SQLServer, Cookies, URI, etc) -Read the article
-
PHP (CodeIgniter) Pass Object Through Session
- by FranticPedantic
I am using PHP5 and CodeIgniter and I am trying to implement a single-sign on feature with facebook (although I don't think that facebook is relevant to the question). I am somewhat of a novice with PHP and definitely one with CodeIgniter, so if you think my approach is just completely off telling me that would be helpful too. So here is in short what I am doing: //Controller 1 $this->load->plugin("facebook"); $facebook = new Facebook(array ( 'appId' => $fbconfig['appid'], 'secret' => $fbconfig['secret'], 'cookie' => true, ) ); $fbsession = $facebook->getSession(); //works fine $this->session->set_userdata('facebook', serialize($facebook); Now I would like to grab that facebook object in a different controller. //Controller 2 $facebook = unserialize($this->session->userdata('facebook')); $fbsession = $facebook->getSession(); Produces the error: Call to undefined method getSession. So I look up more about serialization and think that maybe it just doesn't know what the facebook object's attributes are. So I add in a $this->load->plugin('facebook'); To controller 2 as well and I get a "Cannot redeclare class facebook." I am strongly suspecting that I am misunderstanding sessions here. Do I have to somehow tell PHP what kind of object it is? Thanks for the help.Read the article
-
Rackspace Cloud rewrite jpg causes Session reset
- by willoller
This may be the .Net version of this question. I have an image script with the following: ... Response.WriteFile(filename); Response.End(); I am rewriting .jpg files using the following rewrite rule in web.config: <rule name="Image Redirect" stopProcessing="true"> <match url="^product-images/(.*).jpg" /> <conditions> <add input="{REQUEST_URI}" pattern="\.(jp?g|JP?G)$" /> </conditions> <action type="Redirect" redirectType="SeeOther" url="/product-images/ProductImage.aspx?path=product-images/{tolower:{R:1}}.jpg" /> </rule> It basically just rewrites the image path into a query parameter. The problem is that (intermittently of course) Mosso returns a new Asp Session cookie which breaks the whole world. Directly accessing a static .jpg file does not cause this problem. Directly accessing the image script does not cause it either. Only rewriting a .jpg file to the .aspx script causes the Session loss. Things I have tried (From the Rackspace doc How can I bypass the cache?) I added Private cacheability to the image script itself: Response.Cache.SetCacheability(HttpCacheability.Private); I tried adding these cache-disabling nodes to web.config: <staticContent> <clientCache cacheControlMode="DisableCache" /> </staticContent> and <httpProtocol> <customHeaders> <add name="Cache-Control private" value="Cache-Control private" </customHeaders> </httpProtocol> The Solution I need The browser cache cannot be disabled. This means potential solutions involving Cache.SetNoStore() or HttpCacheability.NoCache will not work.Read the article
-
How to prevent session hijacking with SID (CGI perl)
- by Gnippots
I have a web app used by a small number of people (internal only) and am using a randomised sessionID that is stored under the user record and placed in various links. I have had a problem where users are sending links to each other which is allowing them to hijack the sender's session. What are some ways of preventing this from happening while still letting users send links to one another? Edit: The session ID in the link (which also contains $username) is just compared to what is stored in the User table. &incorrectLogin just prints an error followed by die; if ($sid) { $sth = $dbh->prepare("SELECT * FROM tbl_User WHERE UserID = '$username'"); $sth->execute(); $ref = $sth->fetchrow_hashref(); $session_chk = $ref->{'usr_sessionID'}; unless ($sid eq $session_chk) {&incorrectLogin;} } The problem is that if someone uses a link that is created by someone else, the page will load as them. I am not using cookies, and I recall being told in the past that CGI perl cookie handling is quite poor.Read the article
-
PHP/WordPress Session CountDown
- by Cameron
I have the following code to show how long a user has left before their session will expire, I am using WordPress. How can I do this? Thanks <script> var obj_Span; var n_Seconds = 0; var n_Minutes = 0; var n_Hours = 0; function F_ConvertNumberToString ( n_Num ) { var str_Num = String(n_Num); if ( str_Num.length < 2 ) str_Num = "0" + str_Num; return str_Num; } function F_CountDown () { if ( n_Hours == 0 && n_Minutes == 0 && n_Seconds == 0 ) { obj_Span.innerHTML = "(Sorry, your session has expired.)"; } else { if ( n_Seconds >= 0 ) n_Seconds --; if ( n_Seconds < 0 ) { n_Minutes --; n_Seconds = 59; } if ( n_Minutes >= 0 ) { window.setTimeout ( "F_CountDown()", 1000 ); } if ( n_Minutes < 0 ) { n_Hours --; n_Minutes = 59; window.setTimeout ( "F_CountDown()", 1000 ); } F_UpdateDisplay (); } } function F_UpdateDisplay ( ) { if ( document.getElementById ) { if (n_Hours > 0 ) obj_Span.innerHTML = "(Remaining " + F_ConvertNumberToString(n_Hours) + ":" + F_ConvertNumberToString(n_Minutes) + ":" + F_ConvertNumberToString(n_Seconds) + ")"; else obj_Span.innerHTML = "(Remaining " + F_ConvertNumberToString(n_Minutes) + ":" + F_ConvertNumberToString(n_Seconds) + ")"; } } function F_StartCountDown ( n_Session ) { obj_Span = document.getElementById ( "CountDown" ); n_Minutes = n_Session; n_Hours = Math.floor(n_Minutes/60); n_Minutes = n_Minutes - (60*n_Hours); F_CountDown (); } </script> <script> F_StartCountDown ( " code here... " ); </script> <span id="CountDown"></span>Read the article
-
Jetty 7 will not allow me to customize a session cookie path
- by Bob Obringer
Using Jetty 7.0.2, I am unable to set a custom session cookie path. I am hosting multiple sites on the same server using apache to proxy requests to the proper context. (replaced http as htp as stackoverflow thinks my multiple links might be spam) <VirtualHost *:80> ServerName context.domain.com ProxyRequests On ProxyPreserveHost Off <Proxy *:80> Order deny,allow Allow from 127.0.0.1 </Proxy> ProxyPass / htp://localhost:8080/context/ ProxyPassReverse / htp://localhost:8080/context/ <Location /> Order allow,deny Allow from all </Location> </VirtualHost> Jetty is running on the same server on port 8080 and my context is available @ /context The user accesses the application @ htp://context.domain.com but jetty is setting the path for the session cookie @ /context. This prevents the browser from accessing the cookie since the the actual path to the context is not being used. I need to override Jetty's default setting to set the cookie for the context, and set the path at the root ( / ). In my Jetty's webdefault.xml I have the following, which is partially working: <context-param> <param-name>org.eclipse.jetty.servlet.SessionCookie</param-name> <param-value>CustomCookieName</param-value> </context-param> <context-param> <param-name>org.eclipse.jetty.servlet.SessionPath</param-name> <param-value>/</param-value> </context-param> The cookie is properly set with a custom name, but it is NOT setting the SessionPath. No matter what I set the value to... it refuses to set a cookie at any path but /context. This has been driving me crazy so any help would be greatly appreciated.Read the article
-
How Session out trigger on browser close?
- by Hemant Kothiyal
Hi, Yesterday morning i open gmail account in Internet Exlorer second tab. I checked my mail and closed that tab (not browser). Then at the time of evining i again open second tab of browser and enetr gmail.com, it automatically redirect me at my email account without asking login. I shocked and i thought i should remain browser open for whole night and today open gmail in second tab , it behave similar means without login screen it redirect in my gmail account. Then i closed that tab and open another browser session and enter gmail i again surprised that i redirect me login page. At the same time i open second tab of first browser and it automatically redirect me at mail account page. What i councluded by this behaviour is that might be gmail server keep my browser id at their server so that whenever i eneter gmail.com on second tab of first browser, it automatically redirect me at gmail account. I don't know i am right or not? Please clear me this concept? What happens with my session at gmail server when i closed my browser tab? As per my opinion it should automatically logout me but why this doesn't happened?Read the article
-
Signed_request lost in ASP.NET session, confusing my website
- by Csabi
I have an ASP.NET MVC 3 website which is available both from a specific public url, and I'm also making be available as a Facebook App. Inside my website logic, in some places I have to determine whether the current request is from the Facebook-app, or from the public website, because I want to display content based on this environment. So, for eg. if the user is using my site as a facebook-app, then I want to display a picture, and if the user is using my site normally, then I don't wanna display a picture. To determine whether I'm from a Facebook app, I check the "signed_request" in the HttpContext.Request, and store it in the HttpSession to be available for my other actions, not just for that action (url) which is defined for my Facebook app. So when a child-action is executed, I can determine based on the Session, that the website is used as a FB-app or not. The problem happens, when the Session times out, because then althought the logic is still running inside Facebook, my logic thinks it's not inside Facebook. Any advice?Read the article
