Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 25/420 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >

  • Is it safe to access asp.net session variables through static properties of a static object?

    - by Ronnie Overby
    Is it safe to access asp.net session variables through static properties of a static object? Here is what I mean: public static class SessionHelper { public static int Age { get { return (int)HttpContext.Current.Session["Age"]; } set { HttpContext.Current.Session["Age"] = value; } } public static string Name { get { return (string)HttpContext.Current.Session["Name"]; } set { HttpContext.Current.Session["Name"] = value; } } } Is it possible that userA could access userB's session data this way?

    Read the article

  • IIS 6 session timing out a lot quicker than expected

    - by Echiban
    I am working with an web application that has its sessions timing out a lot quicker than expected. We expected a timeout of 15 minutes but it's timing out at 3-4 minutes. Info about environment: IIS6 classic ASP / COM+ app timeout OK on current PROD, much quicker in dev / QA environments We already disabled app pool recycling, and even put IIS in isolation mode - no effect HTTP err log doesn't display any lines when session times out We've done a close comparison of PROD and DEV / QA environments, and given we use virtual machines on all of them, settings should be preserved. I tried to find IIS blog notes from David Wang but many of them now have HTTP 404 errors, and I don't know what else to do. Please help! At the very least, is there a way to get IIS to log every time a session expires? At the very least some means of logging / debugging IIS would be useful. Thanks in advance.

    Read the article

  • PHP session destroyed / lost after header

    - by ILMV
    I've got a script that sets some session values before redirecting to / using header(). I've read many posts about the $_SESSION variable being destroyed / lost after header(), even after I implemented this: // set session here session_regenerate_id(true); session_write_close(); header("Location: /"); session_start() is set in the correct places, does anyone know of anything that I might be missing? On the index.php page I have this: session_start(); print_r($_SESSION); // outputs nothing :'( The code is pretty complex so will not post it all, just snippets.

    Read the article

  • Combining Session and Cache

    - by Zyphrax
    To make my extranet web application even faster/more scalable I think of using some of the caching mechanisms. For some of the pages we'll use HTML caching, please ignore that technique for this question. E.g.: at some point in time 2500 managers will simultaneously login on our application (most of them with the same Account/Project) I think of storing an Account-cachekey and Project-cachekey into the user's Session and use that to get the item from the Cache. I could have simply stored the Account into the session, but that would result in 2500 of the same Accounts in memory. Is there a better solution to this or does it make sense :)?

    Read the article

  • Using ASP.NET Session for Lifetime Management (Unity)

    - by Sigray
    I am considering using Unity to manage the lifetime of a custom user class instance. I am planning on extending the LifetimeManager with a custom ASP.NET session manager. What I want to be able to do is store and retrieve the currently logged in user object from my custom classes, and have Unity get the instance of User from the session object in ASP.NET, or (when in a Win32 project) retrieve it statically or from the current thread. So far my best solution is to create a static instance of my Unity container on startup, and use the Resolve method to get my User object from each of my classes. However, this seems to create a dependency on the unity container in my other classes. What is the more "Unity" way of accomplishing this goal? I would like to be able to read/replace the current User instance from any class.

    Read the article

  • Hibernate session method to update object

    - by EugeneP
    I need this roadmap of a Hibernate managed object instance. First, I create an instance with initial properties and persist this object in a db. Then session associated with this object is closed. But still, I serialize my object and on the next step deserialize it, invoke some setters, and again, I need to update what changed in a database. What methods of Hibernate session should I use? persist() or save() on the first step and saveOrUpdate() on the second? In fact I see that saveOrUpdate() can be used on each step. What would you recommend?

    Read the article

  • Using Session Variables inside an ajax document

    - by Pete Herbert Penito
    Hi, For some reason I've having problems reading this session variable within an ajax document, I've got this inside online.php: ` session_start(); if (isset($_SESSION['username'])) { $username = $_SESSION['username']; } ` For some Reason this is not setting username even when the session var is being used on the host page, i call on the php file every second using this ` $(document).ready(function() { var refreshId = setInterval(function() { $('#timeval').load('online.php'); }, 1000); $("#stop").click(function() { clearInterval(refreshId); }); }); ` Am I doing something wrong, or is this not even possible?? Any advice would really help thanks alot!

    Read the article

  • JSF session issue

    - by user234194
    I have got a situation where I have list of records say 10,000, I am using datatable and I am using paging,(10 records per display). I wanted to put put that list in the session as: facesContext........put("mylist", mylist); And in the getters of the mylist, I have public List<MyClass> getMyList() { if(mylist== null){ mylist= (List<MyClass>) FacesContext......getSessionMap().get("mylist"); } return mylist; } Now the problem is whene ever i click on paging button to go to second page, only the first records are displayed, I know i am missing some thing, and I have few questions: Is the way of putting the list in session correct. Is this the way I should be calling the list in my case. Thnaks in advance...

    Read the article

  • Is encrypting session id (or other authenticate value) in cookie useful at all?

    - by Ji
    In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption. Be be more specific, For authentication purpose, turn off session, i don't want to deal with session time out any more store some sort of id value in the cookie, on the server side, check if the id value exists and matches, if it is, authenticate user. let the cookie value expire when browser session is ended, this way. vs Asp.net form authentication mechanism (it relies on session or session id, i think) does latter one offer better security?

    Read the article

  • ASP MVC: Keeping track of logged in users.

    - by user323395
    I'm creating a ASP MVC application. And because of the complex authorization i'm trying to build my own login system. (So i'm not using asp membership providers, and related classes). Now i'm able to create new accounts in the database with hashed passwords. But how do i keep track that a user is logged in. Is generating a long random number and putting this with the userID in the database and cookie enough? Sorry for my rather bad english! Ty in advance :)

    Read the article

  • What is the pros and cons in using FormsAuthentication to persist login cookie?

    - by stacker
    What is the pros and cons in using FormsAuthentication to persist a login cookie? I see that StackOverflow ignore FormsAuthentication and instead implemented a different strategy to persist a login cookie. Pros Out of the box implementation for persistent login feature. Cons The login feature depends on the machine key which mean that I need to make sure that the machine key is the same on all the servers in the farm. The cookie contains wired encrypted values that don't really make sense to store in the cookie.

    Read the article

  • Session State Anti-Pattern

    - by Curiosity
    I know the SOLID principles and other design patterns fairly well and have been programming for some time now - seeing many a bit of code throughout the years. Having said that, I'm having trouble coming up with a name to give the pattern, or lack thereof, to bits of code I've been dealing with at a current engagement. The application is an ASP.NET C# WebForms application, backed by a SQL Server/Mainframe backend (more mainframe than backend) and it's riddled with Session State properties being accessed/mutated from multiple pages/classes. Accessing/mutating global variables/application state was usually shunned upon while I was in school. Apparently the creators of this magnificent application didn't think it was such a bad idea. Question: Is there a name for such a pattern/anti-pattern that relies so heavily on Session State? I'd like to call the pig by its name ...

    Read the article

  • What's a good FOSS java servlet session replication solution

    - by Bossy Joe
    I work on a very high volume public website running on Tomcat 5.5. Currently we require stickiness to a particular server in order to maintain session. I'd like to start replicating session, but have had trouble finding a good FOSS solution. I've written my own Manager (using memcached as the store) but am having trouble dealing with race conditions if more than one server is handling the requests for the same user. Is there a solution out there I should be looking at? I'm looking for not just something that works as a fallback if stickiness fails, but that would work if user requests are regularly spread to multiple servers.

    Read the article

  • Creating a session user login php

    - by user2419393
    I'm stuck on how to create a session for a user who logs in. I got the part of checking to make sure the log in information corresponds with the database information, but is stuck on how to take the email address and store into a session. Here is my php code below. <?php include '../View/header.php'; session_start(); require('../model/database.php'); $email = $_POST['username']; $password = $_POST['password']; $sql = "SELECT emailAddress FROM customers WHERE emailAddress ='$email' AND password = '$password'"; $result = mysql_query($sql, $db); if (!$result) { echo "DB Error, could not query the database\n"; echo 'MySQL Error: ' . mysql_error(); exit; } while ($row = mysql_fetch_assoc($result)) { echo $row['emailAddress']; } mysql_free_result($result); ?>

    Read the article

  • PHP - How to retrieve session in php

    - by Klaus Jasper
    I created a table that contains id - names - jobs and page that shows the names only and beside each name there is button Job and session that contains the id. this is my code $query = mysql_query("SELECT * FROM table"); while($fetch = mysql_fetch_array("$query")){ $name = $fetch['names']; $id = $fetch['id']; echo '</br>'; echo $name; $_SESSION['name'] = $id; echo "<button>Job</button>"; } I want when the user click on button Job redirect to a page that contains the job of that session. so how can I do it?

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • GWT : NULL Session

    - by jidma
    I'm using spring4gwt in my project. I have the following login service implementation: @Service("loginService") public class LoginServiceImpl extends RemoteServiceServlet implements LoginService { @Override @Transactional(propagation = Propagation.REQUIRED, rollbackFor = Exception.class) public UserBean checkUser(String userName, String password) throws Exception { HttpSession httpSession = getThreadLocalRequest().getSession(); } } When i call the loginService.checkUser("test","test") (In hosted mode), I get a null pointer exception, as getThreadLocalRequest() returns NULL instead of the actual session. I didn't try in web mode yet. Why would I get a null session ? Does it have something to do with spring4gwt ? Thank you

    Read the article

  • How Google is managing authentication between multiple domains?

    - by vaibhav
    I think everyone here would be knowing that, if I am logged in any of the google's website(i.e www.orkut.com), I don't need to authenticate again for www.gmail.com. How google is managing this. I think, it would be a cookie stored on user's browser. But, if it is a cookie, how different domains are able to read this cookie. What do you say.

    Read the article

  • Session variables return completely after unsetting.

    - by RemiX
    I have a script that should log the user out of the site. It unsets all $_SESSION and $_COOKIE variables related to the login data of the user. But somehow, it seems impossible to log out. I checked the $_SESSION array at the end of the logout script, and at the beginning of each page. At the end of the logout script it says 'array()', but when I click the home button - or any link on the site - the full session data is back again and I don't know where it comes from. This is how I try to unset the session data: unset($_SESSION); unset($_COOKIE["usid"]); unset($_COOKIE["pw"]); unset($_COOKIE["adm"]); -- I don't know how to put it on different lines, but it's not that hard to read. Why do these data keep coming back?!

    Read the article

  • How to distinguish between new and returning anonymous Drupal users?

    - by Matt V.
    Is there an easy way (or a module) in Drupal to distinguish between anonymous users who have never created an account versus those who are returning but are not currently logged in? For non-returning (ie, completely new) users, I'd like to have a front page that is very streamlined and focused on registration as the call-to-action. However, if someone is a returning user but not currently logged in, I'd like to present a lot more information on the front page and have login as the main call-to-action. I realize both pages would still need to have both login and register options available, I just want to make the focus significantly different between the two.

    Read the article

  • Cookies NULL On Some ASP.NET Pages (even though it IS there!)

    - by DaveDev
    Hi folks I'm working on an ASP.NET application and I'm having difficulty in understanding why a cookie appears to be null. On one page (results.aspx) I create a cookie, adding entries every time the user clicks a checkbox. When the user clicks a button, they're taken to another page (graph.aspx) where the contents of that cookie is read. The problem is that the cookie doesn't seem to exist on graph.aspx. The following code returns null: Request.Cookies["MyCookie"]; The weird thing is this is only an issue on our staging server. This app is deployed to a production server and it's fine. It also works perfectly locally. I've put debug code on both pages: StringBuilder sb = new StringBuilder(); foreach (string cookie in Request.Cookies.AllKeys) { sb.Append(cookie.ToString() + "<br />"); } this.divDebugOutput.InnerHtml = sb.ToString(); On results.aspx (where there are no problems), I can see the cookies are: MyCookie __utma __utmb __utmz _csoot _csuid ASP.NET_SessionId __utmc On graph.aspx, you can see there is no 'MyCookie' __utma __utmb __utmz _csoot _csuid ASP.NET_SessionId __utmc With that said, if I take a look with my FireCookie, I can see that the same cookie does in fact exist on BOTH pages! WTF?!?!?!?! (ok, rant over :-) ) Has anyone seen something like this before? Why would ASP.NET claim that a cookie is null on one page, and not null on another?

    Read the article

  • PHP sessions causing Apache to hang indefinitely

    - by Kmaid
    The problem is that every so often a page that writes to a Session will cause apache to hang forever for a particular session. Once this error occurs for one user any further modifications to any session of any user will cause the website to hang for this user. This problem has been my sole focus for days. I have a development VPS running Windows 2003 and default latest version of XAMPP using the standard PHP session handler. The code in question actually runs on two other machines perfectly normally so although my common sense says it’s a web server configuration issue but at this point I am willing to try anything. On further investigation there are no errors in the Apache, PHP or System event log. Resources are abundant and there is no “AJAX shit storm” or more than a couple writes to a session per page. I have also implemented session_write_close() wherever possible to try and help elevate the problem. I have checked the session’s directory which is set to “C:\windows\Temp” and found that once a user enters this hanging phase that the corresponding session file is exclusively locked and the only way to resolve this is to stop Apache and wait a few moments for the files to become unlocked and delete them. I am not wondering if deletion is required. The Sessions themselves only contain 4 bits of information. ShoppingCartID, UserID, UserLevel and Refering URL and are alphanumerical with an occasional slash. My PHP.INI’s session section is configured like this: session.save_handler = files session.save_path = "C:\WINDOWS\Temp" session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 100 session.gc_maxlifetime = 1440 session.bug_compat_42 = 1 session.bug_compat_warn = 1 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = 0 session.hash_bits_per_character = 4 I have tried everything I can think of and the whole problem is now a blur to me. Any ideas would be appreciated and thanks for your time reading this :)

    Read the article

  • JavaOne 2012 Java Jungle Session!

    - by HecklerMark
    Well, it's official - the proposal I submitted to JavaOne 2012 was accepted! Pending management approval, I'll be leading the following session: Session ID: CON3519 Session Title: Building Hybrid Cloud Apps: Local Databases + The Cloud = Extreme Versatility If you've been struggling with ways to "move to the cloud" without losing the advantages you currently enjoy/require in your current environment, I hope you'll consider signing up for this session. Hope to see you there! Mark

    Read the article

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >