Search Results

Search found 12107 results on 485 pages for 'session timeout'.

Page 42/485 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • How do I obtain a new stateful session bean in a servlet thread?

    - by FarmBoy
    I'm experimenting with EJB3 I would like to inject a stateful session bean into a servlet, so that each user that hits the servlet would obtain a new bean. Obviously, I can't let the bean be an instance variable for the servlet, as that will be shared. And apparantly injecting local variables isn't allowed. I can use the new operator to create a bean, but that doesn't seem the right approach. Is there a right way to do this? It seems like what I'm trying to do is fairly straightforward, after all, we would want each new customer to find an empty shopping cart.

    Read the article

  • Getting Session in Http Handler ashx

    - by prakash
    Hi All, I am using Http Handler ashx file for showing the images. I was using Session object to get image and return in the response Now problem is i need to use custom Session object its nothing but the Wrapper on HttpSession State But when i am trying to get existing custom session object its creating new ... its not showing session data , i checked the session Id which is also different Please adive how can i get existing session in ashx file ? Note: When i use ASP.NET Sesssion its working fine [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] public class GetImage : IHttpHandler, System.Web.SessionState.IRequiresSessionState {

    Read the article

  • NHibernate session management in ASP.NET MVC

    - by Kevin Pang
    I am currently playing around with the HybridSessionBuilder class found on Jeffrey Palermo's blog post: http://jeffreypalermo.com/blog/use-this-nhibernate-wrapper-to-keep-your-repository-classes-simple/ Using this class, my repository looks like this: public class UserRepository : IUserRepository { private readonly ISessionBuilder _sessionBuilder; public UserRepository(ISessionBuilder sessionBuilder) { _sessionBuilder = sessionBuilder; } public User GetByID(string userID) { using (ISession session = _sessionBuilder.GetSession()) { return session.Get<User>(userID); } } } Is this the best way to go about managing the NHibernate session / factory? I've heard things about Unit of Work and creating a session per web request and flushing it at the end. From what I can tell, my current implementation isn't doing any of this. It is basically relying on the Repository to grab the session from the session factory and use it to run the queries. Are there any pitfalls to doing database access this way?

    Read the article

  • Keeping a large volume of data in Session - Suggestions / alternatives?

    - by Fishcake
    I'm developing a web app for which the client wants us to query their data as little as possible. The data will be coming from a Microsoft CRM instance. So we've agreed that data will only be queried as and when it is needed, therefore if a web user wants to see a list of contacts (for example) that list is fetched into a local DataTable. Then if a new contact is created on the website the new contact is sent to CRM and added to the local DataTable at the same time. Likewise for edits. If the user then looks at their contacts again the data will just come from the local DataTable. At the moment local data is being kept in Session but my concern is that too much memory will start being used up. However traffic is expected to be pretty small, perhaps no more than 20 concurrent users so am I worrying about nothing or is there a better way you can suggest to handle this?

    Read the article

  • Restoring web session in struts2

    - by bozo
    Hi, I have a classical scenario of a website and payment gateway integration, where the request for payment is sent to payment processor, and the payment processor calls back my application once it's done with some parameters I passed to it in the original request. Among parameters, we pass jsessionid and we expect that when the remote server makes request to our server (via customer browser redirect to our server) that the session will be the same as the session used to send the initial payment request. This does not happen, we have two different sessions, although the payment processor includes our original jsessionid in the request to us (https://blabla/?jsessionid=something). How should we go about recreating a session in struts2, in the only thing that connects the 'OLD' and 'NEW' session is the jsessionid in the request URL? Any ideas? Is this possible at all or is the 'OLD' session data deleted when the user moves away from our server onto a completely different domain of a payment processor with their data-entry form? This would explain our innability to recreate the session. Thanks a lot for your replies.

    Read the article

  • Session Logout in every two minutes.

    - by Pankaj Mishra
    I have Web Application in asp.net. Where I am maintaining Session for every User. And every Time I got logout in Approx 2 min. I tried to increase this time through web Config File upto 60 min but it is not working For me and I m getting same problem. I have created A class file For maintaining session.I am Using This Code. public static void createSession(System.Web.SessionState.HttpSessionState session) { Session = session; } This is my class file code. And I am calling this function in login Page load like this. BusinessClasses.SessionHandler.createSession(Page.Session); Then After I am Checking In everyPage. But this code is not working for me. Please Give Suggest me correct solution for this problem.

    Read the article

  • How do I save a transient object that already exists in an NHibernate session?

    - by Daniel T.
    I have a Store that contains a list of Products: var store = new Store(); store.Products.Add(new Product{ Id = 1, Name = "Apples" }; store.Products.Add(new Product{ Id = 2, Name = "Oranges" }; Database.Save(store); Now, I want to edit one of the Products, but with a transient entity. This will be, for example, data from a web browser: // this is what I get from the web browser, this product should // edit the one that's already in the database that has the same Id var product = new Product{ Id = 2, Name = "Mandarin Oranges" }; store.Products.Add(product); Database.Save(store); However, trying to do it this way gives me an error: a different object with the same identifier value was already associated with the session How do I get around this problem?

    Read the article

  • php session not working (as with cookies disabled), but cookies are enabled for the domain. What oth

    - by SWilk
    Hi, I have a problem with a client, who cannot log in to our system. We have PHP-based B2B system, which uses cookies to store session-id. The client cannot log in and is redirected to the login page, without any error message. He claims he have cookies enabled in his Firefox. Also, if he had cookies disabled, my javascript would detect this and would show him an red, very descriptive error info. He does not seen anything like this. What else could have same effect on sessions like disabled cookies in browser? Are there any proxies which filters cookies? Any AV software, etc? What to look for? Our login form works for any other user without problems.

    Read the article

  • PHP Session Class and $_SESSION Array

    - by Gianluca Bargelli
    Hello, i've implemented this custom PHP Session Class for storing sessions into a MySQL database: class Session { private $_session; public $maxTime; private $database; public function __construct(mysqli $database) { $this->database=$database; $this->maxTime['access'] = time(); $this->maxTime['gc'] = get_cfg_var('session.gc_maxlifetime'); session_set_save_handler(array($this,'_open'), array($this,'_close'), array($this,'_read'), array($this,'_write'), array($this,'_destroy'), array($this,'_clean') ); register_shutdown_function('session_write_close'); session_start();//SESSION START } public function _open() { return true; } public function _close() { $this->_clean($this->maxTime['gc']); } public function _read($id) { $getData= $this->database->prepare("SELECT data FROM Sessions AS Session WHERE Session.id = ?"); $getData->bind_param('s',$id); $getData->execute(); $allData= $getData->fetch(); $totalData = count($allData); $hasData=(bool) $totalData >=1; return $hasData ? $allData['data'] : ''; } public function _write($id, $data) { $getData = $this->database->prepare("REPLACE INTO Sessions VALUES (?, ?, ?)"); $getData->bind_param('sss', $id, $this->maxTime['access'], $data); return $getData->execute(); } public function _destroy($id) { $getData=$this->database->prepare("DELETE FROM Sessions WHERE id = ?"); $getData->bind_param('S', $id); return $getData->execute(); } public function _clean($max) { $old=($this->maxTime['access'] - $max); $getData = $this->database->prepare("DELETE FROM Sessions WHERE access < ?"); $getData->bind_param('s', $old); return $getData->execute(); } } It works well but i don't really know how to properly access the $_SESSION array: For example: $db=new DBClass();//This is a custom database class $session=new Session($db->getConnection()); if (isset($_SESSION['user'])) { echo($_SESSION['user']);//THIS IS NEVER EXECUTED! } else { $_SESSION['user']="test"; Echo("Session created!"); } At every page refresh it seems that $_SESSION['user'] is somehow "resetted", what methods can i apply to prevent such behaviour?

    Read the article

  • PHP session values lost after redirect on one script but preserved after redirection on another.

    - by Iuhiz
    On my registration script i have: // Save registration information into the database // Set sessions $_SESSION['var1'] = 'somevalue'; $_SESSION['var2'] = 'anothervalue'; header('Location: /somewhere'); exit(); Then on my login script i have: // Check if user provided correct login credentials if (correct) { $_SESSION['var1'] = 'somevalue'; $_SESSION['var2'] = 'anothervalue'; } header('Location: /somewhere'); exit(); What happened is that the session variables were lost after the header redirect in the registration script but they were preserved after the redirect in the login script. I've checked session_id() at both pages and they have the same value, included session_start() at the top of every page and basically tried the solutions to this common problem found on Stackoverflow but somehow nothing seemed to work. I'm beginning to wonder if it is something to do with my server configuration instead of my code.

    Read the article

  • Session is null when inherit from System.Web.UI.Page

    - by Andreas K.
    I want to extend the System.Web.UI.Page-class with some extra stuff. In the ctor I need the value of a session-variable. The problem is that the Session-object is null... public class ExtendedPage : System.Web.UI.Page { protected foo; public ExtendedPage() { this.foo = (int)HttpContext.Current.Session["foo"]; // NullReferenceException } } If I move the part with the session-object into the Load-Event everything works fine... public class ExtendedPage : System.Web.UI.Page { protected foo; public ExtendedPage() { this.Load += new EventHandler(ExtendedPage_Load); } void ExtendedPage_Load(object sender, EventArgs e) { this.foo = (int)HttpContext.Current.Session["foo"]; } } Why is the Session-object null in the first case??

    Read the article

  • How to get session variables from php server with Ajax function? (PHP HTML JS Ajax)

    - by Ole Jak
    so in my php I have something like this $_SESSION['opened'] = true; But It will not be set to true until user will perform some actions with some other html\php pages So I need on some Ajax function to be able get this session variable. And some PHP sample of function to get variable in form ready for Ajax to get it. so I need something to AJAX requesting to an action (to some simple php code) which will return a value from $_SESSION. How to do such thing?

    Read the article

  • Potential issue when using memcache session save handler in PHP

    - by Sean
    I have two load balanced web servers, and I'm using the memcache session save handler with the save path pointing to two memcache servers. It's configured with session redundancy set to two (the number of memcache servers). So PHP is writing session data to both memcache servers, and when I take one of the servers down, everything seems to work fine since the session data has been written to both memcache servers. The problem seems to happen when I use the app for a while with only the one memcache server up, and then bring the other one back up. My theory is that the memcache server comes back up, and PHP then starts asking it for session data which isn't there since it was written to the other server while this one was down. Is there any merit to this theory? Should PHP be asking both servers for the session data and maybe there's some other problem?

    Read the article

  • How to merge or copy anonymous session data into user data when user logs in?

    - by benhoyt
    This is a general question, or perhaps a request for pointers to other open source projects to look at: I'm wondering how people merge an anonymous user's session data into the authenticated user data when a user logs in. For example, someone is browsing around your websites saving various items as favourites. He's not logged in, so they're saved to an anonymous user's data. Then he logs in, and we need to merge all that data into their (possibly existing) user data. Is this done different ways in an ad-hoc fashion for different applications? Or are there some best practices or other projects people can direct me to?

    Read the article

  • How to Synchronize Session / Security between ASP.NET and Tomcat?

    - by Jay Stevens
    I have an Asp.NET 3.5 application with security/authentication. I have a second application (built using GWT and running on Windows Tomcat) running on a different machine. I need to make the second application available to the user via a link generated from the .NET application. This part is easy, I have constructed the link in the asp.net page and the user can click on it to start working in the GWT/Tomcat session. My question is this... How do I set it up so that the Tomcat/GWT application is Only Accessible via the link in my asp.NET application? I don't want the user to be able to copy the link from my asp.net page and then share that with someone else who is not authenticated within my asp.net application.

    Read the article

  • Passing Session[] and Request[] to Methods in C#

    - by NYARROW
    In C#, How do you pass the Session[] and Request[] objects to a method? I would like to use a method to parse out Session and Request paramaters for a .aspx page to reduce the size of my Page_Load method. I am passing quite a few variables, and need to support both POSTand GET methods. For most calls, not all variables are present, so I have to test every variable multiple ways, and the code gets long... This is what I am trying to do, but I can't seem to properly identify the Session and Request paramaters (this code will not compile, because the arrays are indexed by number) static string getParam( System.Web.SessionState.HttpSessionState[] Session, System.Web.HttpRequest[] Request, string id) { string rslt = ""; try { rslt = Session[id].ToString(); } catch { try { rslt = Request[id].ToString(); } catch { } } return rslt; } From Page_Load, I want to call this method as follows to retrieve the "MODE" paramater: string rslt; rslt = getParam(Session, Request, "MODE"); Thanks!

    Read the article

  • How to change Session for only one route in asp.net mvc?

    - by denis_n
    How to handle Application_BeginRequest using a custom filter in asp.net mvc? I want to restore session only for one route (~/my-url). It would be cool, if I could create a custom filter and handle that. protected void Application_BeginRequest(object sender, EventArgs e) { var context = HttpContext.Current; if (string.Equals("~/my-url", context.Request.AppRelativeCurrentExecutionFilePath, StringComparison.OrdinalIgnoreCase)) { string sessionId = context.Request.Form["sessionId"]; if (sessionId != null) { HttpCookie cookie = context.Request.Cookies.Get("ASP.NET_SessionId"); if (cookie == null) { cookie = new HttpCookie("ASP.NET_SessionId"); } cookie.Value = sessionId; context.Request.Cookies.Set(cookie); } }

    Read the article

  • Remember me or not?

    - by taeja87
    I was told to post this on webmasters instead of stackoverflow. Is it safe to have the remember me feature? Would it be somewhat safe (knowing it won't be 100% safe) to allow users to close their browser and come back still logged in? I am not exacting sure which way I should go after reading different things about safety. I learned about session fixation and implemented security to add more protection. From experience, if remember me is checked then only your username/email appears and requires you to re-enter your password. Other sites allow you to come in and out as much as you way without logging out after the browser has closed. If it is safe, what is the current best way of implementing remember/stay logged in? http://stackoverflow.com/questions/3531377/best-practise-for-remember-me-feature http://stackoverflow.com/questions/5087969/what-is-the-code-for-stay-logged-in-or-remember-me-while-user-login-in-php http://bytes.com/topic/php/answers/881197-stay-logged-remember-me-php-sessions-cookies http://security.stackexchange.com/questions/41/good-session-practices Also: The site I am working on is email & password login type.

    Read the article

  • ACORD LOMA Session Highlights Policy Administration Trends

    - by [email protected]
    Helen Pitts, senior product marketing manager for Oracle Insurance, attended and is blogging from the ACORD LOMA Insurance Forum this week. Above: Paul Vancheri, Chief Information Officer, Fidelity Investments Life Insurance Company. Vancheri gave a presentation during the ACORD LOMA Insurance Systems Forum about the key elements of modern policy administration systems and how insurers can mitigate risk during legacy system migrations to safely introduce new technologies. When I had a few particularly challenging honors courses in college my father, a long-time technology industry veteran, used to say, "If you don't know how to do something go ask the experts. Find someone who has been there and done that, don't be afraid to ask the tough questions, and apply and build upon what you learn." (Actually he still offers this same advice today.) That's probably why my favorite sessions at industry events, like the ACORD LOMA Insurance Forum this week, are those that include insight on industry trends and case studies from carriers who share their experiences and offer best practices based upon their own lessons learned. I had the opportunity to attend a particularly insightful session Wednesday as Craig Weber, senior vice president of Celent's Insurance practice, and Paul Vancheri, CIO of Fidelity Life Investments, presented, "Managing the Dynamic Insurance Landscape: Enabling Growth and Profitability with a Modern Policy Administration System." Policy Administration Trends Growing the business is the top issue when it comes to IT among both life and annuity and property and casualty carriers according to Weber. To drive growth and capture market share from competitors, carriers are looking to modernize their core insurance systems, with 65 percent of those CIOs participating in recent Celent research citing plans to replace their policy administration systems. Weber noted that there has been continued focus and investment, particularly in the last three years, by software and technology vendors to offer modern, rules-based, configurable policy administration solutions. He added that these solutions are continuing to evolve with the ongoing aim of helping carriers rapidly meet shifting business needs--whether it is to launch new products to market faster than the competition, adapt existing products to meet shifting consumer and /or regulatory demands, or to exit unprofitable markets. He closed by noting the top four trends for policy administration either in the process of being adopted today or on the not-so-distant horizon for the future: Underwriting and service desktops New business automation Convergence of ultra-configurable and domain content-rich systems Better usability and screen design Mitigating the Risk When Making the Decision to Modernize Third-party analyst research from advisory firms like Celent was a key part of the due diligence process for Fidelity as it sought a replacement for its legacy policy administration system back in 2005, according to Vancheri. The company's business opportunities were outrunning system capability. Its legacy system had not been upgraded in several years and was deficient from a functionality and currency standpoint. This was constraining the carrier's ability to rapidly configure and bring new and complex products to market. The company sought a new, modern policy administration system, one that would enable it to keep pace with rapid and often unexpected industry changes and ahead of the competition. A cross-functional team that included representatives from finance, actuarial, operations, client services and IT conducted an extensive selection process. This process included deep documentation review, pilot evaluations, demonstrations of required functionality and complex problem-solving, infrastructure integration capability, and the ability to meet the company's desired cost model. The company ultimately selected an adaptive policy administration system that met its requirements to: Deliver ease of use - eliminating paper and rework, while easing the burden on representatives to sell and service annuities Provide customer parity - offering Web-based capabilities in alignment with the company's focus on delivering a consistent customer experience across its business Deliver scalability, efficiency - enabling automation, while simplifying and standardizing systems across its technology stack Offer desired functionality - supporting Fidelity's product configuration / rules management philosophy, focus on customer service and technology upgrade requirements Meet cost requirements - including implementation, professional services and licenses fees and ongoing maintenance Deliver upon business requirements - enabling the ability to drive time to market for new products and flexibility to make changes Best Practices for Addressing Implementation Challenges Based upon lessons learned during the company's implementation, Vancheri advised carriers to evaluate staffing capabilities and cultural impacts, review business requirements to avoid rebuilding legacy processes, factor in dependent systems, and review policies and practices to secure customer data. His formula for success: upfront planning + clear requirements = precision execution. Achieving a Return on Investment Vancheri said the decision to replace their legacy policy administration system and deploy a modern, rules-based system--before the economic downturn occurred--has been integral in helping the company adapt to shifting market conditions, while enabling growth in its direct channel sales of variable annuities. Since deploying its new policy admin system, the company has reduced its average time to market for new products from 12-15 months to 4.5 months. The company has since migrated its other products to the new system and retired its legacy system, significantly decreasing its overall product development cycle. From a processing standpoint Vancheri noted the company has achieved gains in automation, information, and ease of use, resulting in improved real-time data edits, controls for better quality, and tax handling capability. Plus, with by having only one platform to manage, the company has simplified its IT environment and is well positioned to deliver system enhancements for greater efficiencies. Commitment to Continuing the Investment In the short and longer term future Vancheri said the company plans to enhance business functionality to support money movement, wire automation, divorce processing on payout contracts and cost-based tracking improvements. It also plans to continue system upgrades to remain current as well as focus on further reducing cycle time, driving down maintenance costs, and integrating with other products. Helen Pitts is senior product marketing manager for Oracle Insurance focused on life/annuities and enterprise document automation.

    Read the article

  • Session cookie not being created in Rails, very rarely and frustratingly.

    - by James
    Hi everyone, This is an issue sporadically for very few users, however we haven't been able to replicate it. However I have now got a Chrome instance (Mac) which is reproducing the error (for some unknown reason), and I hope to not restart it until I have this nailed! Rails application, using memcached for session store. While the bug manifests in the _app_session_id cookie not being created, our javascript-generated cookie test and app-generated language cookies are being created successfully. This means that 422 / InvalidAuthToken errors are thrown for every form that is submitted by those afflicted - people can't log into the app. The error occurs across all browsers - had reports for IE7 and Firefox (which most users use). Switching to another browser often fixes the issue (though not always), and standard cache-cookie-clear tactics do not. So now that I have got Chrome open which is having the same issue - in development, staging and live environments (meaning http and https). All other browsers are fine. I've restarted the servers and restarted memcached. I don't really want to restart Chrome - in the risk that the issue does go away with that (having said that, it hasn't worked for users). I've been tcpdumping the requests - and although I'll keep digging, I'd love it if anyone had any suggestions, places to start looking, anything. This is really painful ;) Thanks!

    Read the article

  • Constant CMS Session Expiry On 1&1 Cloud Server?

    - by leen3o
    I have a couple of 1&1's 'Dynamic Cloud Servers' and running Win2008R2 and they are setup as web servers, I have a number of Umbraco CMS installs on them and they have been running fine for over a year. On Saturday on BOTH servers, a very strange thing happened - As soon as I login to the CMS/Umbraco admin I am logged out with about 5 seconds? It's as if my session expires the moment I login? I have checked everything I can as I'm not really a server admin, and everything seems to be exactly as it was last week? Like I say this has happened EXACTLY the same time (Saturday) on TWO different servers? I'm just looking for ideas of what I should be looking for? Also the front end of the sites seem fine... Its only the backend when I login. I have gone to 1&1 about this, and as usual they have washed their hands saying its nothing to do with them - When I am certain it is. How can this happen on two different servers, and affect the same sites in exactly the same way? Any help, tips, things to try would be greatly appreciated.

    Read the article

  • Storing Credit Card Numbers in SESSION - ways around it?

    - by JM4
    I am well aware of PCI Compliance so don't need an earful about storing CC numbers (and especially CVV nums) within our company database during checkout process. However, I want to be safe as possible when handling sensitive consumer information and am curious how to get around passing CC numbers from page to page WITHOUT using SESSION variables if at all possible. My site is built in this way: Step 1) collect Credit Card information from customer - when customer hits submit, the information is first run through JS validation, then run through PHP validation, if all passes he moves to step 2. Step 2) Information is displayed on a review page for customer to make sure the details of their upcoming transaction are shown. Only the first 6 and last 4 of the CC are shown on this page but card type, and exp date are shwon fully. If he clicks proceed, Step 3) The information is sent to another php page which runs one last validation, sends information through secure payment gateway, and string is returned with details. Step 4) If all is good and well, the consumer information (personal, not CC) is stored in DB and redirected to a completion page. If anything is bad, he is informed and told to revisit the CC processing page to try again (max of 3 times). Any suggestions?

    Read the article

  • Is it possible to use a serial port like session in c#?

    - by Pandiya Chendur
    I am using serial port communication in my asp.net webform application... private bool sendSMS(int portNo, string mobNo, string details) { try { SerialPort SerialPort1 = new SerialPort(); SerialPort1.PortName = "COM" + portNo.ToString(); SerialPort1.BaudRate = 9600; SerialPort1.Parity = Parity.None; SerialPort1.DataBits = 8; SerialPort1.StopBits = StopBits.One; SerialPort1.RtsEnable = true; SerialPort1.DtrEnable = true; SerialPort1.Encoding.GetEncoder(); SerialPort1.ReceivedBytesThreshold = 1; SerialPort1.NewLine = Environment.NewLine; SerialPort1.Open(); SerialPort1.Write("AT" + SerialPort1.NewLine); Sleep(500); SerialPort1.Write("AT+CMGF=1" + SerialPort1.NewLine); Sleep(500); SerialPort1.Write("AT+CMGS=" + (char)34 + mobNo + (char)34 + SerialPort1.NewLine); Sleep(1000); SerialPort1.Write(details + (char)26); Sleep(2000); SerialPort1.Close(); } catch { } return true; } This method works when i send i single message... But when want to send sms in bulk opening and closing port everytime is not a good idea... So my question is it possible to use a serial port like session in c#?... When i open a port i want it to be open for 1 hour and then if my time expires i want to close the port and open it the next time... Any suggestion...

    Read the article

  • IE8 losing session cookies in popup windows.

    - by HackedByChinese
    We have an ASP.NET application that uses Forms Auth. When users log in, a session ID cookie and a Forms Auth ticket (stored as a cookie) are generated. These are session cookies, not permanent cookies. It is intentional and desirable that when the browser closes, the user is effectively logged out. Once a user logs in, a new window is popped up using window.open('location here');. The page that is opened is effectively the workspace the user works in throughout the rest of their session. From this page, other pop-ups are also used. Lately, we've had a number of customers (all using latest versions of IE8) complaining that the when they log in, the initial pop-up takes them back to the log in screen rather than their homepage. Alternately, users can sometimes log in, get to the homepage (which again, is in a new pop up window), and it all seems fine, until any additional pop-ups are created, where it starts redirecting them to the log in screen again. In attempting to troubleshoot the issue, I've used good old Fiddler. When the problem starts manifesting, I've noticed that the browser is not sending up the ASP.NET session ID session cookie OR the Forms Auth ticket session cookie, even though the response to the log in POST clearly pushes down those cookies. What's more strange is if I CTRL+N to open a new window from the popped-up window that is missing the session cookies, then manually type in the URL to the home page, those cookies magically appear again. However, subsequent window.open(); calls will continue to be broken, not sending the session cookies and taking the user to the log in screen. It's important to note that sometimes, for seemingly no good reason, those same users can suddenly log in and work normally for a while, then it goes back to broken. Now, I've ensured that there are no browser add-ons, plug-ins, toolbars, etc. are running. I've added our site as a trusted site and dropped the security settings to Low, I've modified the Cookie Privacy policy to "accept all" and even disabled automatic policy settings, manually forcing it to accept everything and include session cookies. Nothing appears to affect it. Also note the web application resides on a single server. There is no load balancing, web gardens, server farms, clusters, etc. The server does reside behind an ISA server, but other than that it's pretty straight forward. I've been searching around for days and haven't found anything actionable. Heck, sometimes I can't even reproduce it reliably. I have found a few references to people having this same problem, but they seem to be referencing an issue that was allegedly fixed in a beta or RC release (example: http://stackoverflow.com/questions/179260/ie8-loses-cookies-when-opening-a-new-window-after-a-redirect). These are release versions of IE, with up-to-date patches. I'm aware that I can try to set permanent cookies instead of session cookies. However, this has drastic security implications for our application. Update It seems that the problem automagically goes away when the user is added as a Local Administrator on the machine. Only time will tell if this change permanently (and positively) affects this problem. Time to bust out ProcMon and see if there is a resource access problem.

    Read the article

  • SQLAlchemy session management in long-running process

    - by codeape
    Scenario: A .NET-based application server (Wonderware IAS/System Platform) hosts automation objects that communicate with various equipment on the factory floor. CPython is hosted inside this application server (using Python for .NET). The automation objects have scripting functionality built-in (using a custom, .NET-based language). These scripts call Python functions. The Python functions are part of a system to track Work-In-Progress on the factory floor. The purpose of the system is to track the produced widgets along the process, ensure that the widgets go through the process in the correct order, and check that certain conditions are met along the process. The widget production history and widget state is stored in a relational database, this is where SQLAlchemy plays its part. For example, when a widget passes a scanner, the automation software triggers the following script (written in the application server's custom scripting language): ' wiget_id and scanner_id provided by automation object ' ExecFunction() takes care of calling a CPython function retval = ExecFunction("WidgetScanned", widget_id, scanner_id); ' if the python function raises an Exception, ErrorOccured will be true ' in this case, any errors should cause the production line to stop. if (retval.ErrorOccured) then ProductionLine.Running = False; InformationBoard.DisplayText = "ERROR: " + retval.Exception.Message; InformationBoard.SoundAlarm = True end if; The script calls the WidgetScanned python function: # pywip/functions.py from pywip.database import session from pywip.model import Widget, WidgetHistoryItem from pywip import validation, StatusMessage from datetime import datetime def WidgetScanned(widget_id, scanner_id): widget = session.query(Widget).get(widget_id) validation.validate_widget_passed_scanner(widget, scanner) # raises exception on error widget.history.append(WidgetHistoryItem(timestamp=datetime.now(), action=u"SCANNED", scanner_id=scanner_id)) widget.last_scanner = scanner_id widget.last_update = datetime.now() return StatusMessage("OK") # ... there are a dozen similar functions My question is: How do I best manage SQLAlchemy sessions in this scenario? The application server is a long-running process, typically running months between restarts. The application server is single-threaded. Currently, I do it the following way: I apply a decorator to the functions I make avaliable to the application server: # pywip/iasfunctions.py from pywip import functions def ias_session_handling(func): def _ias_session_handling(*args, **kwargs): try: retval = func(*args, **kwargs) session.commit() return retval except: session.rollback() raise return _ias_session_handling # ... actually I populate this module with decorated versions of all the functions in pywip.functions dynamically WidgetScanned = ias_session_handling(functions.WidgetScanned) Question: Is the decorator above suitable for handling sessions in a long-running process? Should I call session.remove()? The SQLAlchemy session object is a scoped session: # pywip/database.py from sqlalchemy.orm import scoped_session, sessionmaker session = scoped_session(sessionmaker()) I want to keep the session management out of the basic functions. For two reasons: There is another family of functions, sequence functions. The sequence functions call several of the basic functions. One sequence function should equal one database transaction. I need to be able to use the library from other environments. a) From a TurboGears web application. In that case, session management is done by TurboGears. b) From an IPython shell. In that case, commit/rollback will be explicit. (I am truly sorry for the long question. But I felt I needed to explain the scenario. Perhaps not necessary?)

    Read the article

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >