Search Results

Search found 22880 results on 916 pages for 'session cookie domain'.

Page 45/916 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

  • COMET with [Session ] TimeOut

    - by Amitd
    hi guys, Just Wondering how [Session] timeouts are(or can be) implemented when using Comet? I'm using Long polling Comet solution and want to implement a kind of Timeout feature. Example : If the user is on a Comet enabled page and doesn't respond to server events/notification for a period of time say 10 mins then invalidate his session and remove his request from server and redirect the user to a timeout page? Will this require Javascript XHR requests to check for a timeout explictly? Using ASP.NET 3.5 / C# (Doesn't need to be language specific) Thanks

    Read the article

  • General website publishing questions involving domain forwarding issue

    - by Gorgeousyousuf
    Even though I have been having a certain level of knowledge and experience about web development I have never interested in obtaining a domain and publishing a website from my own server. Since today I have been struggling with getting my own domain and configuring it utilizing web sources. I started with learning the outline of web publishing process including web server installation, deploying a website for testing purpose,router port forwarding, getting a domain and forwarding domain to my router which will also forward http requests to my web server I am confused about some parts and so far could not get the web site accessed from outside of the network. All I try to do is just for learning purpose so I do not pay much attention to security issues for now. I have Server 2008 and IIS 7.5 installed. I use a laptop and have access to the modem over wireless and my modem is Zoom x6 5590. Well I will continue explaining what I have done so far and what I think will be after each action I did, I have successfully had access to my website on any local computer entering the internal ip address and port pair of the host machine in a browser. Next, I forwarded port 80 of my host machine creating a virtual server like 10.0.0.x(internal ip(static) of the host) - tcp - start port : 80 - end port : 80 in router options. Now I suppose every request that will come to the public Ip on port 80 will be forwarded to my host machine(10.0.0.x) over port 80. So If everyhing went as desired, the website listening on port 80 will accept the request and process the issue and finally respond bla bla bla... I suppose to access my website from outside of the network by entering http://MyPublicIp:80 in a browser but I couldn't accomplish this task by now despite using godady's domain forwarding tool,I see a small view of my website when I click the "preview" button that checks whether the address(http://publicip/Index.aspx) I entered where my domain will be forwarded is available or not. I am sure that configuring domain does not play a role in solving such a problem since using public ip and port matching does not help. So here is the first question, What is the fact that I face this problem? After that, I have couple of question regarding domain forwarding using godaddy tool. Can I forward my domain to a any port for example port 8080 other than default http port 80? Additionally, can I use a sub-domain to forward to a different port of the host? What I want to design is if the client enters www.mydomain.com, website1 will respond over a specified port and after when a client enters info.mydomain.com, another website which listens on different port will respond. I tried to add a sub-domain and forward it to a address like http://www.mydomain.com:8080/Index.aspx with no success. Can I really do that? Finally, what if I have a ftp site listening on the default port 21 and I create a domain like ftp.mydomain.com that will forward to that ftp site address. Is it possible to use sub-domains for ftp site access? I know I am more than confused but no matter whatever and however you reply to me, you will help me have a more clear view on this subject. Thank you very much from now.

    Read the article

  • Detect Client Computer name when an RDP session is open

    - by Ubiquitous Che
    Hey all, My manager has pointed out to me a few nifty things that one of our accounting applications can do because it can load different settings based on the machine name of the host and the machine name of the client when the package is opened in an RDP session. We want to provide similar functionality in one of my company's applications. I've found out on this site how to detect if I'm in an RDP session, but I'm having trouble finding information anywhere on how to detect the name of the client computer. Any pointers in the right direction would be great. I'm coding in C# for .NET 3.5 EDIT The sample code I cobbled together from the advice below - it should be enough for anyone who has a use for the WTSQuerySessionInformation to get a feel for what's going on. Note that this isn't necessarily the best way of doing it - just a starting point that I've found useful. When I run this locally, I get boring, expected answers. When I run it on our local office server in an RDP session, I see my own computer name in the WTSClientName property. using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Runtime.InteropServices; namespace TerminalServicesTest { class Program { const int WTS_CURRENT_SESSION = -1; static readonly IntPtr WTS_CURRENT_SERVER_HANDLE = IntPtr.Zero; static void Main(string[] args) { StringBuilder sb = new StringBuilder(); uint byteCount; foreach (WTS_INFO_CLASS item in Enum.GetValues(typeof(WTS_INFO_CLASS))) { Program.WTSQuerySessionInformation( WTS_CURRENT_SERVER_HANDLE, WTS_CURRENT_SESSION, item, out sb, out byteCount); Console.WriteLine("{0}({1}): {2}", item.ToString(), byteCount, sb); } Console.WriteLine(); Console.WriteLine("Press any key to exit..."); Console.ReadKey(); } [DllImport("Wtsapi32.dll")] public static extern bool WTSQuerySessionInformation( IntPtr hServer, int sessionId, WTS_INFO_CLASS wtsInfoClass, out StringBuilder ppBuffer, out uint pBytesReturned); } enum WTS_INFO_CLASS { WTSInitialProgram = 0, WTSApplicationName = 1, WTSWorkingDirectory = 2, WTSOEMId = 3, WTSSessionId = 4, WTSUserName = 5, WTSWinStationName = 6, WTSDomainName = 7, WTSConnectState = 8, WTSClientBuildNumber = 9, WTSClientName = 10, WTSClientDirectory = 11, WTSClientProductId = 12, WTSClientHardwareId = 13, WTSClientAddress = 14, WTSClientDisplay = 15, WTSClientProtocolType = 16, WTSIdleTime = 17, WTSLogonTime = 18, WTSIncomingBytes = 19, WTSOutgoingBytes = 20, WTSIncomingFrames = 21, WTSOutgoingFrames = 22, WTSClientInfo = 23, WTSSessionInfo = 24, WTSSessionInfoEx = 25, WTSConfigInfo = 26, WTSValidationInfo = 27, WTSSessionAddressV4 = 28, WTSIsRemoteSession = 29 } }

    Read the article

  • Sharing ASP.NET State databases between multiple apps

    - by MikeWyatt
    Is it better for a collection of ASP.NET web apps to share the same session database, or should each one have its own? If there is no significant difference, having a single database would be preferable due to easier maintenance. Background My team has an assortment of ASP.NET web apps, all written in either Monorail 1.1 or ASP.NET MVC 1.0. Each app currently uses a dedicated session state database. I'm working on adding a new site to that list, and am debating whether I should create another new session database, or just share an existing one with another app.

    Read the article

  • Java - Google App Engine - InvalidClassException when I change a class that was stored in session sc

    - by Spines
    I updated my User class, and now whenever someone that had the old version of the User class stored in their session scope accesses my site, I get an InvalidClassException. javax.servlet.ServletException: java.lang.RuntimeException: java.io.InvalidClassException: User; local class incompatible: stream classdesc serialVersionUID = 4949038118012519093, local class serialVersionUID = -971500502189813151 How do I stop this error from happening for those users? I could probably invalidate everyone's sessions every time I want to update a class that gets stored in session scope, but is there a better way, so that my user's don't have to login again?

    Read the article

  • Users being forced to re-login randomly, before session and auth ticket timeout values are reached

    - by Don
    I'm having reports and complaints from my user that they will be using a screen and get kicked back to the login screen immediately on their next request. It doesn't happen all the time but randomly. After looking at the Web server the error that shows up in the application event log is: Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Everything that I read starts out with people asking about web gardens or load balancing. We are not using either of those. We're a single Windows 2003 (32-bit OS, 64-bit hardware) Server with IIS6. This is the only website on this server too. This behavior does not generate any application exceptions or visible issues to the user. They just get booted back to the login screen and are forced to login. As you can imagine this is extremely annoying and counter-productive for our users. Here's what I have set in my web.config for the application in the root: <authentication mode="Forms"> <forms name=".TcaNet" protection="All" timeout="40" loginUrl="~/Login.aspx" defaultUrl="~/MyHome.aspx" path="/" slidingExpiration="true" requireSSL="false" /> </authentication> I have also read that if you have some locations setup that no longer exist or are bogus you could have issues. My path attributes are all valid directories so that shouldn't be the problem: <location path="js"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="images"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="anon"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="App_Themes"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="NonSSL"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> The only thing I'm not clear on is if my timeout value in the forms property for the auth ticket has to be the same as my session timeout value (defined in the app's configuration in IIS). I've read some things that say you should have the authentication timeout shorter (40) than the session timeout (45) to avoid possible complications. Either way we have users that get kicked to the login screen a minute or two after their last action. So the session definitely should not be expiring. Update 2/23/09: I've since set the session timeout and authentication ticket timeout values to both be 45 and the problem still seems to be happening. The only other web.config in the application is in 1 virtual directory that hosts Community Server. That web.config's authentication settings are as follows: <authentication mode="Forms"> <forms name=".TcaNet" protection="All" timeout="40" loginUrl="~/Login.aspx" defaultUrl="~/MyHome.aspx" path="/" slidingExpiration="true" requireSSL="true" /> </authentication> And while I don't believe it applies unless you're in a web garden, I have both of the machine key values set in both web.config files to be the same (removed for convenience): <machineKey validationKey="<MYVALIDATIONKEYHERE>" decryptionKey="<MYDECRYPTIONKEYHERE>" validation="SHA1" /> <machineKey validationKey="<MYVALIDATIONKEYHERE>" decryptionKey="<MYDECRYPTIONKEYHERE>" validation="SHA1"/> Any help with this would be greatly appreciated. This seems to be one of those problems that yields a ton of Google results, none of which seem to be fitting into my situation so far.

    Read the article

  • How Easy Is It to Hijack Session Vars on GoDaddy (PHP)

    - by yar
    This article states that If your site is run on a shared Web server, be aware that any session variables can easily be viewed by any other users on the same server. On a larger host like GoDaddy, are there really no protections in place against this? Could it really be that easy? If it is that easy, where are the session vars of the other users on my host so I can check them out? Edit: I didn't believe it, but here's my little program which shows that this is true! I wonder if those are really the same as the value stored in the cookies on the users' machine?

    Read the article

  • Recursive FTP directory listing in shell/bash with a single session (using cURL or ftp)

    - by Timo
    I am writing a little shellscript that needs to go through all folders and files on an ftp server (recursively). So far everything works fine using cURL - but it's pretty slow, becuase cURL starts a new session for every command. So for 500 directories, cURL preforms 500 logins. Does anybody know, whether I can stay logged in using cURL (this would be my favourite solution) or how I can use ftp with only one session in a shell script? I know how to execute a set of ftp commands and retrieve the response, but for the recursive listing, it has to be a little more dynamic... Thanks for your help!

    Read the article

  • Having an issue with org.hibernate.SessionException: Session is closed! in Hibernate

    - by hal10001
    I've done quite a bit a research on this with no luck, but all the answers have a tendency to point toward the session context settings in the config file. What is odd is that I get a session connection the very first time I hit the page (and therefore, a successful result set), but then when I reload I get the following exception: org.hibernate.SessionException: Session is closed! Here are my config settings that are not DB connection string related: <property name="hibernate.show_sql">false</property> <property name="hibernate.dialect">org.hibernate.dialect.SQLServerDialect</property> <property name="hibernate.current_session_context_class">thread</property> <property name="hibernate.cache.provider_class">org.hibernate.cache.NoCacheProvider</property> <property name="hibernate.cache.use_query_cache">false</property> <property name="hibernate.cache.use_minimal_puts">false</property> Here is an example of a call I make that produces the situation I described above. public T get(int id) { session.beginTransaction(); T type; try { type = getTypeClass().cast(session.get(getTypeClass(), id)); } catch (ClassCastException classCastException) { throw new ClassCastException(classCastException.getMessage()); } session.getTransaction().commit(); return type; } The session variable reference is to a static field that contains the current session. All of the session connection details are textbook reference manual. For example, here is my Hibernate session utility: import org.hibernate.SessionFactory; import org.hibernate.cfg.Configuration; public class HibernateSessionFactoryUtil { private static final SessionFactory sessionFactory = buildSessionFactory(); private static SessionFactory buildSessionFactory() { try { return new Configuration().configure().buildSessionFactory(); } catch (Throwable ex) { System.err.println("Initial SessionFactory creation failed." + ex); throw new ExceptionInInitializerError(ex); } } public static SessionFactory getSessionFactory() { return sessionFactory; } }

    Read the article

  • IE won't start session from an iframe?..

    - by jayarjo
    The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice. Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and which is supposed to start a proper session for a remote app, which is then loaded in another iframe. This approach works fine in FF/Chrome, but not IE... However if I copy url to self-made remote authorization script from iframe's src attribute to to IE's address bar and load it from there, session get's created as expected. But for some reason it just doesn't want to do the same from an iframe. Does anyone have any clue, why this is happening?

    Read the article

  • losing session in rails 2.3.2 app using subdomain

    - by mike in africa
    i have a 2.2.3 app which i upgraded to 2.3.2 it's a multi-site (using subdomain) that creates one top level session for all sites. this is how i change the domain in production.rb: ActionController::Base.session_options[:domain] = "xxx.com" # in rails 2.2.2, this is what i used to do: # ActionController::Base.session_options[:session_domain] = "xxx.com" strange things started to happen after i upgraded i can no longer login using restful authentication; it does authenticate me, but as soon as i'm redirected, it would ask me to login again. as i said, i use restful_authentication and i also use passenger 2.1.2. anyone can help?

    Read the article

  • Invalidating session before iPhone application quits

    - by tartox
    Hello I would like to tell the server to invalidate an ongoing session when the user quits the iPhone application. In the app delegate, I send a request to the server in the (void)applicationWillTerminate:(UIApplication *)application method. I am not waiting for a server answer, I just want to send the request and quit. However I cant see any packet leaving the application. The same code in another place works fine. Session has a limited duration anyway and the server will invalidate it after a while, but I would prefer to do it nicely when leaving application. Is it normal that no NSURLConnection can be established from the applicationWillTerminate method ? Thank you.

    Read the article

  • Is it safe to access asp.net session variables through static properties of a static object?

    - by Ronnie Overby
    Is it safe to access asp.net session variables through static properties of a static object? Here is what I mean: public static class SessionHelper { public static int Age { get { return (int)HttpContext.Current.Session["Age"]; } set { HttpContext.Current.Session["Age"] = value; } } public static string Name { get { return (string)HttpContext.Current.Session["Name"]; } set { HttpContext.Current.Session["Name"] = value; } } } Is it possible that userA could access userB's session data this way?

    Read the article

  • IIS 6 session timing out a lot quicker than expected

    - by Echiban
    I am working with an web application that has its sessions timing out a lot quicker than expected. We expected a timeout of 15 minutes but it's timing out at 3-4 minutes. Info about environment: IIS6 classic ASP / COM+ app timeout OK on current PROD, much quicker in dev / QA environments We already disabled app pool recycling, and even put IIS in isolation mode - no effect HTTP err log doesn't display any lines when session times out We've done a close comparison of PROD and DEV / QA environments, and given we use virtual machines on all of them, settings should be preserved. I tried to find IIS blog notes from David Wang but many of them now have HTTP 404 errors, and I don't know what else to do. Please help! At the very least, is there a way to get IIS to log every time a session expires? At the very least some means of logging / debugging IIS would be useful. Thanks in advance.

    Read the article

  • PHP session destroyed / lost after header

    - by ILMV
    I've got a script that sets some session values before redirecting to / using header(). I've read many posts about the $_SESSION variable being destroyed / lost after header(), even after I implemented this: // set session here session_regenerate_id(true); session_write_close(); header("Location: /"); session_start() is set in the correct places, does anyone know of anything that I might be missing? On the index.php page I have this: session_start(); print_r($_SESSION); // outputs nothing :'( The code is pretty complex so will not post it all, just snippets.

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • Combining Session and Cache

    - by Zyphrax
    To make my extranet web application even faster/more scalable I think of using some of the caching mechanisms. For some of the pages we'll use HTML caching, please ignore that technique for this question. E.g.: at some point in time 2500 managers will simultaneously login on our application (most of them with the same Account/Project) I think of storing an Account-cachekey and Project-cachekey into the user's Session and use that to get the item from the Cache. I could have simply stored the Account into the session, but that would result in 2500 of the same Accounts in memory. Is there a better solution to this or does it make sense :)?

    Read the article

  • Using ASP.NET Session for Lifetime Management (Unity)

    - by Sigray
    I am considering using Unity to manage the lifetime of a custom user class instance. I am planning on extending the LifetimeManager with a custom ASP.NET session manager. What I want to be able to do is store and retrieve the currently logged in user object from my custom classes, and have Unity get the instance of User from the session object in ASP.NET, or (when in a Win32 project) retrieve it statically or from the current thread. So far my best solution is to create a static instance of my Unity container on startup, and use the Resolve method to get my User object from each of my classes. However, this seems to create a dependency on the unity container in my other classes. What is the more "Unity" way of accomplishing this goal? I would like to be able to read/replace the current User instance from any class.

    Read the article

  • Hibernate session method to update object

    - by EugeneP
    I need this roadmap of a Hibernate managed object instance. First, I create an instance with initial properties and persist this object in a db. Then session associated with this object is closed. But still, I serialize my object and on the next step deserialize it, invoke some setters, and again, I need to update what changed in a database. What methods of Hibernate session should I use? persist() or save() on the first step and saveOrUpdate() on the second? In fact I see that saveOrUpdate() can be used on each step. What would you recommend?

    Read the article

  • Using Session Variables inside an ajax document

    - by Pete Herbert Penito
    Hi, For some reason I've having problems reading this session variable within an ajax document, I've got this inside online.php: ` session_start(); if (isset($_SESSION['username'])) { $username = $_SESSION['username']; } ` For some Reason this is not setting username even when the session var is being used on the host page, i call on the php file every second using this ` $(document).ready(function() { var refreshId = setInterval(function() { $('#timeval').load('online.php'); }, 1000); $("#stop").click(function() { clearInterval(refreshId); }); }); ` Am I doing something wrong, or is this not even possible?? Any advice would really help thanks alot!

    Read the article

  • JSF session issue

    - by user234194
    I have got a situation where I have list of records say 10,000, I am using datatable and I am using paging,(10 records per display). I wanted to put put that list in the session as: facesContext........put("mylist", mylist); And in the getters of the mylist, I have public List<MyClass> getMyList() { if(mylist== null){ mylist= (List<MyClass>) FacesContext......getSessionMap().get("mylist"); } return mylist; } Now the problem is whene ever i click on paging button to go to second page, only the first records are displayed, I know i am missing some thing, and I have few questions: Is the way of putting the list in session correct. Is this the way I should be calling the list in my case. Thnaks in advance...

    Read the article

  • ActiveRecordStore InvalidAuthenticityToken

    - by Andy
    I have recently been using cookie store and I want to transition to active record store. However I keep getting an invalid authenticity token. After deleting my cookies, I was able to access the page just fine, but I don't want all my users to come to my page, get a huge error and then figure out that I want them to delete their cookies. So I made a function called delete cookies: after_filter :delete_cookie def delete_cookie puts "deleting cookies" cookies.to_hash.each_pair do |k, v| puts k cookies.delete(k) end end In application controller, but it doesn't seem to be working correctly. I still see my cookie after visiting any page. I feel like there really should be a better solution but I can't seem to find any so far. Any hints?

    Read the article

  • Can AdSense crawler view pages that require cookies?

    - by moomoochoo
    Details I require users to agree to terms and conditions before they can view several pages on my site. Once they have agreed a cookie is set and they can proceed to the webpage. If a user somehow manages to end up on the webpage without a cookie they will not be able to access the page's content. My question(s) Is the AdSense crawler able to set the cookie and visit these pages? If yes, how will it know to agree to the TOS? Is there some way to allow it access to the pages even if it couldn't use cookies?

    Read the article

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >