Search Results

Search found 76 results on 4 pages for 'jsessionid'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/4 | < Previous Page | 1 2 3 4  | Next Page >

  • Session Cookies and IE 8

    - by Matt Luongo
    I recently built a simple web-app deployed over Tomcat. The app uses pretty standard session based security where a user who has logged in is given a session. Sessions work fine in Firefox and Chrome, but require the use of jsessionid in the URL for IE (tested 7 & 8), set to medium privacy. In IE 8, I tried to override cookie handling, setting "Allow all 3rd party cookies" and "Allow all session cookies"- no dice. However, when I run Tomcat on my local machine, IE accepts the cookie, and sessions work just fine. And now, for the HTTP headers. From Chrome, a logged in user gets a session GET http://devl:8080/testing/ HTTP/1.1 Host: devl:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.1.249.1036 Safari/532.5 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 P3P: CP="NON CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA" Set-Cookie: JSESSIONID=9280023BCE2046F32B13C89130CBC397; Path=/testing Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 2450 Date: Fri, 26 Mar 2010 14:14:40 GMT GET http://devl:8080/testing/logout HTTP/1.1 Host: devl:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.1.249.1036 Safari/532.5 Referer: http://devl:8080/testing/ Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JSESSIONID=9280023BCE2046F32B13C89130CBC397 ... From IE 8, with standard medium level security and privacy- GET http://devl:8080/testing/ HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */* Accept-Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDC; Tablet PC 2.0) UA-CPU: AMD64 Accept-Encoding: gzip, deflate Host: devl:8080 Connection: Keep-Alive HTTP/1.1 200 OK Server: Apache-Coyote/1.1 P3P: CP="NON CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA" Set-Cookie: JSESSIONID=192999F922D6E9C868314452726764BA; Path=/testing Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 2450 Date: Fri, 26 Mar 2010 14:32:34 GMT GET http://devl:8080/testing/logout HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */* Referer: http://devl:8080/testing/;jsessionid=6371A83EFE39A46997544F9146AA5CEA Accept-Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDC; Tablet PC 2.0) UA-CPU: AMD64 Accept-Encoding: gzip, deflate Connection: Keep-Alive Host: devl:8080 ... I thought it might be P3P, but on adding a compact policy, nothing changes. This is the standard Tomcat session, so I'm really surprised I haven't been able to find other people with the same problem so far. Anyone have any ideas?

    Read the article

  • Varnish does not recognize req.hash

    - by Yogesh
    I have Varnish 3.0.2 on Redhat and service varnish start fails after I added vcl_hash section. I did varnishd and then loaded the vcl using vcl.load vcl.load default default.vcl Message from VCC-compiler: Unknown variable 'req.hash' At: ('input' Line 24 Pos 9) set req.hash += req.url; --------########------------ Running VCC-compiler failed, exit 1 cat default.vcl backend default { .host = "127.0.0.1"; .port = "8080"; } sub vcl_recv { if( req.url ~ "\.(css|js|jpg|jpeg|png|swf|ico|gif|jsp)$" ) { unset req.http.cookie; } } sub vcl_hash { set req.hash += req.url; set req.hash += req.http.host; if( req.httpCookie == "JSESSIONID" ) { set req.http.X-Varnish-Hashed-On = regsub( req.http.Cookie, "^.*?JSESSIONID=([a-zA-z0-9]{32}\.[a-zA-Z0-9]+)([\s$\n])*.*?$", "\1" ); set req.hash += req.http.X-Varnish-Hashed-On; } return(hash); } What could be wrong?

    Read the article

  • Security and authentication in web services

    - by King
    Lets say we have a website that uses a web service for all of its functionality (i.e. retrieving and updating data from/to db), how does the web service authenticate requests? As I understand it, in a traditional java "website" a user provides a username & password, and upon validation a jsessionid is assigned to the user (client browser). Every time the client browser asks the website for something, the site checks for the jsessionid ensuring that the user is registered and authenticated. Is there a web services equivalent of this? If yes, what?

    Read the article

  • Python - urllib2 & cookielib

    - by Adrian
    I am trying to open the following website and retrieve the initial cookie and use it for the second url-open BUT if you run the following code it outputs 2 different cookies. How do I use the initial cookie for the second url-open? import cookielib, urllib2 cj = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) home = opener.open('https://www.idcourts.us/repository/start.do') print cj search = opener.open('https://www.idcourts.us/repository/partySearch.do') print cj Output shows 2 different cookies every time as you can see: <cookielib.CookieJar[<Cookie JSESSIONID=0DEEE8331DE7D0DFDC22E860E065085F for www.idcourts.us/repository>]> <cookielib.CookieJar[<Cookie JSESSIONID=E01C2BE8323632A32DA467F8A9B22A51 for www.idcourts.us/repository>]>

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    Hello, I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • JBoss7 load balancing with mod_proxy_balancer - session not working

    - by Phil P.
    I am trying to set up mod_proxy_balancer for routing requests to 2 jboss7-servers. For the time being I am testing this setup on my local machine, using following config in httpd.conf: ProxyRequests Off <Proxy \*> Order deny,allow Deny from all </Proxy> ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid scolonpathdelim=On <Proxy balancer://mycluster> BalancerMember http://localhost:8080 route=node1 BalancerMember http://localhost:8081 route=node2 Order allow,deny Allow from all </Proxy> and in the standalone.xml file of each jboss I have defined the jvmRoute system property: <system-properties> <property name="jvmRoute" value="node1"/> </system-properties> At http:// localhost/myapp the application is accessible but the java-session is not build up correctly. Consequently the authentication is not working. The funny thing is, that everything is working if I turn off one JBoss-instance. As I have tried a couple of settings already, I am thankful for any further suggestions.

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • apache mod_cache in v2.2 - enable cache based on url

    - by Janning
    We are using apache2.2 as a front-end server with application servers as reverse proxies behind apache. We are using mod_cache for some images and enabled it like this: <IfModule mod_disk_cache.c> CacheEnable disk / CacheRoot /var/cache/apache2/mod_disk_cache CacheIgnoreCacheControl On CacheMaxFileSize 2500000 CacheIgnoreURLSessionIdentifiers jsessionid CacheIgnoreHeaders Set-Cookie </IfModule> The image urls vary completely and have no common start pattern, but they all end in ".png". Thats why we used the root in CacheEnable / If not served from the cache, the request is forwarded to an application server via reverse proxy. So far so good, cache is working fine. But I really only need to cache all image request ending in ".png". My above configuration still works as my application server send an appropriate Cache-Control: no-cache header on the way back to apache. So most pages send a no-cache header back and they get not cached at all. My ".png" responses doesn't send a Cache-Control header so apache is only going to cache all urls with ".png". Fine. But when a new request enters apache, apache does not know that only .png requests should be considered, so every request is checking a file on disk (recorded with strace -e trace=file -p pid): [pid 19063] open("/var/cache/apache2/mod_disk_cache/zK/q8/Kd/g6OIv@woJRC_ba_A.header", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) I don't want to have apache going to disk every request, as the majority of requests are not cached at all. And we have up to 10.000 request/s at peak time. Sometimes our read IO wait spikes. It is not getting really slow, but we try to tweak it for better performance. In apache 2.4 you can say: <LocationMatch .png$> CacheEnable disk </LocationMatch> This is not possible in 2.2 and as I see no backports for debian I am not going to upgrade. So I tried to tweak apache2.2 to follow my rules: <IfModule mod_disk_cache.c> SetEnvIf Request_URI "\.png$" image RequestHeader unset Cache-Control RequestHeader append Cache-Control no-cache env=!image CacheEnable disk / CacheRoot /var/cache/apache2/mod_disk_cache #CacheIgnoreCacheControl on CacheMaxFileSize 2500000 CacheIgnoreURLSessionIdentifiers jsessionid CacheIgnoreHeaders Set-Cookie </IfModule> The idea is to let apache decide to serve request from cache based on Cache-control header (CacheIgnoreCacheControl default to off). And before simply set a RequestHeader based on the request. If it is not an image request, set a Cache-control header, so it should bypass the cache at all. This does not work, I guess because of late processing of RequestHeader directive, see https://httpd.apache.org/docs/2.2/mod/mod_headers.html#early I can't add early processing as "early" keyword can't be used together with a conditional "env=!image" I can't change the url requesting the images and I know there are of course other solutions. But I am only interested in configuring apache2.2 to reach my goal. Does anybody has an idea how to achieve my goal?

    Read the article

  • Problem with Google App Engine Appstats

    - by Taylor L
    I'm having an issue getting Appstats to work correctly. Using /appstats or /appstats/stats ends up in an infinite loop that keeps redirecting back to /appstats/stats. This results in a 404 error saying the page isn't redirecting properly. Any idea what the issue is? Here are the relevant lines in my appengine-web.xml. I've tried using both /appstats/stats and /appstats and they both have the same issue. <admin-console> <page name="Appstats" url="/appstats/stats" /> </admin-console> Below are the http headers showing the infinite redirect loop: http://mysite.appspot.com/appstats/stats GET /appstats/stats HTTP/1.1 Host: mysite.appspot.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: USER_LOCALE=en_US; JSESSIONID=POTIUPPpEmjHZoaNDWOSTA; ACSID=AJKiYcHiwT8jH7e01V9O5iFu3kpBhDd3k3oBwwxylv5u0DbJ- utvdpsgdb4Xim2WXwobkJmgTGGljvuh94_yVQ__- VPnBsTtUAhRjSyZ2Lv3G7oUHAxTsCWHJIMChGT3- XUyUNx8wxwvJisL_RTXH8Hc4TTLh_rVHm2k8gk8kgdbVZXexSV0K- a3coELTecWIBolt0qLd5L-5vALm382KsqbHorPXqoZMPTvR_06g_mR1cbmF2Ihnk6YhP7no58BNpESM9HvFyKNKXODo39hF4oaZCcW0Q9TBqUMgsrBqlcIh3- VvC7qvH0n_nAtrLTBbK_swnOFvCDcaf3whT9ty0CJ0VRNuNqIPOLHIeQAMgwXUNMr89P64EsgmuyONHR67glCQXEPOGXIaT1vcBJFwFoeNUqjdp824fHvoVhaL7Xlav- LTIFuM3f_ymHLmibk57PRuXUYEaAG HTTP/1.1 302 Found Location: http://mysite.appspot.com/appstats/stats X-AppEngine-Estimated-CPM-US-Dollars: $0.645553 X-AppEngine-Resource-Usage: ms=18965 cpu_ms=27884 api_cpu_ms=0 Set-Cookie: ACSID=AJKiYcF_YA7PB18b3T5OO7vEMo31f1hFhO8xKqFRiBUGrCr4YABAAyugZXcDfKMOM- r0FiK8xlOPfQWx3tOWIJ6ueOqK89X8M9YfHIs8WKUcSs6PwNZSKV0HKxvbqeWxfZI_cpo2YoS73s_RPlyEvjaYLOf6iXPpWeYyKTAbSqPOEBnVnTk3oso6ur66CIj3FnN8vsHfbanqY4sbaRsNj9pLjWZco0quYLOK1fd4wRZx_oAvk3jOlfAj7BZ7p9L1bO8oVCMpVn19cwT6zvO2-9RSjfiOPAacw7Cg0MT30r7Fr7SCj7VcSPAye4lc7tb9KL9ztZEk0xbEX-9vC6vHM_VfPJ54Kb_FycxE6lACsKTE4hj0bOa2-2quaOP0NSxfoH9ozLlQQCsGhpWBnlu__W06D0GqDqxcDUu2HocYqWuLi91aoa- aRTkqB_qo4aAa3OvHeKoFgwrS; expires=Mon, 12-Apr-2010 19:41:49 GMT; path=/ Date: Sun, 11 Apr 2010 19:42:08 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Content-Type: text/html Server: Google Frontend Content-Length: 0 ---------------------------------------------------------- http://mysite.appspot.com/appstats/stats GET /appstats/stats HTTP/1.1 Host: mysite.appspot.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: USER_LOCALE=en_US; JSESSIONID=POTIUPPpEmjHZoaNDWOSTA; ACSID=AJKiYcF_YA7PB18b3T5OO7vEMo31f1hFhO8xKqFRiBUGrCr4YABAAyugZXcDfKMOM- r0FiK8xlOPfQWx3tOWIJ6ueOqK89X8M9YfHIs8WKUcSs6PwNZSKV0HKxvbqeWxfZI_cpo2YoS73s_RPlyEvjaYLOf6iXPpWeYyKTAbSqPOEBnVnTk3oso6ur66CIj3FnN8vsHfbanqY4sbaRsNj9pLjWZco0quYLOK1fd4wRZx_oAvk3jOlfAj7BZ7p9L1bO8oVCMpVn19cwT6zvO2-9RSjfiOPAacw7Cg0MT30r7Fr7SCj7VcSPAye4lc7tb9KL9ztZEk0xbEX-9vC6vHM_VfPJ54Kb_FycxE6lACsKTE4hj0bOa2-2quaOP0NSxfoH9ozLlQQCsGhpWBnlu__W06D0GqDqxcDUu2HocYqWuLi91aoa- aRTkqB_qo4aAa3OvHeKoFgwrS HTTP/1.1 302 Found Location: http://mysite.appspot.com/appstats/stats X-AppEngine-Estimated-CPM-US-Dollars: $0.002243 X-AppEngine-Resource-Usage: ms=64 cpu_ms=93 api_cpu_ms=0 Date: Sun, 11 Apr 2010 19:42:08 GMT Content-Type: text/html Server: Google Frontend Content-Length: 0

    Read the article

  • Existing connexion on Apache and mod_proxy_balancer don't fail over second JBoss node

    - by Jean-Rémy Revy
    I have a Jboss farm, load balanced by Apache HTTP + mod_proxy_balancer and mod_proxy_ajp, with the following configuration : <VirtualHost *:80> ServerName web-gui-acceptance.myorg.com ServerAlias web-gui-acceptance ProxyRequests Off ProxyPass /web-gui balancer://jbosscluster/web-gui stickysession=JSESSIONID nofailover=On ProxyPassReverse /web-gui http://srvlnx01.myorg.com:8080/web-gui ProxyPassReverse /web-gui http://srvlnx02.myorg.com:8080/web-gui <Proxy *> AuthType Kerberos [...] </Proxy> <Proxy balancer://jbosscluster> BalancerMember ajp://srvlnx01.myorg.com:8009 route=SRVLNX01_node1 BalancerMember ajp://srvlnx01.myorg.com:8009 route=SRVLNX02_node1 ProxySet lbmethod=byrequests </Proxy> </VirtualHost> When the first JBoss node fail (the hosting VM is down), my existing connexions don't fail over the second node ... the fist route is keeped (in table / .shm ?) and that provide me 503 errors. Can someone tell me what I missed ?

    Read the article

  • Function key taken by another program, how to default it

    - by Milox
    Everytime I press the F11 key it opens up a browser window with the same URL. This happens anywhere I press it and I need this key to have it's default behavior because I use it to program on Visual Studio (Windows 7). Any ideas why this is happening and how to go back to default function keys?, I haven't installed anything that I remember can cause this behavior. This is a standard Dell desktop key board, no multimedia keys, like this one: Firing URL is http://argos:8080/Login.jsp?jsessionid=55rh3obsahm9m seems like one of our company's internal addresses but IT guys say they have no idea about it. I don't see any suspicious software that can be causing this.

    Read the article

  • Perl - WWW::Mechanize Cookie Session Id is being reset with every get(), how to make it stop?

    - by Phill Pafford
    So I'm scraping a site that I have access to via HTTPS, I can login and start the process but each time I hit a new page (URL) the cookie Session Id changes. How do I keep the logged in Cookie Session Id? #!/usr/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use LWP::Debug qw(+); use HTTP::Request; use LWP::UserAgent; use HTTP::Request::Common; my $un = 'username'; my $pw = 'password'; my $url = 'https://subdomain.url.com/index.do'; my $agent = WWW::Mechanize->new(cookie_jar => {}, autocheck => 0); $agent->{onerror}=\&WWW::Mechanize::_warn; $agent->agent('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100407 Ubuntu/9.10 (karmic) Firefox/3.6.3'); $agent->get($url); $agent->form_name('form'); $agent->field(username => $un); $agent->field(password => $pw); $agent->click("Log In"); print "After Login Cookie: "; print $agent->cookie_jar->as_string(); print "\n\n"; my $searchURL='https://subdomain.url.com/search.do'; $agent->get($searchURL); print "After Search Cookie: "; print $agent->cookie_jar->as_string(); print "\n"; The output: After Login Cookie: Set-Cookie3: JSESSIONID=367C6D; path="/thepath"; domain=subdomina.url.com; path_spec; secure; discard; version=0 After Search Cookie: Set-Cookie3: JSESSIONID=855402; path="/thepath"; domain=subdomain.com.com; path_spec; secure; discard; version=0 Also I think the site requires a CERT (Well in the browser it does), would this be the correct way to add it? $ENV{HTTPS_CERT_FILE} = 'SUBDOMAIN.URL.COM'; ## Insert this after the use HTTP::Request... Also for the CERT In using the first option in this list, is this correct? X.509 Certificate (PEM) X.509 Certificate with chain (PEM) X.509 Certificate (DER) X.509 Certificate (PKCS#7) X.509 Certificate with chain (PKCS#7)

    Read the article

  • Why am I getting a new session ID on every page fetch in my Perl WWW::Mechanize script?

    - by Phill Pafford
    So I'm scraping a site that I have access to via HTTPS, I can login and start the process but each time I hit a new page (URL) the cookie Session Id changes. How do I keep the logged in Cookie Session Id? #!/usr/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use LWP::Debug qw(+); use HTTP::Request; use LWP::UserAgent; use HTTP::Request::Common; my $un = 'username'; my $pw = 'password'; my $url = 'https://subdomain.url.com/index.do'; my $agent = WWW::Mechanize->new(cookie_jar => {}, autocheck => 0); $agent->{onerror}=\&WWW::Mechanize::_warn; $agent->agent('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100407 Ubuntu/9.10 (karmic) Firefox/3.6.3'); $agent->get($url); $agent->form_name('form'); $agent->field(username => $un); $agent->field(password => $pw); $agent->click("Log In"); print "After Login Cookie: "; print $agent->cookie_jar->as_string(); print "\n\n"; my $searchURL='https://subdomain.url.com/search.do'; $agent->get($searchURL); print "After Search Cookie: "; print $agent->cookie_jar->as_string(); print "\n"; The output: After Login Cookie: Set-Cookie3: JSESSIONID=367C6D; path="/thepath"; domain=subdomina.url.com; path_spec; secure; discard; version=0 After Search Cookie: Set-Cookie3: JSESSIONID=855402; path="/thepath"; domain=subdomain.com.com; path_spec; secure; discard; version=0 Also I think the site requires a CERT (Well in the browser it does), would this be the correct way to add it? $ENV{HTTPS_CERT_FILE} = 'SUBDOMAIN.URL.COM'; ## Insert this after the use HTTP::Request... Also for the CERT In using the first option in this list, is this correct? X.509 Certificate (PEM) X.509 Certificate with chain (PEM) X.509 Certificate (DER) X.509 Certificate (PKCS#7) X.509 Certificate with chain (PKCS#7)

    Read the article

  • Load balancing and sessions

    - by vtortola
    Hi there, What is the better approach for load balancing on web servers? My services run in .NET and Mono, so they could be hosted on IIS or Apache2, and the will have to provide SSL connection. I've read two main approaches, store the state in a common server and use sticky sessions, there is any other else? I've read 3 diffent things about sticky sessions: 1)the load balancing device will know with which server did you start the connection and all the further connections from that host will be routed to the same server. 2)the load balancing devide read a cookie named: JSESSIONID 3)the load balancing devide read a cookie named: ASPSESSIONID I'm a little bit confused, what will happen exactly? As the connections will be SSL there is not a chance for the load balancing devide of read the cookies, so then what? About store the estate in a common server, what solutions do you know? I've read memcache is a good solution but is there any other else? Cheers.

    Read the article

  • Best way for allowing subdomain session cookies using Tomcat

    - by Andrew Ingram
    By default tomcat will create a session cookie for the current domain. If you are on www.example.com, your cookie will be created for www.example.com (will only work on www.example.com). Whereas for example.com it will be created for .example.com (desired behaviour, will work on any subdomain of example.com as well as example.com itself). I've seen a few Tomcat valves which seem to intercept the creation of session cookies and create a replacement cookie with the correct .example.com domain, however none of them seem to work flawlessly and they all appear to leave the existing cookie and just create a new one. This means that two JSESSIONID cookies are being sent with each request. I was wondering if anybody has a definitive solution to this problem.

    Read the article

  • Play framework 1.x on Tomcat - httpOnly cookies

    - by aishwarya
    I'm setting application.session.httpOnly=true in the application.conf and generating a war file and deploying on tomcat. I still see the cookie generated as HttpOnly=No and it is editable. This is an issue with play 1.x running on tomcat 6 (i.e. servlet api 2.x). Apparently, http only flag for cookies was only introduced in servlet 3.0 and so is only available in tomcat 7+ has anybody identified a workaround for this so far (so I could have http only cookies for play 1.x on tomcat 6.x ) ? the httpOnly flag on context in tomcat only works for tomcat's jsessionid cookie... also, can I run a play 1.x app on servlet 3.0 ? PS: This was also posted on the play framework's google groups but we did not receive a response and so posting on SO.

    Read the article

  • Load balancing, connection loop

    - by Iapilgrim
    Hi all, I've set up load balancing using Apache, Tomcat through ajp connector. Here the config Apache/httpd.conf BalancerMember ajp://10.0.10.13:8009 route=osmoz-tomcat-1 retry=5 BalancerMember ajp://10.0.10.14:8009 route=osmoz-tomcat-2 retry=5 < Location / Allow From All ProxyPass balancer://tomcatservers/ stickysession=JSESSIONID nofailover=off ProxyPassReverse / < /Location When I try to access https://mycms.net/apps/bo/signin I see the connection loop forever ( redirection forever). I don't know why. This happens sometimes. So my question are: Is there any way Apache make connection loop? Is there a tool help me to monitor the connection? My question may not clear but I don't have any glue right now. Thanks

    Read the article

  • How to decompress/inflate an XML response from ASP

    - by krisg
    Can anyone provide some insight into how i'd go about decompressing an XML response in classic ASP. We've been handed some code and asked to get it working: Set oXMLHttp = Server.CreateObject("MSXML2.ServerXMLHTTP") URL = HttpServer + re_domain + ".do;jsessionid=" + ue_session + "?" + data oXMLHttp.setTimeouts 5000, 60000, 1200000, 1200000 oXMLHttp.open "GET", URL, false oXMLHttp.setRequestHeader "Accept-Encoding", "gzip" oXMLHttp.send() if oXMLHttp.status = 200 Then if oXMLHttp.responseText = "" then htmlrequest_get = "Empty Response from Server" else htmlrequest_get = oXMLHttp.responseText end if else ... Apparently now that the response is compressed using gzip, we have to un-compress the XML response before we can start to work with the data. How should i go about this?

    Read the article

  • accessing pdf via https URL

    - by Paul
    I send out a newsletter email containing URLs to a https website that then redirects to a pdf document. On first invocation of a URL the user is prompted with the typical https browser "security alert" popup, on selecting "Yes" the display of the PDF fails. The HTTP Header on the failed response is: HTTP/1.1 200 OK Server: ECS/HTTP-Server Date: Tue, 16 Mar 2010 15:57:26 GMT Content-type: application/pdf Content-language: en-US Set-cookie: JSESSIONID=0000r111cRz1Vc-PtCJg8Cdu4eR:-1; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close Subsequent invocations of the URL successfully opens the PDF (at this point we have the session id cookie set by the initial failed request). The HTTP Header on the successful response is: HTTP/1.1 200 OK Server: ECS/HTTP-Server Date: Tue, 16 Mar 2010 16:53:03 GMT Content-type: application/pdf Content-language: en-US Connection: close The email client is Lotus Notes 6.5 which launches an IE6 browser Any ideas?

    Read the article

  • Cookie questions in Java

    - by user220201
    Hi, How do I differentiate between multiple cookies set through my site? I am setting two kinds of cookies one to see if the user has visited the site or not and an other one for authentication. How do I differentiate between these two? I get both of them when someone accesses a page after authentication. Do I add extra information to the Cookie Value or is there some other way? I understand the setName() function will change the name (from jsessionid) for every cookie from then on. Am I correct? Pav

    Read the article

  • Can Tomcat provide seperate (or HTTPS only) sessions for HTTPS requests?

    - by Joe
    I have a web application which contains both secure (SSL) and non-secure pages. A user can login to the site and must appear logged-in in both the SSL and non-SSL areas. (NB. SSL isn't implemented via Tomcat, but via Apache HTTPD servers which sit in front of Tomcat - so Tomcat has no SSL configuration.) The logged-in state is currently maintained via a servlet session (using Tomcat's vanilla session management). The obvious issue with this approach is that the JSESSIONID cookie is transported over both HTTP and HTTPS connections, meaning that it's potentially possible to intercept it and hijack the session. Are there any solutions to this without rolling our own session management (i.e. does Tomcat cater for this situation)? I'm prepared to implement our own session management, but don't want to reinvent something that may already be supported.

    Read the article

  • Reading value of cookie using curl in php

    - by james
    Hello, Im using Firefox 3.5.9. When i visit a url , it sets a cookie on my computer.I can see this cookie in Firefox by going to Tools-Options-Privacy,then clicking on 'Remove Individual Cookies'. There is a folder called xyz,which contains a cookie named JSessionId and which has some Content value . If i use curl in my php code to navigate to that website,is there a way i can read the Content value of that cookie programmatically ? . Some sample code would be really appreciated. Thank You

    Read the article

  • Setting cookie in LiftFilter

    - by Gero
    Hi, How do I set a cookie in a LiftFilter.doFilter method? I tried to set the cookie as follows (stripped some code): class AuthenticationFilter extends LiftFilter { override def doFilter(request: ServletRequest, response: ServletResponse , chain: FilterChain) { val cookie = new HTTPCookie("SomeCookie", Full("" + System.nanoTime), Empty, Full("/authentication"), Full(60 * 60 * 24 * 14), Empty, Empty) cookie.setPath("/somePath") S.addCookie(cookie) val httpResp = response.asInstanceOf[HttpServletResponse] httpResp.sendRedirect("/some/page.html") } } However, when I check the browsers cookie, no cookie is set (apart from JSESSIONID), and I know the doFilter method is being executed because of logging messages and the fact that the browser is redirected to /some/page.html. I'm using Scala 2.8, Lift 2.1-SNAPSHOT and the app is running is GAE (1.3.6, only tested on dev_appserver so far). Any ideas? Thanks, Gero

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4  | Next Page >