Search Results

Search found 6642 results on 266 pages for 'wcf sessions'.

Page 224/266 | < Previous Page | 220 221 222 223 224 225 226 227 228 229 230 231 | Next Page >

Servlet Session - switch from URL Rewriting to Cookie

- by lajuette

Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to the target system. For that i need a valid session cookie. The target system is not under my control (could be a more or less public WFS, WMS, etc.), so i cannot add any SSO mechanism to it. Question: Is it possible to "steal" a Session forging a request which URL contains a valid session ID in the jsessionid parameter? Goal : Issue such a request to a Servlet and make it respond with a Set-Cookie header that contains the same id. That way the frontend joins the session and may do whatever the user, which was used to create the session, is able to do.

Read the article
Using Java server-side with PHP front-end

- by Storm

Hi! Does anyone have a real-world experience in building such a project? I'd like to move away questions about "is it good idea or not", but focus on possible solutions. I see one simple way - HTTP GET/POST + xml/json - and one more elegant - AJAX/DWR. As for the first one - I understand that it is possible, but needs quite a lot coding. As for second way - is it possible to use Java DWR engine with PHP front-end? Is DWR language-independent for client side (as it uses just JavaScript)? Would it be a problem, that client page was generated by one web server (for example, apache+php) and served on server-side by another (for example, tomcat)? I suspect, that Tomcat will complain about sessions. Can this problem be fixed with allowing cross-domain AJAX? Thank you in advance. Denis.

Read the article
Using a JMS Session from different threads

- by Evan

From the javadoc for Session it states: A Session object is a single-threaded context for producing and consuming messages. So I understand that you shouldn't use a Session object from two different threads at the same time. What I'm unclear on is if you could use the Session object (or children such as a Queue) from a different thread than the one it created. In the case I'm working on, I'm considering putting my Session objects into a pool of available sessions that any thread could borrow from, use, and return to the pool when it is finished with it. Is this kosher? (Using ActiveMQ BTW, if that impacts the answer at all.)

Read the article
Oracle global lock across process

- by Jimm

I would like to synchronize access to a particular insert. Hence, if multiple applications execute this "one" insert, the inserts should happen one at a time. The reason behind synchronization is that there should only be ONE instance of this entity. If multiple applications try to insert the same entity,only one should succeed and others should fail. One option considered was to create a composite unique key, that would uniquely identify the entity and rely on unique constraint. For some reasons, the dba department rejected this idea. Other option that came to my mind was to create a stored proc for the insert and if the stored proc can obtain a global lock, then multiple applications invoking the same stored proc, though in their seperate database sessions, it is expected that the stored proc can obtain a global lock and hence serialize the inserts. My question is it possible to for a stored proc in oracle version 10/11, to obtain such a lock and any pointers to documentation would be helpful.

Read the article
How do I reuse code in Zend Framework

- by Mario

I am working on a web application which requires the user to login before they see or do anything. No part of this app should be accessible without being logged in. (Except of course, the login controller) Currently I am using sessions to handle the authentication and I have put code in each controller in the init() function to check if their session is valid. This was a temporary workaround, but it is redundant and inefficient. I would like my init() function to be similar to the following, but I am not sure how to achieve it: public function init() { // If user not logged in redirect to login controller $myLibrary = Zend_Library_MyLibrary(); $myLibrary->CheckAuth(); } So my question really has two parts: Where is the best place to store code that will be used in multiple controllers? How do I then call that function from a controller? Thanks.

Read the article
How to get JSON back from HTTP POST Request (to another domain)

- by roman m

I'm trying to use the API on a website, here's the part of the manual: Authenticated Sessions (taken from here) To create an authenticated session, you need to request an authToken from the '/auth' API resource. URL: http://stage.amee.com/auth (this is not my domain) Method: POST Request format: application/x-www-form-urlencoded Response format: application/xml, application/json Response code: 200 OK Response body: Details of the authenticated user, including API version. Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls. Parameters: username / password Example Request POST /auth HTTP/1.1 Accept: application/xml Content-Type: application/x-www-form-urlencoded username=my_username&password=my_password Response HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...; authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...== Content-Type: application/xml; charset=UTF-8 QUESTION: How do I get that to work? I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated. p.s. All I was looking for was WebClient class in C#

Read the article
tomcat 6 - Cluster / BackupManager

- by Kevin

Hi, I have a question regarding Clustering (session replication/failover) in tomcat 6 using BackupManager. Reason I chose BackupManager, is because it replicates the session to only one other server. I am going to run through the example below to try and explain my question. I have 6 nodes setup in a tomcat 6 cluster with BackupManager. The front end is one Apache server using mod_jk with sticky session enabled Each node has 1 session each. node1 has a session from client1 node2 has a session from client2 .. .. Now lets say node1 goes down ; assuming node2 is the backup, node2 now has two sessions (for client2 and client1) The next time client1 makes a request, what exactly happens ? Does Apache "know" that node1 is down and does it send the request directly to node2 ? =OR= does it try each of the 6 instances and find out the hard way who the backup is ?

Read the article
PHP multiuser login class or script

- by FFish

I am looking for a simple but secure login script with mySQL PHP: sessions, MD5 that I can use with my exsisting database. Cookies to store password + password recovery by email. Change login/pass. I do not need registering, I register the user myself with temp login/pass. table agents agent1 agent2 table albums album1, owner: agent1 album2, owner: agent1 album3, owner: agent2 ... login.php agent1 logs in and has access to his albums: - album1 - album2 agent1 can edit his albums: edit.php?ref=album1 but NOT edit.php?ref=album3 by changing the ?ref variable

Read the article
Setting a property value on each of the results in a FetchedResults set

- by RickiG

Hi On my Core Data Entity "Book" i have a boolean property, 'wasViewed' (NSNumber numberWithBool) that tells me if the Book was "viewed". I would like to implement a sort of "reset" this property for all my NSManagedObjects "Book". So that I can set them all to NO between sessions. I use an NSPredicate to retrieve all the Books like this: NSPredicate *predicate = [NSPredicate predicateWithFormat:@"wasViewed == %@", [NSNumber numberWithBool:YES]]; // code for setting entity, request etc... NSMutableArray *mutableFetchResults = [[[managedObjectContext executeFetchRequest:request error:&error] mutableCopy] autorelease]; This is working just fine, however, now I need to set up a loop, go through each Book object, something like this: for(Book *b in mutableFetchResults) { [b setWasViewed:NO] } Is there a way to perform an action on each element that fits the predicate instead of retrieving it? So instead of executeFetchRequest on a managedObjectContext it could be executeOperationOnFetchRequestResults or something along those lines. Thanks for any input given:)

Read the article
Why Shouldn't I Programmatically Submit Username/Password to Facebook/Twitter/Amazon/etc?

- by viatropos

I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save some time. But I keep wondering, not being an authentication guru, why couldn't I just have a sleek login page saying "Enter username and password, and check your login service", and then in the background either scrape the login page from say EventBrite and programmatically submit the form with Mechanize, or use an API if there was one? It would be so much cleaner and such a better user experience if they didn't have to go through popups and redirects and they could use any previously existing accounts. My question is: What are the reasons why I shouldn't do something like that? I don't know much about the serious details of cookies/sessions/security, so if you could be descriptive or point me to some helpful links that would be awesome. Thanks!

Read the article
Restoring web session in struts2

- by bozo

Hi, I have a classical scenario of a website and payment gateway integration, where the request for payment is sent to payment processor, and the payment processor calls back my application once it's done with some parameters I passed to it in the original request. Among parameters, we pass jsessionid and we expect that when the remote server makes request to our server (via customer browser redirect to our server) that the session will be the same as the session used to send the initial payment request. This does not happen, we have two different sessions, although the payment processor includes our original jsessionid in the request to us (https://blabla/?jsessionid=something). How should we go about recreating a session in struts2, in the only thing that connects the 'OLD' and 'NEW' session is the jsessionid in the request URL? Any ideas? Is this possible at all or is the 'OLD' session data deleted when the user moves away from our server onto a completely different domain of a payment processor with their data-entry form? This would explain our innability to recreate the session. Thanks a lot for your replies.

Read the article
How do I assign a non-persistent (in-memory) cookie in ASP.NET?

- by Jørn Schou-Rode

The following code will send a cookie to the user as part of the response: var cookie = new HttpCookie("theAnswer", "42"); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); The cookie is of the persistent type, which by most browsers will be written to disk and used across sessions. That is, the cookie is still on the client's PC tomorrow, even if the browser and the PC has been closed in between. After a week, the cookie will be deleted (due to line #2). Non-persistent/in-memory cookies are another bread of cookies, which have a lifespan determined by the duration of the client's browsing session. Usually, such cookies are held in memory, and they are discarded when the browser is closed. How do I assign an in-memory cookie from ASP.NET?

Read the article
Vim 80 column layout concerns

- by cdleary

I feel like the way I do 80-column indication in Vim is incorrect: set columns=80. At times I also set textwidth but I like to be able to see and anticipate line overflow with the set columns alternative. This has some unfortunate side effects -- I can't set number for fear of splitting between files that have different orders of line numbers; i.e. < 100 line files and = 100 line files will require two different set columns values because of the extra column used for the additional digit display. I also start new (g)Vim sessions instead of splitting windows vertically, which forces me to use the window manager's clipboard -- vsplits force me to do set columns every time I open or close a pane, so starting a new session is less hassle. How do you handle the 80-character indication when you want to set numbers, vertically split, etc.?

Read the article
Ruby Equivalent of Python Requests Library (HTTP Client)

- by Hartator

There is a library in python that I love called requests. requests is a http client build on urllib3, top-notch :) (http://docs.python-requests.org/en/latest/) I am looking for something similar in ruby, basically what I need is : Upload files support (multipart/form-data) Easy get/post Cookies can be passed from a response object to a request object (build manually login script) Stable and Flexible Sessions support (to not have to handle cookies manually if we don't have too) I've looked at Typhoeus, but the code example in the home page doesn't work (they have moved code along and the get method is not longer directly accessible like that), so it's not starting well! :) Curb seems nice and I like curl, there is alson RestClient which seems popular and em-http seems pretty fast according to benchmark. There is a aso Patron and CurlFu which I haven't have the time to try. And of course Net:Http. But it doesn't seems to have a main stream solution that everyone point. I think a lot of people have been in my situation and I wonder what they have choosen and why?

Read the article
Exception handling in Boost.Asio

- by Alex B

Boost.Asio documentation suggests the following exception handling pattern: boost::asio::io_service io_service; ... for (;;) { try { io_service.run(); break; // run() exited normally } catch (my_exception& e) { // Deal with exception as appropriate. } } The problem with it is that the context of exception is lost at the point when it's handled. For example, if I have multiple socket sessions going on, I don't know which one caused the exception to be thrown. What would be a better way to handle the exceptions from asynchronous handlers without wrapping them in try/catch blocks?

Read the article
VB.Net 2008 Chrome or Firefox control

- by AndyD273

I'm trying to figure out a way to have multiple sessions at the same website at the same time. I've been using the SHDocVw.InternetExplorer control in Visual Studio 2008 to open a web browser and log in, but at times we need to use a separate login. I haven't found a way to do this using just internet explorer (it just uses the credentials of the first login), so I figure if I can find a similar control for another brower that allows DOM level access then I can just use that. If anyone knows of anything I can try that would be very helpful.

Read the article
PHP: session isnt saving before header redirect

- by Matt

Hi guys, I have read through the php manual for this problem and it seems quite a common issue but i have yet to find a solution. I am saving sessions in a database. My code is as follows: // session $_SESSION['userID'] = $user->id; header('Location: /subdirectory/index.php'); Then at the top of index.php after the session_start(), i have var_dumped the $_SESSION global and the userID is not in there. As i said ive looked through the PHP manual (http://php.net/manual/en/function.session-write-close.php) and neither session_write_close or session_regenerate_id(true) worked for me. Does anybody know a solution? Edit: I have session_start() at the top of my file. When i var_dump the session global before the header redirect, i see the userID in there, but not in the other file, which is in a subdirectory of this script Thanks, Matt

Read the article
how to setup rails Authenticity Token to work with multiple domains?

- by bwizzy

I'm building an app that uses subdomains as account handles (myaccount.domain.com) and I have my sessions configured to work across the sub-domains like so: config.action_controller.session = {:domain => '.domain.com'} In addition to the subdomain a user can input a real domain name when they are creating their account. My Nginx config is setup to watch for *.com *.net etc, and this is working to serve out the pages. The problem comes when a site visitor submits a comment form on a custom domain that was input by the user. The code is throwing an "Invalid AuthenticityToken" exception. I'm 99% sure this is because the domain the user is on isn't specified as the domain in the config.action_controller.session. Thus the authenticity token isn't getting matched up because Rails can't find their session. So, the question is: Can you set config.action_controller.session to more than 1 domain, and if so can you add / remove from that value at runtime without restarting the app?

Read the article
Does PHP session conflict with Share-Nothing-Architecture?

- by Morgan Cheng

When I first meet PHP, I'm amazed by the idea Sharing-Nothing-Architecture. I once in a project whose scalaiblity suffers from sharing data among different HTTP requests. However, as I proceed my PHP learning. I found that PHP has sessions. This looks conflict with the idea of sharing nothing. So, PHP session is just invented to make counterpart technology of ASP/ASP.NET/J2EE? Should high scalable web sites use PHP session?

Read the article
how to check session upon start in masterpage or in global.asax

- by user572276

i am new in asp.net form authentication and sessions i would like to know how to save session in masterpage or in global.asax and how to clear session how to better handle session timeout by redirecting to a page this is my web.config session settings <sessionState mode="InProc" cookieless="false" timeout="1"></sessionState> code in my masterpage if (Request.Url.AbsolutePath.EndsWith("SessionExpired.aspx", StringComparison.InvariantCultureIgnoreCase)) { HtmlMeta meta = new HtmlMeta(); meta.HttpEquiv = "Refresh"; meta.Content = "7; URL=./Login.aspx"; Page.Header.Controls.Add(meta); } else HttpContext.Current.Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + "; Url=./Public/SessionExpired.aspx");

Read the article
IIS 6 session timing out a lot quicker than expected

- by Echiban

I am working with an web application that has its sessions timing out a lot quicker than expected. We expected a timeout of 15 minutes but it's timing out at 3-4 minutes. Info about environment: IIS6 classic ASP / COM+ app timeout OK on current PROD, much quicker in dev / QA environments We already disabled app pool recycling, and even put IIS in isolation mode - no effect HTTP err log doesn't display any lines when session times out We've done a close comparison of PROD and DEV / QA environments, and given we use virtual machines on all of them, settings should be preserved. I tried to find IIS blog notes from David Wang but many of them now have HTTP 404 errors, and I don't know what else to do. Please help! At the very least, is there a way to get IIS to log every time a session expires? At the very least some means of logging / debugging IIS would be useful. Thanks in advance.

Read the article
gvim "open in new window" should change directory to the one of the current file

- by Flavius

Hi I'm working in gvim with sessions and tabs, and everything works great. However there is something that is bothering me. Say I have two files open: /A/B/foo.ext and /C/D/E/bar.ext, the latter being opened last. Now say I want to open /A/B/foobar.ext. I have to go through the hassle of navigating upwards to / and from there to /A/B. I would like to simply change my active tab to /A/B/foo.ext and have gvim automatically change its active directory to /A/B/, so that when I want to open /A/B/foobar.ext with /A/B/foo.ext being active, I'm already in the right CWD. This would be very time-saving if you work with two different projects at a time and need to switch back and forth between the two. Is there any such script that does just that? Thanks.

Read the article
Wicket app in embedded Jetty causes UnsupportedClassVersionError

- by Ondra Žižka

I've tried to run a Wicket app in an embedded Jetty, using this code: public static void main( String[] args ){ Server server = new Server(8080); Context root = new Context( server, "/", Context.SESSIONS ); FilterHolder filterHolder = new FilterHolder( new WicketFilter() ); filterHolder.getInitParameters().put("applicationClassName", cz.dw.test.WicketApplication.class.getName() ); root.addFilter( filterHolder, "/*" , Handler.ALL ); try { server.start(); } catch (Exception ex) { ex.printStackTrace(); } } But I got java.lang.UnsupportedClassVersionError: Bad version number in .class file. Switching the target class version for my app (1.6 - 1.5) did not help. I use Sun JDK 1.6.0_17, Wicket 1.4.8, Jetty 6.1.24. I tried to debug, but the JRE classes have no debug data. The stacktrace is of no use as it happens when loading the classes into JVM. Any ideas what could be wrong? How can I find which class is causing this? Thanks, Ondra

Read the article
NHibernate parent-childs save redundant sql update executed

- by Broken Pipe

I'm trying to save (insert) parent object with a collection of child objects, all objects are new. I prefer to manually specify what to save\update and when so I do not use any cascade saves in mappings and flush sessions by myself. So basically I save this object graph like: session.Save(Parent) foreach (var child in Parent.Childs) { session.Save(child); } session.Flush() I expect this code to insert Parent row, then each child row, however NHibernate executes this SQL: INSERT INTO PARENT.... INSERT INTO CHILD .... UPDATE CHILD SET ParentId=@1 WHERE Id=@2 This update statement is absolutely unnecessary, ParentId was already set correctly in INSERT. How do I get rid of it? Performance is very important for me.

Read the article
Selectively prevent Session from being created

- by Jean Barmash

In my app, I have an external monitor that pings the app ever few minutes and measures its uptime / response time Every time the monitor connects, a new server session is created, so when I look at the number of sessions, it's always a minimum of 15, even during times where there are no actual users. I tried to address this with putting the session creation code into a filter, but that doesn't seem to do it - I guess session automatically gets created when the user opens the first page? all() { before = { if (actionName=='signin') { def session = request.session //creates session if not exists } } } I can configure the monitor to pass in a paramter if I need to (i.e. http://servername.com/?nosession, but not sure how to make sure the session isn't created.

Read the article

< Previous Page | 220 221 222 223 224 225 226 227 228 229 230 231 | Next Page >