Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

Page 6/380 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Plesk + Apache + PHP (FastCGI): Constant session permissions problems, conflicts between HTTP / HTTPS

    - by Hans Engel
    I've just moved a collection of sites over to a brand-new server, running Apache 2.2.3, PHP 5.3, and Plesk 10.1.1. I am having problems with file permissions on PHP sessions, which are being stored in /var/lib/php/session. I originally set the permissions like so for this folder: drwxrwx--- 2 apache psacln 8192 Mar 22 23:25 session This worked fine, for HTTP sessions. Files were being saved in that folder with these permissions: -rw------- 1 client1 psacln 0 Mar 22 23:24 sess_507... -rw------- 1 client2 psacln 0 Mar 22 23:25 sess_8o1... The problem, however, is that PHP scripts accessed via HTTPS do not seem to be run by the same client1 or client2 user. I deleted files in the session directory and accessed a login page via HTTPS to see how sessions were being saved when initiated via this protocol: -rw------- 1 apache apache 0 Mar 22 23:25 sess_507... So, for whatever reason, sessions initiated by clients browsing with HTTPS were being saved by apache:apache, while sessions from HTTP clients were saved with someclient:psacln. What I'd like to ask: How can I avoid this problem with session permissions? When sessions are created via unencrypted HTTP and a client visits an HTTPS portion of the site, permission errors are shown, since apache:apache tries to access the session save created by someclient:psacln. The converse is also true. Can I change the user which runs the Apache HTTPS server, via Plesk or the command line? If not, can I have PHP sessions save with rw-rw---- permissions, and then add apache to the psacln group? Any other suggestions on how to fix this issue?

    Read the article

  • RAILS : authlogic authenication / session error , "session contains objects whose class definition i

    - by Surya
    Session contains objects whose class definition isn\'t available. Remember to require the classes for all objects kept in the session I am trying to integrate http://github.com/binarylogic/authlogic for authentication into my rails application . I follwed all the steps into mentioned in the documentation . Now i seem to be getting this error when i hit a controller . Looks like i am missing something obvious . stacktrace /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/session/abstract_store.rb:77:in `stale_session_check!' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/session/abstract_store.rb:61:in `load!' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/session/abstract_store.rb:28:in `[]' /Library/Ruby/Gems/1.8/gems/authlogic-2.1.3/lib/authlogic/session/session.rb:48:in `session_credentials' /Library/Ruby/Gems/1.8/gems/authlogic-2.1.3/lib/authlogic/session/session.rb:33:in `persist_by_session' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:178:in `send' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:178:in `evaluate_method' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:166:in `call' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:93:in `run' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:92:in `each' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:92:in `send' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:92:in `run' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:276:in `run_callbacks' /Library/Ruby/Gems/1.8/gems/authlogic-2.1.3/lib/authlogic/session/callbacks.rb:79:in `persist' /Library/Ruby/Gems/1.8/gems/authlogic-2.1.3/lib/authlogic/session/persistence.rb:55:in `persisting?' /Library/Ruby/Gems/1.8/gems/authlogic-2.1.3/lib/authlogic/session/persistence.rb:39:in `find' /Users/suryagaddipati/myprojects/groceryplanner/app/controllers/application_controller.rb:12:in `current_user_session' /Users/suryagaddipati/myprojects/groceryplanner/app/controllers/application_controller.rb:17:in `current_user' /Users/suryagaddipati/myprojects/groceryplanner/app/controllers/application_controller.rb:30:in `require_no_user' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:178:in `send' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:178:in `evaluate_method' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/callbacks.rb:166:in `call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:225:in `call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:629:in `run_before_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:615:in `call_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:610:in `perform_action_without_benchmark' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/benchmarking.rb:68:in `perform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/core_ext/benchmark.rb:17:in `ms' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/core_ext/benchmark.rb:10:in `realtime' /Library/Ruby/Gems/1.8/gems/activesupport-2.3.5/lib/active_support/core_ext/benchmark.rb:17:in `ms' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/benchmarking.rb:68:in `perform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/rescue.rb:160:in `perform_action_without_flash' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/flash.rb:146:in `perform_action' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/base.rb:532:in `send' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/base.rb:532:in `process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:606:in `process' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/base.rb:391:in `process' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/base.rb:386:in `call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/routing/route_set.rb:437:in `call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/dispatcher.rb:87:in `dispatch' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/dispatcher.rb:121:in `_call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/dispatcher.rb:130:in `build_middleware_stack' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/query_cache.rb:29:in `call' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/query_cache.rb:29:in `call' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/query_cache.rb:34:in `cache' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/query_cache.rb:9:in `cache' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/query_cache.rb:28:in `call' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:361:in `call' /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/string_coercion.rb:25:in `call' /Users/suryagaddipati/.gem/ruby/1.8/gems/rack-1.0.1/lib/rack/head.rb:9:in `call'

    Read the article

  • php sessions in database only writing part of information to the table...

    - by Ronedog
    I'm having difficulty figuring out what's going on here, hoping some one can help me out. I have been using php, mysql storing my session information in the database. The app is only running on localhost, vista. In the php.ini file I commented out the "session.save_handler = files" line and am using a php class to handle the session writes/reads, etc. My login process is this: Submit login credentials via login.php. login.php calls loginprocess.php. loginprocess.php verifies user, and if valid starts a new session and adds data to the session vars, then it redirects to index.php. Here's the problem. the loginprocess.php page has a bunch of session vars that get set like $_SESSION['account_id'] = $account_id; etc. but when I go to index.php and do a var_dump($_SESSION) it just says "array() empty". However, if I do a var_dump($_SESSION) in loginprocess.php, just before the redirection line header("Location: ../index.php"); then it shows all the data in the session variable. If I look in the database where the session information is stored, there is data in the session_id field, created_ts field, and expires field, but the session_data field has nothing inside of it and in the past this is the field where all my session data was stored. How could I be able to var_dump the session in loginprocess.php, but the data not exist in the db table, is it using some kind of caching? I cleared my cookies, etc...but no change. Why is the session_id, being written to the table, but the actual session data is not? Any ideas are appreciated. Thanks.

    Read the article

  • Unable to make the session state request to the session state server

    - by Angry_IT_Guru
    For about 4-5 months now, I seem to be having this sporadic issue--mainly during our busiest time of the day between 10:30-11:45AM, where all my Windows 2003 web servers in a Microsoft NLB cluster start throwing session state server errors. A sample error is below. System.Web.HttpException: Unable to make the session state request to the session state server. Please ensure that the ASP.NET State service is started and that the client and server ports are the same. If the server is on a remote machine, please ensure that it accepts remote requests by checking the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\AllowRemoteConnection. If the server is on the local machine, and if the before mentioned registry value does not exist or is set to 0, then the state server connection string must use either 'localhost' or '127.0.0.1' as the server name. at System.Web.SessionState.OutOfProcSessionStateStore.MakeRequest(StateProtocolVerb verb, String id, StateProtocolExclusive exclusiveAccess, Int32 extraFlags, Int32 timeout, Int32 lockCookie, Byte[] buf, Int32 cb, Int32 networkTimeout, SessionNDMakeRequestResults& results) at System.Web.SessionState.OutOfProcSessionStateStore.SetAndReleaseItemExclusive(HttpContext context, String id, SessionStateStoreData item, Object lockId, Boolean newItem) at System.Web.SessionState.SessionStateModule.OnReleaseState(Object source, EventArgs eventArgs) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Now I'm using ASP.NET State service on a centralized back-end Windows 2003 server that all servers communicate to. I was originally using SQL Server state for a couple years as well prior to having this issue. The problem with SQL wqas that when the issue occurred, it created a blocking situation which essentially impacted all users across all servers. The product company recommended that I use the standard ASP.NET State service as that was what they technically supported. Why this would make a difference is beyond me -- but I had no choice but to try it! I have attempted to create multiple application pools, adding additional servers, chaning TCP/IP timeout from 20 to 30 seconds, and even calling Microsoft ASP.NET product support, with very little success. I even recommended that they review whether they are using read-only session state instead of read/write per page request -- as I understand that this basically causes every page to make round-trips to state server even if state isn't being used on the page. Unfortunately, the application is developed by our product company and they insist that it is something with my environment because other clients do not have these sort of issues. However, I've talked to other clients and they tell me when they've seen issues like they, they've basically had to create another web farm. This issue almost seems like I've simply reached some architectural limit within the application... Microsoft's position on the issue is that the session state needs to be reduced and the returncode being reported back from the state server indicates buffers are full. To better understand the scope of issues (rather than wait for customers to call and complain), I installed ELMAH and configured it to send me e-mails when unhandled exceptions occur. I basically get 500-1000 e-mails during the time period of high activity! If any one has any other ideas I could try or better ways to troubleshoot, I'd appreciate it.

    Read the article

  • Tomcat session stickiness in session replication

    - by rabbit
    Hi, I am having a 2 instance load balanced and session replicated tomcat 6.0.20 cluster. Should sticky_session be set to true or false for in memory session replication. http://tomcat.apache.org/connectors-doc/reference/workers.html mentions : Set sticky_session to False when Tomcat is using a Session Manager which can persist session data across multiple instances of Tomcat. where as /tomcat-6.0-doc/cluster-howto.html (Cluster Basics) mentions : Make sure that your loadbalancer is configured for sticky session mode.

    Read the article

  • NEED your opinion on .net Profile class VS session vars

    - by Ted
    To save trips to sql db in my older apps, I store *dozens of data points about the current user in an array and then store the array in a session. For example, info that might be used repeatedly during user’s session might be stored… Dim a(7) as string a(0) = “FirstName” a(1) = “LastName” a(2) = “Address” a(3) = “Address2” a(4) = “City” a(5) = “State” a(6) = “Zip” session.add(“s_a”, a) *Some apps have an array 100 in size. That is something I learned in my asp classic days. Referencing the correct index can be laborsome and I find it difficult to go back and add another data point in the array grouped with like data. For example, suppose I need to add Middle Initial to the array as a design alteration. Unless I redo the whole index mapping, I have to stick Middle Initial in the next open slot, which might be in the 50s. NOW, I am considering doing something easier to reference each time (eliminating the need to know the index of the value wanted). So I am looking to do this… session.add(“Firstname”, “FirstName”) session.add(“Lastname”, “LastName”) session.add(“Address”, “Address”) etc. BUT, before I do this, I would like some guidance. I am afraid this might be less efficient, even though easier to use. I don’t know if a new session object is created for each data point or if there is only one session object, and I am adding a name/value pair to that object? If I am adding a name/value pair to a single object, that seems like a good idea. Does anyone know? Or is there a more preferred way? Built-in Profile class? Re: Profile class I have an internal debate about scope. It seems that the .net Profile class is good for storing app-SPECIFIC user settings (i.e. style theme, object display properties, user role, etc.) The examples I give are information whose values are selected/edited by the user to customize the application experience. This information is not typically stored/edited elsewhere in the app db. But when you have data that 1) is stored already in the app db and 2) can be altered by other users (in this case: company reps may update client's status, address, etc.), then the persistence of the Profile data may be an issue. In this case, the Profile would need to be reset at the beginning and dropped like a session.abandon at the end of each user's session to prevent reloading info that had since been edited by someone. I believe this is possible, but not sure Currently, I use the session array to store both scopes, app-specific and user-specific data. If my session plan is good, I think I will create a class to set/get values from the session also. I appreciate your thoughts. I would like to know how others have handled this type of situation. Thanks.

    Read the article

  • How to check if there is an active session in a JSF page?

    - by Roberto de Santis
    Hi, there is a way to check if there is an active session directly in jsf page? I have try this but it doesn't work: <p:ajaxStatus onerror="#{session == null ? 'idleDialog.show();' : null}" thank you in advance @Update I have see that onerror isn't fired even if viewExpiredException occurr. @Update 1 Ok i have implemented something that may work: <h:form> <p:idleMonitor timeout="10000" idleListener="#{idleMonitorController.idleListener}" onidle="sessionPoll.stop();idleDialog.show();"/> </h:form> <p:dialog header="Sessione scaduta per inattività" widgetVar="idleDialog" modal="true" width="400"> <h:outputText value="Sessione scaduta" /> <h:button value="Ripristina Sessione" onclick="idleDialog.hide();sessionPoll.start();" /> </p:dialog> <h:form prependId="false"> <p:poll widgetVar="sessionPoll" interval="1"/> </h:form> and this is the listner: public void idleListener(IdleEvent event) { System.out.println("aaaa"); final HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); request.getSession(false).invalidate(); } now the only problem is that the session.invalidate doesn't work

    Read the article

  • Handling 'session expired' in JSF web application, running in JBoss AS 5

    - by Veera
    This question is related to my other question "How to redirect to Login page when Session is expired in Java web application?". Below is what I'm trying to do: I've a JSF web application running on JBoss AS 5 When the user is inactive for, say 15 minutes, I need to log out the user and redirect him to the login page, if he is trying to use the application after the session has expired. So, as suggested in 'JSF Logout and Redirect', I've implemented a filter which checks for the session expired condition and redirects the user to a session-timed-out.jsp page, if the session has expired. I've added SessionExpiryCheckFilter on top of all other filter definitions in web.xml, so that my session expiry check will get the first hit always. Now comes the challenge I'm facing. Since I'm using JBoss AS, when the session expired, JBoss automatically redirects me to the login page (note that the session expiry check filter is not invoked). So, after I log-in, my SessionExpiryCheckFilter intercepts the request, and it sees a session is available. But, it throws the exception javax.faces.application.ViewExpiredException: viewId:/mypage.faces - View /mypage.faces could not be restored. Have anyone faced this issue before? Any ideas to solve this issue?

    Read the article

  • NHibernate Session per Call in WCF - How to Rollback

    - by Corey Coogan
    I've implemented some components to use WCF with both an IoC Container (StructureMap) and the Session per Call pattern. The NHibernate stuff is most taken from here: http://realfiction.net/Content/Entry/133. It seems to be OK, but I want to open a transaction with each call and commit at the end, rather than just Flush() which how its being done in the article. Here's where I am running into some problems and could use some advice. I haven't figured out a good way to rollback. I realize I can check the CommunicationState and if there's an exception, rollback, like so: public void Detach(InstanceContext owner) { if (Session != null) { try { if(owner.State == CommunicationState.Faulted) RollbackTransaction(); else CommitTransaction(); } finally { Session.Dispose(); } } } void CommitTransaction() { if(Session.Transaction != null && Session.Transaction.IsActive) Session.Transaction.Commit(); } void RollbackTransaction() { if (Session.Transaction != null && Session.Transaction.IsActive) Session.Transaction.Rollback(); } However, I almost never return a faulted state from a service call. I would typically handle the exception and return an appropriate indicator on my response object and rollback the transaction myself. The only way I can think of handling this would be to inject not only repositories into my WCF services, but also an ISession so I can rollback and handle the way I want. That doesn't sit well with me and seems kind of leaky. Anyone else handling the same problem?

    Read the article

  • Session timeout issue

    - by Kumar
    I have a role based ASP.NET C# web application in which I am putting the menu object inside a session and I have a session timeout configured in the web.config as below: <forms defaultUrl="Home.aspx" loginUrl="Login.aspx" name=".ASPXFORMSAUTH" timeout="10"></forms> I first logged into the system as an employee and waited until the session expires and then when I click a link in the menu I am being rightly redirected to the login page with the ReturnUrl parameter. Now when I try to login to the system as an administrator I am still seeing the employee menu and not the admin menu. The method which loads the menu 1st checks to see if the menu session object is not null if so loads the menu from the session if not then it builds the menu and put it into session. So when the system timesout the menu session object is not being cleared. How can I fix this?

    Read the article

  • Servlet Session - switch from URL Rewriting to Cookie

    - by lajuette
    Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to the target system. For that i need a valid session cookie. The target system is not under my control (could be a more or less public WFS, WMS, etc.), so i cannot add any SSO mechanism to it. Question: Is it possible to "steal" a Session forging a request which URL contains a valid session ID in the jsessionid parameter? Goal : Issue such a request to a Servlet and make it respond with a Set-Cookie header that contains the same id. That way the frontend joins the session and may do whatever the user, which was used to create the session, is able to do.

    Read the article

  • Selectively prevent Session from being created

    - by Jean Barmash
    In my app, I have an external monitor that pings the app ever few minutes and measures its uptime / response time Every time the monitor connects, a new server session is created, so when I look at the number of sessions, it's always a minimum of 15, even during times where there are no actual users. I tried to address this with putting the session creation code into a filter, but that doesn't seem to do it - I guess session automatically gets created when the user opens the first page? all() { before = { if (actionName=='signin') { def session = request.session //creates session if not exists } } } I can configure the monitor to pass in a paramter if I need to (i.e. http://servername.com/?nosession, but not sure how to make sure the session isn't created.

    Read the article

  • What scripts get run on session start and end?

    - by maaartinus
    I want to mount and unmount an encrypted partition just like ecryptfs works with the home partition. Where can I put my commands so that they get executed upon session start and session end (the important part is the unmounting when I log out). UPDATE: For the session start I'm using .gnomerc and it does what I want. For the session end I've found no solution. I had a look at the sources of ecryptfs and it looks quite complicated. It's a pity that nobody thought about creating something analog to .bash_logout.

    Read the article

  • Rails - session information being cleared?

    - by Jty.tan
    Hi! I'm having a weird issue that I can't track down... For context, I have resources of Users, Registries, and Giftlines. Each User has many Registries. Each Registry has many Giftlines. It's a belongs to association for them in a reverse manner. What is basically happening, is that when I am creating a giftline, the giftline itself is created properly, and linked to its associated Registry properly, but then in the process of being redirected back to the Registry show page, the session[:user_id] variable is cleared and I'm logged out. As far as I can tell, where it goes wrong is here in the registries_controller: def show @registry = Registry.find(params[:id]) @user = User.find(@registry.user_id) if (params[:user_id] && (@user.login != params[:user_id]) ) flash[:notice] = "User #{params[:user_id]} does not have such a registry." redirect_to user_registries_path(session[:user_id]) end end Now, to be clear, I can do a show of the registry normally, and nothing weird happens. It's only when I've added a giftline does the session[:user_id] variable get cleared. I used the debugger and this is what seems to be happening. (rdb:19) list [20, 29] in /Users/kriston/Dropbox/ruby_apps/bee_registered/app/controllers/registries_controller.rb 20 render :action => 'new' 21 end 22 end 23 24 def show => 25 @registry = Registry.find(params[:id]) 26 @user = User.find(@registry.user_id) 27 if (params[:user_id] && (@user.login != params[:user_id]) ) 28 flash[:notice] = "User #{params[:user_id]} does not have such a registry." 29 redirect_to user_registries_path(session[:user_id]) (rdb:19) session[:user_id] "tester" (rdb:19) So from there we can see that the code has gotten back to the show command after the item had been added, and that the session[:user_id] variable is still set. (rdb:19) list [22, 31] in /Users/kriston/Dropbox/ruby_apps/bee_registered/app/controllers/registries_controller.rb 22 end 23 24 def show 25 @registry = Registry.find(params[:id]) 26 @user = User.find(@registry.user_id) => 27 if (params[:user_id] && (@user.login != params[:user_id]) ) 28 flash[:notice] = "User #{params[:user_id]} does not have such a registry." 29 redirect_to user_registries_path(session[:user_id]) 30 end 31 end (rdb:19) session[:user_id] "tester" (rdb:19) Stepping on, we get to this point. And the session[:user_id] is still set. At this point, the URL is of the format localhost:3000/registries/:id, so params[:user_id] fails, and the if condition doesn't occur. (Unless I am completely wrong .<) So then the next bit occurs, which is (rdb:19) list [1327, 1336] in /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/base.rb 1327 end 1328 1329 def perform_action 1330 if action_methods.include?(action_name) 1331 send(action_name) => 1332 default_render unless performed? 1333 elsif respond_to? :method_missing 1334 method_missing action_name 1335 default_render unless performed? 1336 else (rdb:19) session[:user_id] "tester" And then when I hit next... (rdb:19) next 2: session[:user_id] = /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb:618 return index if nesting != 0 || aborted (rdb:19) list [613, 622] in /Library/Ruby/Gems/1.8/gems/actionpack-2.3.5/lib/action_controller/filters.rb 613 private 614 def call_filters(chain, index, nesting) 615 index = run_before_filters(chain, index, nesting) 616 aborted = @before_filter_chain_aborted 617 perform_action_without_filters unless performed? || aborted => 618 return index if nesting != 0 || aborted 619 run_after_filters(chain, index) 620 end 621 622 def run_before_filters(chain, index, nesting) (rdb:19) session {:user_id=>nil, :session_id=>"49992cdf2ddc708b441807f998af7ddc", :return_to=>"/registries", "flash"=>{}, :_csrf_token=>"xMDI0oDaOgbzhQhDG7EqOlGlxwIhHlB6c71fWgOIKcs="} The session[:user_id] is cleared, and when the page renders, I'm logged out. .< Sooo.... Any idea why this is occurring? It just occurred to me that I'm not sure if I'm meant to be pasting large chunks of debug output in here... Somebody point out to me if I'm not meant to be doing this. . And yes, this only occurs when I have added a giftitem, and it is sending me back to the registry page. When I'm viewing it, the same code occurs, but the session[:user_id] variable isn't cleared. It's driving me mildly insane. Thanks!

    Read the article

  • Pass Session data to a Class Library without using a bunch of constructors?

    - by sah302
    Hi all, I've got my application here where literally every object has a lastUpdatedBy property. The information I put into here is the person's username, which is retrieved from the session("username") variable. How can I pass this data to my DAL in the class library? At first I was just passing in the value into each method, but this is ridiculous I thought, there should be no reason to do that every time a method is called. Then I thought well if I just put it in a constructor for each of the DAL related classes, that will make it even easier. However, even still on any given page, I've got a plethora of New() declarations, for which every single line I need to pass in the session username casted as a string. Is there an even still more efficient way of doing this so that I could only declare this in one place, and everything will know what it is and I can pass it to classes in a class library?

    Read the article

  • Prevent Session from being created In some cases

    - by Jean Barmash
    In my app, I have an external monitor that pings the app ever few minutes and measures its uptime / response time Every time the monitor connects, a new server session is created, so when I look at the number of sessions, it's always a minimum of 15, even during times where there are no actual users. I tried to address this with putting the session creation code into a filter, but that doesn't seem to do it - I guess session automatically gets created when the user opens the first page? all() { before = { if (actionName=='signin') { def session = request.session //creates session if not exists } } } I can configure the monitor to pass in a paramter if I need to (i.e. http://servername.com/?nosession, but not sure how to make sure the session isn't created.

    Read the article

  • Session State ArrayList in Shopping Cart ASP.NET

    - by user330342
    Hi guys, I'm creating a shopping cart application and I'm having some issues with implementing a session state for my arraylist. in my page load i declared if (Session["Cart"] == null) { Session["Cart"] = new ArrayList(); } else { ArrayList cart = (ArrayList)Session["Cart"]; } to create the session if it doesn't exist yet. then i have an event handler for a button to add items to the arraylist protected void onClick_AddBooking(object sender, EventArgs e) { int ClassID = Convert.ToInt32(Request.QueryString.Get("Class_Id")); ArrayList cart1 = new ArrayList(); cart1 = Session["Cart"]; cart1.Add(ClassID); i'm guessing i just don't know how to handle session states yet, thus the confusion. I'm essentially storing the class_ID then when the student confirms i'll store that to the DB and associate that ID with the Class Details. Thanks in advance guys!

    Read the article

  • How to restore a previous firefox session?

    - by jae
    FF 3.5.4 on Ubuntu 9.10. I have (of course) session saving (the built-in one) enabled. I closed the main FF window, but the "Downloads" window was still open. And on reopen, it had forgotten about the previous tabs. This is annoying is hell, and yes, I should report (or check for) a bug. If I could stomach bugzilla, that is. :P I have the sessionstore.js file with this older session (scanning it with less showed many of the sites I know had been open). How do I get FF to use this session file? I did try to remove sessionstore.* and copy the sessionstore.js (or .bak) to the profile folder. But that doesn't have any effect. EDIT: rewritten, to make it as obvious as it can be. I wasn't expecting people to jump to the "this guy's a stupid git" quite so easily.

    Read the article

  • send command to an already running screen session

    - by aXon
    Hi I have been trying to send commands to a running gnu screen session (4.00.03) in opensolaris, but cannot get it to run any commands through any combination of screen -X Ok, I start a screen session with screen -S test, and then tried to with screen -r -X "date"to just show me the date, when I would reconnect to it. But neither an error message nor output in the screen happened. I tried with so many combinations, that I can't even remember. Any hints on how to accomplish it? The reason why I am doing this is, because I have a program, which does not come as a daemon, and I wish to start it in a screen session, so I can later on see what is going on.

    Read the article

  • ASP.NET MVC multi-instance session management on amazon ec2

    - by gandil
    I have a web application written in asp.net mvc2. Currently hosted on amazon cloud ec2. Because of growing traffic we want move multi instance enviorenment. I have a custom session class which currently initiate at session start (global asax) and i am using via getter or setter class in application. Because of multi instance chore i have to handle hole security architecture. I am looking a better way to handle this problem. I am looking for good implementation of session and how to apply on amazon ec2 multi instance environment. What is road blocks for system architecture?

    Read the article

  • Remote Assist Windows 2008 R2 Session

    - by cbergman
    As mentioned in this kb article, it is not possible to shadow a session with multiple monitors enabled. It does mention that "Remote Assistance supports multiple monitors, and is the presently recommended solution if you need this functionality." My question is, is it possible (and if so, how) to remote assist a terminal services session. We have a few Windows Server 2008 R2 Terminal Servers running with about 10 or so users that use 2 monitors. It would be ideal to be able to remote into their session but have yet to find a viable solution. Thank you.

    Read the article

  • Ruby on rails session = nil

    - by Mathieu
    Hi, In a controller I have 2 actions def action1 session[:test]="test" render :text => session[:test] # output test end def action2 render :text => session[:test] # output nil end I perform first action1 so the session is set Then I perform action2 but session[:test] is nil So what am I doing wrong?

    Read the article

  • How to break a Hibernate session?

    - by Péter Török
    In the Hibernate reference, it is stated several times that All exceptions thrown by Hibernate are fatal. This means you have to roll back the database transaction and close the current Session. You aren’t allowed to continue working with a Session that threw an exception. One of our legacy apps uses a single session to update/insert many records from files into a DB table. Each recourd update/insert is done in a separate transaction, which is then duly committed (or rolled back in case an error occurred). Then for the next record a new transaction is opened etc. But the same session is used throughout the whole process, even if a HibernateException was caught in the middle. We are using Oracle 9i btw with Hibernate 3.24.sp1 on JBoss 4.2. Reading the above in the book, I realized that this design may fail. So I refactored the app to use a separate session for each record update. In a unit test with a mock session factory, I could prove that it is now requesting a new session for each record update. So far, so good. However, we found no way to reproduce the session failure while testing the whole app (would this be a stress test btw, or ...?). We thought of shutting down the listener of the DB but we realized that the app is keeping a bunch of connections open to the DB, and the listener would not affect those connections. (This is a web app, activated once every night by a scheduler, but it can also be activated via the browser.) Then we tried to kill some of those connections in the DB while the app was processing updates - this resulted in some failed updates, but then the app happily continued. Apparently Hibernate is clever enough to reopen broken connections under the hood without breaking the whole session. So this might not be a critical issue, as our app seems to be robust enough even in its original form. However, the issue keeps bugging me. I would like to know: Under what circumstances does the Hibernate session really become unusable after a HibernateException was thrown? How to reproduce this in a test? (What's the proper term for such a test?)

    Read the article

  • PHP session permission problem

    - by Daniel
    Hi I'm trying to initialize a session but i get this error: Warning: session_start() [function.session-start]: open(/tmp/sess_7af3ee9ec1350680bedcf63833d160bd, O_RDWR) failed: Permission denied (13) The session.path is set to /tmp with 777 perms. I try to edit the session.path to "0;777;/tmp" but the session files are created with the wrong permissions(only write). I'm using PHP 5.2 on apache2 and ubuntu 9.10. Any ideas?

    Read the article

  • PHP: Over-writing session variables

    - by Tom
    Hi, Question related to PHP memory-handling from someone not yet very experienced in PHP: If I set a PHP session variable of a particular name, and then set a session variable of the exact same name elsewhere (during the same session), is the original variable over-written, or does junk accumulate in the session? In other words, should I be destroying a previous session variable before creating a new one of the same name? Thank you.

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >