Search Results

Search found 10170 results on 407 pages for 'stateless session beans'.

Page 41/407 | < Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >

  • Can't set session.http_only for php under Plesk 11

    - by TheFoOL
    I want to enable session.cookie_httponly for my domain. I added these lines for my domain (in additional configuration directives): session.cookie_httponly = On error_log = error.log Error log works fine (a file is created) whereas session.cookie_httponly doesn't (according to phpinfo()). But why not? I use Plesk 11 on Ubuntu Server 12.04. PHP as FastCGI. PHP 5.3.10-1ubuntu3.4. Safe mode is off. Domain is associated to a dedicated IP address. Website powered by Joomla 2.5.7.

    Read the article

  • PHP session files have permissions of 000 - They're ununsable

    - by vanced
    I kept having issues with a Document Management System I'm trying to install as, at the first step of the installation process, it would error with: Warning: Unknown: open(/tmp/sess_d39cac7f80834b2ee069d0c867ac169c, O_RDWR) failed: Permission denied (13) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 I looked in /tmp and saw the sess_* files have the following permissions ---------- 1 vanced vanced 1240 Jan 20 08:48 sess_d39cac7f80834b2ee069d0c867ac169c All the session files look like this. So obviously, they're unusable by PHP and it's causing me lots of problems. How can I get PHP to set the correct permissions? I've tried changing the directory which php.ini uses to /tmp/phpsessions and the same thing occurs. The directories are a+rwx.

    Read the article

  • Mouse freezes for User Account but not guest session

    - by Rosie
    this question has been asked before but there wasn't an answer. The mouse on my computer freezes whenever I log in to my User Account, a few seconds after, just before the account opens. The keyboard still works, and programs seem to work as normal. If I log out, the mouse starts to work again. If I log in as a guest, the mouse works fine throughout. I have tried restarting, shutting down, which hasn't resolved the problem. Just after the problem started, I logged in as a guest and tried to open Firefox, but although I haven't logged in as a guest for ages, there was a message saying that Firefox couldn't be opened as it was already running. Could this have been in my main account? Do you know how I can unfreeze the mouse? Is it the same procedure that is recommended on other questions? I am extremely untechnical, and a friend did all the ubuntu installation. So a very detailed step by step would be appreciated if I have to use code to fix this.

    Read the article

  • Xubuntu loading slow after the session/password select

    - by Bryan
    I recently installed Xubuntu on my computer. I love the distro. Everything was fast, and then the bootup slowed down. It started taking a couple minutes for my user selected wallpaper to show and the menu to appear, basically do anything on the comp. I do not recall doing anything other than changing the swappiness. It did not affect it initially. Would that be something to affect it or are there other ideas that might have caused this sudden change.

    Read the article

  • Notes from AT&T ARO Session at Oredev 2013

    - by Geertjan
    The mobile internet is 12 times bigger than internet was 12 years ago. Explosive growth, faster networks, and more powerful devices. 85% of users prefer mobile apps, while 56% have problems. Almost 60% want less than 2 second mobile app startup. App with poor mobile experience results in not buying stuff, going to competitor, not liking your company. Battery life. Bad mobile app is worse than no app at all because it turns people away from brand, etc. Apps didn't exist 10 years ago, 72 billion dollars a year in 2013, 151 billion in 2017.Testing performance. Mobile is different than regular app. Need to fix issues before customers discover them. ARO is free and open source AT&T tool for identifying mobile app performance problems. Mobile data is different -- radio resource control state machine. Radio resource control -- radio from idle to continuous reception -- drains battery, sends data, packets coming through, after packets come through radio is still on which is tail time, after 10 seconds of no data coming through radio goes off. For example, YouTube, e.g., 10 to 15 seconds after every connection, can be huge drain on battery, app traffic triggers RRC state. Goal. Balance fast network connectivity against battery usage. ARO is free and open source and test any platform and won awards. How do I test my app? pcap or tcdump network. Native collector: Android and iOS. Android rooted device is needed. Test app on phone, background data, idle for ads and analytics. Graded against 25 best practices. See all the processes, all network traffic mapped to processes, stats about trace, can look just at your app, exlude Facebook, etc. Many tests conducted, e.g., file download, HTML (wrapped applications, e.g., cordova). Best Practices. Make stuff smaller. GZIP, smaller files, download faster, best for files larger than 800 bytes, minification -- remove tabs and commenting -- browser doesn't need that, just give processor what it needs remove wheat from chaff. Images -- make images smaller, 1024x1024 image for a checkmark, swish it, make it 33% smaller, ARO records the screen, probably could be 9 times smaller. Download less stuff. 17% of HTTP content on mobile is duplicate data because of caching, reloading from cache is 75% to 99% faster than downloading again, 75% possible savings which means app will start up faster because using cache -- everyone wants app starting up 2 seconds. Make fewer HTTP requests. Inline and combine CSS and JS when possible reduces the number of requests, spread images used often. Fewer connections. Faster and use less battery, for example, download an image every 60 secs, download an add every 60 seconds, send analytics every 60 seconds -- instead of that, use transaction manager, download everything at once, reduce amount of time connected to network by 40% also -- 80% of applications do NOT close connections when they are finished, e.g., download picture, 10 seconds later the radio turns off, if you do not explicitly close, eventually server closes, 38% more tail time, 40% less energy if you close connection right away, background data traffic is 27% of data and 55% of network time, this kills the battery. Look at redirection. Adds 200 to 600 ms on each connection, waterfall diagram to all the requests -- e.g., xyz.com redirect to www.xyz.com redirect to xyz.mobi to www.xyz.com, waterfall visualization of packets, minimize redirects but redirects are fine. HTML best practices. Order matters and hiding code (JS downloading blocks rendering, always do CSS before JS or JS asynchronously, CSS 'display:none' hides images from user but the browser downloads them which adds latency to application. Some apps turn on GPS for no reason. Tell network when down, but maybe some other app is using the radio at the same time. It's all about knowing best practices: everyone wins with ARO (carriers, e.g., AT&T, developers, customers). Faster apps, better battery usage, network traffic better, better app reviews, happier customers. MBTA app, referenced as an example.ARO is free, open source, can test all platforms.

    Read the article

  • Logging in over ssh in a different session?

    - by Jordan Reiter
    I don't know exactly what the correct term is, but I notice if I log in to a remote SSH server, then close the window, open a new one, and log into that server again, my bash history and user processes appear to be different. For instance, if I started a background process I can't get back into it, or something I typed won't show up in my bash history. The problem is for some reason occasionally something happens to my remote session and instead of being disconnected the session just hangs; I have to close the window and open a new one to reconnect. As a result sometimes it means a long running process basically is "lost" since I can't get back into it. Is there any way to set it up so that when I log back in I log back in to the same "session"? This is using OS X Terminal.

    Read the article

  • BlackBerry 10 en images (3/9) : BlackBerry Balance, une session Pro et une session privée hermétiquement séparées

    BlackBerry 10 en images (1/9) : BlackBerry Flow RIM dévoile les nouveautés au compte-goutte et promet de très grosses surprises Deux jours après les annonces officielles du PDG de RIM, la filiale Française nous a conviés à une démonstration pour nous dévoiler « en vrai » quelques nouveautés supplémentaires de son prochain BlackBerry 10. « Son plus gros lancement de tous les temps », selon David Derrida, le responsable produit. Les voici en images au moment où le code est officiellement gelé. BlackBerry Flow C'est la nouvelle manière d'interagir avec l'OS. ...

    Read the article

  • Maven/Spring/Java: ClassNotFoundException - but I know class is there...

    - by wuntee
    I have 2 maven projects set up like this: -com.wuntee.rsaAuthenticationManager (jar) -com.wuntee.taac (pom) --taac-backend-gui (jar) --taac-web (war) And 'com.wuntee.rsaAuthenticationManager' is a dep in 'taac-backend-gui'. When running a test case in taac-backend-gui, everything executes fine, but when trying to start the taac-web, I get the following ClassNotFoundException - the library that contains the class 'weblogic.security.SSL.TrustManager' is also in my local maven repository, and set as a dependency of com.wuntee.rsaAuthenticationManager. Does anyone know why I would be getting this error? I have also attempted to directly add the library containing TrustManager to the taac-web project, and still get the same Exception. Any ideas? ERROR[com.wuntee.taac.business.TaacWorkshop][main] - couldnt create rsa dao: com.rsa.common.SystemException: Command target (CommandAPIConnection) initialization failure java.lang.NoClassDefFoundError: weblogic/security/SSL/TrustManager at com.rsa.command.ConnectionFactory.getSpringBeanTarget(ConnectionFactory.java:212) at com.rsa.command.ConnectionFactory.getTarget(ConnectionFactory.java:170) at com.rsa.command.ConnectionFactory.getConnection(ConnectionFactory.java:246) at com.wuntee.rsaAuthenticationManager.RsaAuthenticationManagerDao.init(RsaAuthenticationManagerDao.java:60) at com.wuntee.taac.business.TaacWorkshop.<init>(TaacWorkshop.java:68) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:501) at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:126) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:72) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:939) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:892) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:479) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:562) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:871) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:423) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3972) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4467) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardHost.start(StandardHost.java:722) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:593) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:592) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: com.rsa.ims.components.NoSuchComponentException: Unable to locate bean CommandAPIConnection at com.rsa.ims.components.spring.SpringComponentManagerImpl.getBean(SpringComponentManagerImpl.java:71) at com.rsa.command.ConnectionFactory.getSpringBeanTarget(ConnectionFactory.java:209) ... 39 more Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'CacheableCommandTargetBasicAuth': FactoryBean threw exception on object creation; nested exception is java.lang.reflect.InvocationTargetException at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:150) at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:102) at org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1387) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:301) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189) at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1044) at com.rsa.ims.components.spring.SpringComponentManagerImpl.getBean(SpringComponentManagerImpl.java:69) ... 40 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:501) at com.rsa.command.RemoteCommandTargetFactoryBean.getObject(RemoteCommandTargetFactoryBean.java:273) at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:143) ... 46 more Caused by: java.lang.NoClassDefFoundError: weblogic/security/SSL/TrustManager at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:164) at com.rsa.command.InitialContextFactoryLocator.getInitialContextFactory(InitialContextFactoryLocator.java:72) at com.rsa.command.EJBRemoteTarget.<init>(EJBRemoteTarget.java:189) ... 52 more

    Read the article

  • NHibernate, transactions and TransactionScope

    - by Erik
    I'm trying to find the best solution to handle transaction in a web application that uses NHibernate. We use a IHttpModule and at HttpApplication.BeginRequest we open a new session and we bind it to the HttpContext with ManagedWebSessionContext.Bind(context, session); We close and unbind the session on HttpApplication.EndRequest. In our Repository base class, we always wrapped a transaction around our SaveOrUpdate, Delete, Get methods like, according to best practice: public virtual void Save(T entity) { var session = DependencyManager.Resolve<ISession>(); using (var transaction = session.BeginTransaction()) { session.SaveOrUpdate(entity); transaction.Commit(); } } But then this doesn't work, if you need to put a transaction somewhere in e.g. a Application service to include several repository calls to Save, Delete, etc.. So what we tried is to use TransactionScope (I didn't want to write my own transactionmanager). To test that this worked, I use an outer TransactionScope that doesn't call .Complete() to force a rollback: Repository Save(): public virtual void Save(T entity) { using (TransactionScope scope = new TransactionScope()) { var session = Depe.ndencyManager.Resolve<ISession>(); session.SaveOrUpdate(entity); scope.Complete(); } } The block that uses the repository: TestEntity testEntity = new TestEntity { Text = "Test1" }; ITestRepository testRepository = DependencyManager.Resolve<ITestRepository>(); testRepository.Save(testEntity); using (var scope = new TransactionScope()) { TestEntity entityToChange = testRepository.GetById(testEntity.Id); entityToChange.Text = "TestChanged"; testRepository.Save(entityToChange); } TestEntity entityChanged = testRepository.GetById(testEntity.Id); Assert.That(entityChanged.Text, Is.EqualTo("Test1")); This doesn't work. But to me if NHibernate supports TransactionScope it would! What happens is that there is no ROLLBACK at all in the database but when the testRepository.GetById(testEntity.Id); statement is executed a UPDATE with SET Text = "TestCahgned" is fired instead (It should have been fired between BEGIN TRAN and ROLLBACK TRAN). NHibernate reads the value from the level1 cache and fires a UPDATE to the database. Not expected behaviour!? From what I understand whenever a rollback is done in the scope of NHibernate you also need to close and unbind the current session. My question is: Does anyone know of a good way to do this using TransactionScope and ManagedWebSessionContext?

    Read the article

  • Verify my form workflow

    - by Shackrock
    I have a form, with some sensitive info (CC numbers). My work flow is: One page to take all form items Upon submission, values are validated. If all is well, all data is stored in a session variable, and the page reloads and displays this info from the session variable. If everything is ok on the review page, the user clicks submit and the session variable is sent to another form for processing (sending payment). Upon success, the session is destroyed. Upon failure (bad CC number, for example) - the user is sent back to the form, with all of the fields filled in just like before, so that they can check for errors and try again (session is NOT destroyed). Does anyone see anything wrong with this, from a security or best practices stand point? UPDATE I'm thinking I can get rid of a step - storing the info in a session EVER. Just have a one page checkout, no review page... makes sense.

    Read the article

  • Session management with OpenID, in ASP.NET

    - by Andreas Grech
    I am currently playing with DotNetOpenAuth to make an ASP.NET (C#) website use OpenID instead of the normal login-password routine for user and session handling. Up till now, I have added the DotNetOpenAuth.dll into my project and tried a test login page with the following: <rp:OpenIdLogin ID="OpenIdLogin1" runat="server" /> When I run the page, I enter a valid myopenid url and the website redirects to the myopenid page, where I enter my password, and upon success, it returns back to my default.aspx, due to the following in my web.config: <authentication mode="Forms"> <forms defaultUrl="/Default.aspx" loginUrl="~/Login.aspx"/> </authentication> Now that the user is "logged in", how can handle my session? At the moment, I don't know how I can, for example, check if the session is still alive or how to terminate the session. My basic question is, how can I manage the session once the user is authenticated with OpenID ?

    Read the article

  • Lazy loading in Hibernate

    - by Steve
    My Java Web application uses Hibernate to perform ORM. In some of my objects, I use lazy loading to avoid getting data until I absolutely need it. The problem is that I load the initial object in a session, and then that session is destroyed. When I later attempt to resolve the lazy-loaded collections in my object I get the following error: org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: common.model.impl.User.groups, no session or session was closed I tried associating a new session with the collection and then resolving, but this gives the same results. Does anyone know how I can resolve the lazy collections once the original session is gone? Thanks... --Steve

    Read the article

  • Wrong sessionID being used in callback, but only on one particular computer

    - by user210119
    I am writing a Python/Django web application that uses OAuth (for the TwitterAPI, not that it should matter). I am storing a session ID in my login function, and then after using OAuth to get the user's token, I try to retrieve the sessionID in my callback function. The callback function then always fails(throws an exception) because it can't find the OAuth token in the session. Through the debugger, I am able to determine that the session ID that the server is using is incorrect - it does not match the session ID that was stored in the login function. It's therefore unsurprising that the Oauth tokens were not there. The session that appears in the callback was the same one each time (until I tried deleting it - see "things I've tried below"), and it started out as an old session, with some data in it that is from a different django app running on the same server that I hadn't touched in a couple weeks. Here's the kicker: everything I described is an issue only on our production server, and only when connecting to it from my computer. Let me clarify: this only happens with my particular laptop. I can connect to the app just fine from someone else's computer. Other people cannot connect with their accounts on my computer. Furthmore, I can connect just fine to the app when it is running on my localhost using the built-in django webserver, just not to the production server. My setup: my server and local box are running= Django 1.2.0 and Python 2.6.5. My local box is running Snow Leopard and the Django webserver, the server is running Ubuntu, Apache2, and mod-wsgi. For sessions, I am using Django's default session backend (DB). Things I have tried, all to no avail: logging in with a different account, including new accounts that have never OAuthed to this app before Clearing cookies, using incognito mode, using a different web browser on my same computer. Each time, upon inspecting my cookies, the sessionID matched the sessionID in the login function and was different from the sessionID in the callback. deleting the session in the database that appears in the callback function, (the one that appeared to be old data). The callback function still fails, and the sessionID it appears to be using is now a new one using a different session backend (DB-cache, flat file, etc...) restarting the server, my computer, etc. My first question on StackOverflow, so bear with me if I didn't quite follow local conventions. I am just at a loss as to what to even look for - what are the things that could possibly be causing sessions to not work on my particular computer, and (so far!) only my particular computer?

    Read the article

  • Using a JMS Session from different threads

    - by Evan
    From the javadoc for Session it states: A Session object is a single-threaded context for producing and consuming messages. So I understand that you shouldn't use a Session object from two different threads at the same time. What I'm unclear on is if you could use the Session object (or children such as a Queue) from a different thread than the one it created. In the case I'm working on, I'm considering putting my Session objects into a pool of available sessions that any thread could borrow from, use, and return to the pool when it is finished with it. Is this kosher? (Using ActiveMQ BTW, if that impacts the answer at all.)

    Read the article

  • tomcat 6 - Cluster / BackupManager

    - by Kevin
    Hi, I have a question regarding Clustering (session replication/failover) in tomcat 6 using BackupManager. Reason I chose BackupManager, is because it replicates the session to only one other server. I am going to run through the example below to try and explain my question. I have 6 nodes setup in a tomcat 6 cluster with BackupManager. The front end is one Apache server using mod_jk with sticky session enabled Each node has 1 session each. node1 has a session from client1 node2 has a session from client2 .. .. Now lets say node1 goes down ; assuming node2 is the backup, node2 now has two sessions (for client2 and client1) The next time client1 makes a request, what exactly happens ? Does Apache "know" that node1 is down and does it send the request directly to node2 ? =OR= does it try each of the 6 instances and find out the hard way who the backup is ?

    Read the article

  • Django: accessing session variables from within a template?

    - by AP257
    Hi all If I set a session variable in Django, like: request.session["name"] = "name" Is there a way I can access it from within a template, or do I have to retrieve it from within a view, and then pass it to a template? Asking because I have around 10 little session variables that I'd like to access within a template, and passing all 10 from the view to the template could get a bit messy. (I have to use session variables because it's a HttpResponseRedirect, but storing the variables in a database is overkill for my purposes.) So - any way to grab session variables directly within a template?

    Read the article

  • Issue using Session in MVC Actions with [authorice]

    - by Pablo Gonzalez
    Hi all, first of all sorry for my poor English! When I use the [Authorice` attribute i can't get Session data that i stored before. For example: public ViewResult Index() { // do some stuffs Session["Test"] = "Hi stackoverflow!"; } And then i try to get it in another action, but with the [Authorize] attibute [Authorize] public ViewResult Test() { // do some stuffs if(Session["Test"] == null) { //do some stuffs } } Session["Test"] is always null, but if i remove the attribute it's work, may anyone help me?, thanks a lot!!! P.S: I instance Session["Test"] in Session_Start

    Read the article

  • Approach for authentication and storing user details.

    - by cappuccino
    Hey folks, I am using the Zend Framework but my question is broadly about sessions / databases / auth (PHP MySQL). Currently this is my approach to authentication: 1) User signs in, the details are checked in database. - Standard stuff really. 2) If the details are correct only the user's unique ID is stored in the session and a security token (user unique ID + IP + Browser info + salt). The session in written to the filesystem. I've been reading around and many are saying that storing stuff in sessions is not a good idea, and that you should really only write a unique ID which refers back to the user's details and a security token to prevent session hijacking. So this is the approach i've taken, i use to write the user's details in session, but i've moved that out. Wanted to know your opinions on this. I'm keeping sessions in the filesystem since i don't run on multiple servers, and since i'm only writting a tiny tiny bit of data to sessions, i thought that performance would be greater keeping sessions in the filesystem to reduce load on the database. Once the session is written on authentication, it really is only read-only from then on. 3) The rest of the user's details (like subscription details, permissions, account info etc) are cached in the filesystem (this can always be easily moved to memory if i wanted even more performance). So rather than keeping the user's details in session, the user's details are cached in the file system. I'm using Zend_Cache and the unique cache id is something like md5(/cache/auth/2892), the number is the unique id of the user. I guess the benefit of this method is that once the user is logged in, there is essentially not database queries being run to get the user's details. Just wonder if this approach is better than keeping the whole lot in session... 4) As the user moves throughout the site the only thing that is checked is the ID in the session and the security token. So, overall the first question is 1) is the filesystem more efficient than a database for this purpose 2) have i taken enough security precautions 3) is separating user detail's from the session into a cached file a pointless task? Thanks.

    Read the article

  • spring annotation configuration issue

    - by shrimpy
    I don't know why spring 2.5.6 keeps complaining, but I don't have any "orderBy" annotation. 2009-10-10 13:55:37.242::WARN: Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.context.annotation.internalPersiste nceAnnotationProcessor': Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'order' of bean class [org.springfra mework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor]: Bean property 'order' is not writable or has an invalid setter method. Does the parameter type of the setter match the re turn type of the getter?: org.springframework.beans.NotWritablePropertyException: Invalid property 'order' of bean class [org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor]: Bean propert y 'order' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter? at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:801) at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:651) at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:78) at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:59) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1276) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010) or even when I swap to use lower version spring 2.5.1, it's still complaining: 2009-10-10 13:57:56.062::WARN: failed ContextHandlerCollection@5da0b94d java.lang.NoClassDefFoundError: org/springframework/context/support/AbstractRefreshableConfigApplicationContext at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:621) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) at java.net.URLClassLoader.defineClass(URLClassLoader.java:260) at java.net.URLClassLoader.access$000(URLClassLoader.java:56) at java.net.URLClassLoader$1.run(URLClassLoader.java:195) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at org.mortbay.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:366) at org.mortbay.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:337) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:621) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) at java.net.URLClassLoader.defineClass(URLClassLoader.java:260) at java.net.URLClassLoader.access$000(URLClassLoader.java:56) at java.net.URLClassLoader$1.run(URLClassLoader.java:195) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at org.mortbay.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:366) at org.mortbay.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:337) at org.springframework.util.ClassUtils.forName(ClassUtils.java:230) at org.springframework.util.ClassUtils.forName(ClassUtils.java:183) at org.springframework.web.context.ContextLoader.determineContextClass(ContextLoader.java:283) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:243) If I do not use annotation, it works fine. No problem at all, Everything happened after this <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd" default-autowire="byName"> <context:component-scan base-package="demo.dao"> <context:include-filter type="annotation" expression="org.springframework.stereotype.Repository"/> </context:component-scan> </beans> and I am sure my spring is configured properly. <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:util="http://www.springframework.org/schema/util" xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.5.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd" default-autowire="byName"> <!-- For mail settings and future properties files --> <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="locations"> <list> <value>classpath:jdbc.properties</value> </list> </property> </bean> <!-- Check all the beans managed by Spring for persistence-related annotations. e.g. PersistenceContext --> <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" /> <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="${jdbc.driverClassName}"/> <property name="url" value="${jdbc.url}"/> <property name="username" value="${jdbc.username}"/> <property name="password" value="${jdbc.password}"/> </bean> <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="dataSource" ref="dataSource"/> <!-- jpaVendorAdapter Hibernate, injected into emf --> <property name="jpaVendorAdapter"> <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="showSql" value="${hibernate.show_sql}"/> <!-- Data Definition Language script is generated and executed for each run --> <property name="generateDdl" value="${jdbc.generateDdl}"/> </bean> </property> <!--<property name="hibernateProperties"> --> <property name="jpaProperties"> <props> <prop key="hibernate.dialect">${hibernate.dialect} </prop> <prop key="hibernate.show_sql">${hibernate.show_sql}</prop> <prop key="hibernate.hbm2ddl.auto">${hibernate.hbm2ddl.auto} </prop> </props> </property> </bean> <tx:annotation-driven transaction-manager="transactionManager" /> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="entityManagerFactory"/> <property name="dataSource" ref="dataSource"/> </bean> </beans> Can anyone tell me what is wrong? How can I fix this?

    Read the article

  • Updating a session variable on a page that uses enablesessionstate=readonly attribute doesn't fail f

    - by chandmk
    Asp.Net allows you you set the session state to readonly at individual page level or in the web.config for all pages. But it doesn't prevent you from creating a brand new session variable on that page or modify an existing session variable. But when you try to use that session variable it is either not available or its value is not modified. Why wouldn't the asp.net framework throw a run time error, if not compile time error, when a write attempt is made to a session on the pages where that is not allowed?

    Read the article

  • How are a session identifiers generated?

    - by Asaf R
    Most web applications depend on some kind of session with the user (for instance, to retain login status). The session id is kept as a cookie in the user's browser and sent with every request. To make it hard to guess the next user's session these session-ids need to be sparse and somewhat random. The also have to be unique. The question is - how to efficiently generate session ids that are sparse and unique? This question has a good answer for unique random numbers, but it seems not scalable for a large range of numbers, simply because the array will end up taking a lot of memory.

    Read the article

  • What are some ways to identify a logged in user on the web?

    - by farinspace
    Here is the scenario: There are 5 websites (different domain names) that need to share a session. I am using a bit of code on each site which returns a "blank.gif" image and at the same time sets the session (syncing it up to the current session). Each of the sites calls a session-img from each of the other sites. Also, all sites have access to the same database (where the session is stored). This works great on FF and Chrome, but not on IE (or Safari PC)... I need to come up with an alternative method to keep a session active? The app is a small custom CMS, so really only 2-3 people will be using it. I can probably identify user logins by IP and then continue to check for the IP accross all sites... Is there something more granular such as a computer uuid that i can check for?

    Read the article

  • Way around ASP.NET session being shared across multiple tab windows

    - by ace
    I'm storing some value in an asp.net session on the first page. On the next page, this session value is being read. However if multiple tabs are opened and there are multiple page 1-page 2 navigation going on, the value stored in session gets mixed up since the session is shared between the browser tabs. I'm wondering what are the options around this : Query String: Passing value between the pages using query string, I don't want to take this approach since there can be multiple anchor tags on page 1 linking to page 2 and I can not rewrite the URLs of each tag since they are dynamic. Cookies??? In-memory cookies are shared across browser tabs too, same as the session cookie, rite ? Any other option?

    Read the article

< Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >