Search Results

Search found 1963 results on 79 pages for 'expired cookies'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 34/79 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • Google Chrome Browser

    - by Harish
    Hi friends. Am using Google Chrome as my default web browser. I don't have any problem with it. The only problem rise is when I enter gmail.com and login into my account. I need to go to Histories in Google chrome (ctrl + shft + del) and select "Del Cokies and Other datas" for entering into gmail again. My gmail page is workin just once. I nedd to log in. Check my mail and I have to clear the cookies in order to log in again If i fail, This is d info I get The webpage at https://mail.google.com/mail/?shva=1&ui=html&zy=l&pli=1&auth=DQAAALgAAABhdI_K9uptgb6yQfGVmnl74VZEUH7U2M7WGJn3kJnCiY0CNI5QBU3X-g6UjPENGoHKSHE9nRna_Ygu_d59mN-HG1SUzNpI_UEMJ9CwDqZAYxYLEJl8r_JA2qJNGF8H0fdKfn99Gb2YeI-lprGxCrWRT7LicyADxQvNLQ6l9xBvOccEBSJfdIrna8dOXeX06N41L0zpnLQrVG1qdulR7LxId9XwtVb6QtfhwnambqLoNiY402Y5pjGG1_gFL4dNpJA&gausr=hariss89%40gmail.com has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer. Here are some suggestions: Reload this web page later. Learn more about this problem. Wat can I do ...

    Read the article

  • Is Google tracking our web history even when we do not visit Google or if affiliate websites?

    - by Anoyon-12
    I have recently updated to Google Chrome 29.0.1547.76. And when I click a the new tab button there is a new homepage now. Ok. My current settings forbid from third party cookies being set. And I clear all of my browsing data every time I close or well if its been too long browsing. Ok so there is this help dialog that appears first time you open the new tab page. What I did was Cleared all my browsing settings (From Beginning of time) and then again I went to the new tab, the Help dialog appears. And for the third time I did the same and the Same thing Happened. So For the fourth time I cleared all my Browsing data. Clicked open new tab and then. navigate myself to chrome://settings/cookies. and there were So does this mean google is tracking our web History just for using Chrome. I know Its not Illegal because these cookies only appear when you click the new tab Google Chrome 29.0.1547.76. maybe that was the reason google redesigned the entire New:tab page. From this Google is forcing us to allow them track us. I don't want to set another page as my new:tab page. I just want the old one. Google has a long History of invading Privacy without users consent. There was that Safari incident. I am sure you people remember. So can anyone tell me about this issue? I maybe wrong. So please explain.

    Read the article

  • T-SQL (SCD) Slowly Changing Dimension Type 2 using a merge statement

    - by AtulThakor
    Working on stored procedure recently which loads records into a data warehouse I found that the existing record was being expired using an update statement followed by an insert to add the new active record. Playing around with the merge statement you can actually expire the current record and insert a new record within one clean statement. This is how the statement works, we do the normal merge statement to insert a record when there is no match, if we match the record we update the existing record by expiring it and deactivating. At the end of the merge statement we use the output statement to output the staging values for the update,  we wrap the whole merge statement within an insert statement and add new rows for the records which we inserted. I’ve added the full script at the bottom so you can paste it and play around.   1: INSERT INTO ExampleFactUpdate 2: (PolicyID, 3: Status) 4: SELECT -- these columns are returned from the output statement 5: PolicyID, 6: Status 7: FROM 8: ( 9: -- merge statement on unique id in this case Policy_ID 10: MERGE dbo.ExampleFactUpdate dp 11: USING dbo.ExampleStag s 12: ON dp.PolicyID = s.PolicyID 13: WHEN NOT MATCHED THEN -- when we cant match the record we insert a new record record and this is all that happens 14: INSERT (PolicyID,Status) 15: VALUES (s.PolicyID, s.Status) 16: WHEN MATCHED --if it already exists 17: AND ExpiryDate IS NULL -- and the Expiry Date is null 18: THEN 19: UPDATE 20: SET 21: dp.ExpiryDate = getdate(), --we set the expiry on the existing record 22: dp.Active = 0 -- and deactivate the existing record 23: OUTPUT $Action MergeAction, s.PolicyID, s.Status -- the output statement returns a merge action which can 24: ) MergeOutput -- be insert/update/delete, on our example where a record has been updated (or expired in our case 25: WHERE -- we'll filter using a where clause 26: MergeAction = 'Update'; -- here   Complete source for example 1: if OBJECT_ID('ExampleFactUpdate') > 0 2: drop table ExampleFactUpdate 3:  4: Create Table ExampleFactUpdate( 5: ID int identity(1,1), 3: go 6: PolicyID varchar(100), 7: Status varchar(100), 8: EffectiveDate datetime default getdate(), 9: ExpiryDate datetime, 10: Active bit default 1 11: ) 12:  13:  14: insert into ExampleFactUpdate( 15: PolicyID, 16: Status) 17: select 18: 1, 19: 'Live' 20:  21: /*Create Staging Table*/ 22: if OBJECT_ID('ExampleStag') > 0 23: drop table ExampleStag 24: go 25:  26: /*Create example fact table */ 27: Create Table ExampleStag( 28: PolicyID varchar(100), 29: Status varchar(100)) 30:  31: --add some data 32: insert into ExampleStag( 33: PolicyID, 34: Status) 35: select 36: 1, 37: 'Lapsed' 38: union all 39: select 40: 2, 41: 'Quote' 42:  43: select * 44: from ExampleFactUpdate 45:  46: select * 47: from ExampleStag 48:  49:  50: INSERT INTO ExampleFactUpdate 51: (PolicyID, 52: Status) 53: SELECT -- these columns are returned from the output statement 54: PolicyID, 55: Status 56: FROM 57: ( 58: -- merge statement on unique id in this case Policy_ID 59: MERGE dbo.ExampleFactUpdate dp 60: USING dbo.ExampleStag s 61: ON dp.PolicyID = s.PolicyID 62: WHEN NOT MATCHED THEN -- when we cant match the record we insert a new record record and this is all that happens 63: INSERT (PolicyID,Status) 64: VALUES (s.PolicyID, s.Status) 65: WHEN MATCHED --if it already exists 66: AND ExpiryDate IS NULL -- and the Expiry Date is null 67: THEN 68: UPDATE 69: SET 70: dp.ExpiryDate = getdate(), --we set the expiry on the existing record 71: dp.Active = 0 -- and deactivate the existing record 72: OUTPUT $Action MergeAction, s.PolicyID, s.Status -- the output statement returns a merge action which can 73: ) MergeOutput -- be insert/update/delete, on our example where a record has been updated (or expired in our case 74: WHERE -- we'll filter using a where clause 75: MergeAction = 'Update'; -- here 76:  77:  78: select * 79: from ExampleFactUpdate 80: 

    Read the article

  • Serialize cookie collection

    - by user313421
    Hello guys My scenario is to store all client cookies as XML file and make the exact "cookie collection" later from this file. So, How to serialize/Deserialize a "cookie collection" in asp.net ? Does "multivalued" cookies need extra considerations rather than standard collection serialization ? Thanks for your time

    Read the article

  • remove tomcat excesive logging (org.apache.catalina.session.ManagerBase )

    - by santiagozky
    Hello, We have a tomcat 5.5 which is logging a lot of messages like these: 2010-05-20 14:07:04,242 DEBUG [org.apache.catalina.session.ManagerBase] - End expire sessions StandardManager processingTime 1 expired sessions: 0 2010-05-20 14:07:04,242 DEBUG [org.apache.catalina.session.ManagerBase] - Start expire sessions StandardManager at 1274382424242 sessioncount 0 2010-05-20 14:07:04,242 DEBUG [org.apache.catalina.session.ManagerBase] - End expire sessions StandardManager processingTime 0 expired sessions: 0 2010-05-20 14:08:04,394 DEBUG [org.apache.catalina.session.ManagerBase] - Start expire sessions StandardManager at 1274382484394 sessioncount 0 2010-05-20 14:08:04,394 DEBUG [org.apache.catalina.session.ManagerBase] - End expire sessions StandardManager processingTime 0 expired sessions: 0 2010-05-20 14:08:04,395 DEBUG [org.apache.catalina.session.ManagerBase] - Start expire sessions StandardManager at 1274382484394 sessioncount 0 I have modified the logging.properties file to set the levels to ERROR and SEVERE but the logging still appears: handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler, 4admin.org.apache.juli.FileHandler, 5host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler .handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler 1catalina.org.apache.juli.FileHandler.level = ERROR 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.prefix = catalina. 2localhost.org.apache.juli.FileHandler.level = ERROR 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 2localhost.org.apache.juli.FileHandler.prefix = localhost. 3manager.org.apache.juli.FileHandler.level = ERROR 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 3manager.org.apache.juli.FileHandler.prefix = manager. 4admin.org.apache.juli.FileHandler.level = ERROR 4admin.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 4admin.org.apache.juli.FileHandler.prefix = admin. 5host-manager.org.apache.juli.FileHandler.level = ERROR 5host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 5host-manager.org.apache.juli.FileHandler.prefix = host-manager. java.util.logging.ConsoleHandler.level = ERROR java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/admin].level = ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/admin].handlers = 4admin.org.apache.juli.FileHandler org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 5host-manager.org.apache.juli.FileHandler org.apache.catalina.startup.ContextConfig.level = SEVERE org.apache.catalina.startup.HostConfig.level = SEVERE org.apache.catalina.session.ManagerBase.level = SEVERE I don't know what is wrong in the configuration. Any ideas to shut them off?

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • jQuery unbinding click event when maximum number of children are displayed

    - by RyanP13
    I have a personal details form that alows you to enter a certain number of dependants which is determined by the JSP application. The first dependant is visible and the user has the option to add dependants up to the maximum number. All other dependants are hidden by default and are displayed when a user clicks the 'Add another dependant button'. When the maximum number of dependants has been reached the button is greyed out and a message is generated via jQuery and displayed to tell the user exactly this. The issue i am having is when the maximum number of dependants has been reached the message is displayed but then the user can click the button to add more dependants and the message keeps on generating. I thought unbinding the click event would sort this but it seems to still be able to generate a second message. Here is the function i wrote to generate the message: // Dependant message function function maxDependMsg(msgElement) { // number of children can change per product, needs to be dynamic // count number of dependants in HTML var $dependLength = $("div.dependant").length; // add class maxAdd to grey out Button // create maximum dependants message and display, will not be created if JS turned off $(msgElement) .addClass("maxAdd") .after($('<p>') .addClass("maxMsg") .append("The selected web policy does not offer cover for more than " + $dependLength + " children, please contact our customer advisers if you wish discuss alternative policies available.")); } There is a hyperlink with a click event attached like so: $("a.add").click(function(){ // Show the next hidden table on clicking add child button $(this).closest('form').find('div.dependant:hidden:first').show(); // Get the number of hidden tables var $hiddenChildren = $('div.dependant:hidden').length; if ($hiddenChildren == 0) { // save visible state of system message $.cookies.set('cpqbMaxDependantMsg', 'visible'); // show system message that you can't add anymore dependants than what is on page maxDependMsg("a.add"); $(this).unbind("click"); } // set a cookie for the visible state of all child tables $('div.dependant').each(function(){ var $childCount = $(this).index('div.dependant'); if ($(this).is(':visible')) { $.cookies.set('cpqbTableStatus' + $childCount, 'visible'); } else { $.cookies.set('cpqbTableStatus' + $childCount, 'hidden'); } }); return false; }); All of the cookies code is for state saving when users are going back and forward through the process.

    Read the article

  • Python requests - saving cookie for later url usage

    - by PythonRocks
    I been trying to get a cookie and post it to a url in later use in the program, but I cant seem to get the cookie parameters to work. Right now I have response = requests.get("url") But how exactly do I retrive cookies from this url and post them to a new url (the same cookies). The tutorial in requests is somewhat vague on the topic and gives examples I cannot test. Hope someone can help with further examples. This is python 2.7 btw.

    Read the article

  • Anyone got a nifty credit expiry algorithm?

    - by garethkeenan
    Our website uses a credit system to allow users to purchase inexpensive digital goods (eg. photos). We use credits, rather than asking the user to pay for items individually, because the items are cheap and we are trying to keep our credit-card/PayPal overhead low. Because we aren't a bank, we have to expire credits after a certain amount of time. We expire deposit credits after a year, but other types of credits (bonuses, prizes, refunds) may have a different shelf-life. When a buyer buys an item, we spend the credit that is going to expire first. Our current system keeps track of every deposit by storing the original value and the remainder to be spent. We keep a list of all purchases as well, of course. I am currently moving to a system which is much more like a traditional double-entry accounting system. A deposit will create a ledger item, increasing the user's 'spending' account balance. Every purchase will also create a ledger item, decreasing the user's 'spending' account balance. The new system has running balances, while the old system does not, which greatly improves our ability to find problems and do reconciliations. We do not want to use the old system of keeping a 'remainder' value attached to each deposit record because it is inefficient to replay a user's activities to calculate what the remainder of each deposit is over time (for the user's statement). So, after all of this verbose introduction, my question is "Does anyone else out there have a similar system of expiring credits?" If you could describe how you calculate expired credits it would be a great help. If all expired credits had the exact same shelf life, we would be able to calculate the expired amount using: Total Deposits - Total Spending - Deposits Not Due To Expire = Amount to Expire However, because deposits can have different shelf lives, this formula does not work because more than one deposit can be partially spent at any given time.

    Read the article

  • jQuery RadioButton index

    - by Tomas
    Hello How to get checked RadioButton Index using jQuery? I need to read it and save to cookies to load status later using code $('input[name="compression"]')[{Reading from cookies code}].checked = true; 1<input name="compression" type="radio" value="1" checked="checked" /> 2<input name="compression" type="radio" value="2" /> 3<input name="compression" type="radio" value="3" /> Regards Tomas

    Read the article

  • getting vbulletin captcha image with curl

    - by ermac2014
    hi I need to download Vbulletin captcha images on my HDD "from vbulletin register page" using curl and PHP. I really need to get samples of captcha images from several VBulletin boards. I'm collecting these samples for research purposes. anyway, here is what I done with curl till now. 1- download register.php page. 2- parse the downloaded page to get captcha image url. 3- download that image. now I have done step 1 and 2 correctly. but in step 3 when I try to download the captcha image I don't get the captcha. I just get either a very tiny blank gif picture. or I get a png picture with vbulletin word on it. I really don't know what i'm doing wrong. I tried to output the html and push it to the browser the image shows correctly. but thats not what I want. I want to download the image and save it on my HDD. here are some codes I've been working on: //get contents with curl function get_content($url) { $theString = parse_url($url); $cookieName = $theString['host']; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url."register.php"); curl_setopt($ch, CURLOPT_REFERER, $url."register.php"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)'); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies/cookie.txt"); //saved cookies curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies/cookie.txt"); //saved cookies curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $string = curl_exec ($ch); //print_r(curl_getinfo($ch)); curl_close ($ch); return $string; } //vbulletin main page $url = 'http://blavbulletin.com/'; //get the page $results = get_content($url); if (preg_match_all('/<img[^>]*id\=\"imagereg\"[^>]*src\=\"([^\"]*)\"[^>]*>/s', $results , $captchaimages)) { $captcha = $captchaimages[1][0]; echo "<img src='$url"."$captcha'>"; //when echoed the pic shows correctly //now get the pic $file = get_content("$url"."$captcha"); //save the pic on HDD file_put_contents("captcha.jpg", $file); } any help would be appreciated.. regards,

    Read the article

  • Way to get logged in user in Expression Engine?

    - by Andrew G. Johnson
    Hi all, I am using Expression Engine in part of a site I am developing and other parts are just using my own PHP. My question is how can I tell who the user is logged in as on a non-EE page? I have access to the EE cookies and the EE database but couldn't find a way to use these values to figure out who the user is. I have a list of all the cookie keys/values at: http://andrewgjohnson.com/cookies.html

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • Javascript reference external script file - security implications

    - by rkrauter
    Hi, If I have a reference to an external third party JavaScript file on my website, what are the security implications? Can the JavaScript file be used to steal cookies? One example of this is the Google Analytics JavaScript reference file. Could the third party technically steal cookies or any other sensitive information from my logged on users (XSS)? The whole cross domain scripting has me confused sometimes. Thanks!

    Read the article

  • ASP.NET MVC 4/Web API Single Page App for Mobile Devices ... Needs Authentication

    - by lmttag
    We have developed an ASP.NET MVC 4/Web API single page, mobile website (also using jQuery Mobile) that is intended to be accessed only from mobile devices (e.g., iPads, iPhones, Android tables and phones, etc.), not desktop browsers. This mobile website will be hosted internally, like an intranet site. However, since we’re accessing it from mobile devices, we can’t use Windows authentication. We still need to know which user (and their role) is logging in to the mobile website app. We tried simply using ASP.NET’s forms authentication and membership provider, but couldn’t get it working exactly the way we wanted. What we need is for the user to be prompted for a user name and password only on the first time they access the site on their mobile device. After they enter a correct user name and password and have been authenticated once, each subsequent time they access the site they should just go right in. They shouldn’t have to re-enter their credentials (i.e., something needs to be saved locally to each device to identify the user after the first time). This is where we had troubles. Everything worked as expected the first time. That is, the user was prompted to enter a user name and password, and, after doing that, was authenticated and allowed into the site. The problem is every time after the browser was closed on the mobile device, the device and user were not know and the user had to re-enter user name and password. We tried lots of things too. We tried setting persistent cookies in JavaScript. No good. The cookies weren’t there to be read the second time. We tried manually setting persistent cookies from ASP.NET. No good. We, of course, used FormsAuthentication.SetAuthCookie(model.UserName, true); as part of the form authentication framework. No good. We tried using HTML5 local storage. No good. No matter what we tried, if the user was on a mobile device, they would have to log in every single time. (Note: we’ve tried on an iPad and iPhone running both iOS 5.1 and 6.0, with Safari configure to allow cookies, and we’ve tried on Android 2.3.4.) Is there some trick to getting a scenario like this working? Or, do we have to write some sort of custom authentication mechanism? If so, how? And, what? Or, should we use something like claims-based authentication and WIF? Or??? Any help is appreciated. Thanks!

    Read the article

  • How to create profiles for guests?

    - by Anant
    I'm making a site, and will be allowing guests to vote/comment. How should I go about storing the user info? I wouldn't like the info to be cleared if someone deletes the cookie (SO handles guest users via cookies I guess). If someone clears cookies and changes the ip at once, then only should the guest user info should be lost. Should I use sessions in php for this?

    Read the article

  • what is the best way to track unique visitors?

    - by dnkira
    hello what i want is to make user counter as true as possible. exluding bots, and clever users as much as possible. as 4 what i know, it can be done in several ways: ip (trouble with dinamic ones and proxy's) cookies (with session id maybe, but can be deleted or browser can be changed) flash cookies (not all users have it) any other ways? and what is the best?

    Read the article

  • NPS EAP authentication failing after Windows Update

    - by sqlreader
    I have a Windows 2008 Std server running NPS. After applying the latest round of updates (including Root Certificates for April 2012 KB931125 (See:http://support.microsoft.com/kb/933430/)), EAP authentication is failing due to being malformed. Sample error (Security/Event ID 6273), truncated for brevity: Authentication Details: Proxy Policy Name: Use Windows authentication for all users Network Policy Name: Wireless Access Authentication Provider: Windows Authentication Server: nps-host.corp.contoso.com Authentication Type: PEAP EAP Type: - Account Session Identifier: - Reason Code: 266 Reason: The message received was unexpected or badly formatted. The NPS policy (Wireless Access) is configured accordingly (for Constraints/Authentication methods) EAP Types: Microsoft: Protected EAP (PEAP) - with a valid certificate from ADCS Microsoft: Secured password (EAP-MSCHAP v2) Less secure authentication methods: Microsoft Encrypted Authentication version 2 (MS-CHAP-v2) User can change password after it has expired Microsoft Encrypted Authentication (MS-CHAP) User can change password after it has expired We've tested a different RADIUS server without the aforementioned patch, and removed EAP as an authentication type and experienced success. Has anyone else experienced this issue?

    Read the article

  • How to use rhythmbox-client on LAN?

    - by Kaustubh P
    A few days ago I had asked this question, and according to one suggestion, used rhythmote. It is a web-interface to change songs on a rhythmbox playing on some PC. However, its not what I had thought of, and I stumbled upon documentation for rhythmbox-client. I tried a few ways of using it, but was unsuccessful. Let me show you a few ways of how I did it. The rhythmbox is running at address 192.168.1.4, lets call it jukebox. Passing the address as a parameter Hoping that I would be able to see and browse through songs on the jukebox rhythmbox-client 192.168.1.4 But, I get this message (rhythmbox-client:8370): Rhythmbox-WARNING **: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. (rhythmbox-client:8370): Rhythmbox-WARNING **: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. SSH ssh -l jukebox 192.168.1.4 rhythmbox-client --print-playing Which spat this at me: (rhythmbox-client:9389): Rhythmbox-WARNING **: /bin/dbus-launch terminated abnormally with the following error: Autolaunch error: X11 initialization failed. rhythmbox-client as root gksudo rhythmbox-client 192.168.1.4 A rhythmbox client comes up, but with no music shown in the library. I am guessing this is running on my own computer. Can anyon tell me how rhythmbox-client is to be run, and is it even correct of me to think that I can get a rhythmbox window showing the songs on the jukebox? PS: There were a few other solutions mentioned, but I want to evaluate each and every one of them. Thanks.

    Read the article

  • How can I expire non-active sessions on my Netscreen SSG140?

    - by David Mackintosh
    I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

    Read the article

  • TIME_WAIT connections not being cleaned up after timeout period expires

    - by Mark Dawson
    I am stress testing one of my servers by hitting it with a constant stream of new network connections, the tcp_fin_timeout is set to 60, so if I send a constant stream of something like 100 requests per second, I would expect to see a rolling average of 6000 (60 * 100) connections in a TIME_WAIT state, this is happening, but looking in netstat (using -o) to see the timers, I see connections like: TIME_WAIT timewait (0.00/0/0) where their timeout has expired but the connection is still hanging around, I then eventually run out of connections. Anyone know why these connections don't get cleaned up? If I stop creating new connections they do eventually disappear but while I am constantly creating new connections they don't, seems like the kernel isn't getting chance to clean them up? Is there some other config options I need to set to remove the connections as soon as they have expired? The server is running Ubuntu and my web server is nginx. Also it has iptables with connection tracking, not sure if that would cause these TIME_WAIT connections to live on. Thanks Mark.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >