Search Results

Search found 10564 results on 423 pages for 'stateful session bean'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 83/423 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

  • How would a user stay logged in to a REST-based website?

    - by unforgiven3
    A year or so ago I asked this question: Can you help me understand this? “Common REST Mistakes: Sessions are irrelevant”. My question was essentially this: Okay, I get that HTTP authentication is done automatically on every message - but how? Is the username/password sent with every request? Doesn't that just increase attack surface area? I feel like I'm missing part of the puzzle. The answers I received made perfect sense in the context of a mobile (iPhone, Android, WP7) app - when talking to a REST service, the app would just send user credentials along with each request. That worked great for me. But now, I would like to better understand how one would secure a REST-like website, like StackOverflow itself or something like Reddit. How would things work if it was a user logged in via a web browser instead of logged in via an iPhone app? What happens when a user logs in? Are the credentials saved in the browser somehow? How would the browser know what credentials to send with subsequent REST requests? What if it's a JavaScript call to a webservice? How would the JavaScript call include user credentials? I'll be quite frank: my understanding of security when it comes to websites is pretty limited. I enjoyed working with REST services from an app perspective, but now I want to try and build a website that is based on REST principles, and I'm finding myself to be pretty lost. If there is anything in the above question that is unclear that you'd like me to clarify, please leave a comment and I'll address it.

    Read the article

  • ASP MVC: Keeping track of logged in users.

    - by user323395
    I'm creating a ASP MVC application. And because of the complex authorization i'm trying to build my own login system. (So i'm not using asp membership providers, and related classes). Now i'm able to create new accounts in the database with hashed passwords. But how do i keep track that a user is logged in. Is generating a long random number and putting this with the userID in the database and cookie enough? Sorry for my rather bad english! Ty in advance :)

    Read the article

  • Sharepoint UserProfileService

    - by user365984
    I've got a sharepoint site and a custom aspx portal, both under Windows Authentication. With the same machine, it happens that my sharepoint site returning me my current login, while my custom aspx returning me my domain admin account instead. Is there anyway that I could ensure both logins are the same? Otherwise, is there anyway to consume SPUserProfileService from a custom aspx portal? Mainly, I need to have the custom aspx portal to get sharepoint logon id. Nevertheless, i could still trigger AccessDenied.aspx in sharepoint to prompt for logins.

    Read the article

  • What is the pros and cons in using FormsAuthentication to persist login cookie?

    - by stacker
    What is the pros and cons in using FormsAuthentication to persist a login cookie? I see that StackOverflow ignore FormsAuthentication and instead implemented a different strategy to persist a login cookie. Pros Out of the box implementation for persistent login feature. Cons The login feature depends on the machine key which mean that I need to make sure that the machine key is the same on all the servers in the farm. The cookie contains wired encrypted values that don't really make sense to store in the cookie.

    Read the article

  • Connection: Keep-Alive and PHP sessions not working

    - by user366667
    We have a VB application that needs to run an specific flow on a PHP page. This application was correctly catching the PHPSESSID cookie and using it for all subsequent requests. However, PHP wasn't able to restore any changes made on $_SESSION variable. The variable was changed, saved, and on the next request it was restored as an empty array. We found out that changing the Connection header from "Keep-Alive" to "Close" fixed the issue. I couldn't find anything on the web saying that PHP sessions shouldn't be restored under Keep-Alive connections. Does anyone know why this was happening? PS: We didn't find anything weird or different on Apache, ModSecurity or PHP configuration settings.

    Read the article

  • Adding keys to superglobals in php

    - by gautam kumar
    Is there any way by which I can add keys to superglobals in php without defining the corresponding values to those key? For example: $_SESSION['key']='set';//key` automatically gets defined. But I want to do something like this add_key($_SESSION,'key')//key is added to $_SESSION array. Is it possible?

    Read the article

  • How to refresh site if $_SESSION variable has changed

    - by 4ndro1d
    I'm writing in my $_SESSION variable from a database, when i clicked a link. public function getProjectById($id){ $query="SELECT * FROM projects WHERE id=\"$id\""; $result=mysql_query($query); $num=mysql_numrows($result); while ($row = mysql_fetch_object($result)) { $_SESSION['projectid'] = $row->id; $_SESSION['projecttitle'] = $row->title; $_SESSION['projectinfo'] = $row->info; $_SESSION['projecttext'] = $row->text; $_SESSION['projectcategory'] = $row->category; } } Now my variable is overwritten and I want to show these variables in my index.php like this: <div id="textContent"> <?php if(isset($_SESSION['projecttext']) && !empty($_SESSION['projecttext'])) { echo $_SESSION['projecttext']; }else { echo 'No text'; } ?></div> But of course, my page will not refresh automatically. How can I do that?

    Read the article

  • CF Client Variables: is the CDATA - CGLOBAL relationship always 1:1?

    - by ciaranarcher
    Hi We've noticed something odd with our Coldfusion 8 client variables DB. We have many more (about 3 times as many) CGlobal entries as we have CData entries. I would have assumed that the relationship would be 1:1 on the cfid column. Has any one else noticed this before? I have ruled out old data, my sample is less than 3 hours old. We're using SQL Server 2000 to host the tables. Thanks in advance, Ciaran

    Read the article

  • php variable persistance

    - by Illes Peter
    I have two files: index.php /lib/user.php Index contains the form: <div class="<? echo $msgclass; ?>"> <? echo $msg; ?> </div> <form id="signin" action="/lib/user.php" method="post"> ... </form> User.php makes all the processing. It sets $msg to 'some error message' and $msgalert to 'error' in case of any error. At the end of processing it uses header() to redirect to index.php But after redirection $msg and $msgalert no longer persist and index only gets empty vars. How can i fix this?

    Read the article

  • Put objects which are decorated with [DataContract] into a StateServer?

    - by Dave
    Is there anyway to stick objects which are decorated with DataContract attributes but not decorated with Serializable attributes in to a SqlServer StateServer? In other words, I would prefer not having to decorate these objects with the Serializable attribute as I will also have to implement IXmlSerizable on all of these objects because they do not have empty contstructors, and non-public setters for properties.

    Read the article

  • log in and send sms with java

    - by noobed
    I'm trying to log into a site and afterwards to send a SMS (you can do that for free by the site - it's nothing more than just enter some text into some fields and 'submit'). I've used wireshark to track some of the post/get requests that my machine has been exchanging with the server - when using the browser. I'd like to paste some of my Java code: URL url; String urlP = "maccount=myRawUserName7&" + "mpassword=myRawPassword&" + "redirect_http=http&" + "submit=........"; String urlParameters = URLEncoder.encode(urlP, "CP1251"); HttpURLConnection connection = null; // Create connection url = new URL("http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); //I'm not really sure if these RequestProperties are necessary //so I'll leave them as a comment // connection.setRequestProperty("Content-Type", // "application/x-www-form-urlencoded"); // connection.setRequestProperty("Accept-Charset", "CP1251"); // connection.setRequestProperty("Content-Length", // "" + Integer.toString(urlParameters.getBytes().length)); // connection.setRequestProperty("Content-Language", "en-US"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); // Send request DataOutputStream wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); String headerName[] = new String[10]; int count = 0; for (int i = 1; (headerName[count] = connection.getHeaderFieldKey(i)) != null; i++) { if (headerName[count].equals("Set-Cookie")) { headerName[count++] = connection.getHeaderField(i); } } //I'm not sure if I have to close the connection here or not if (connection != null) { connection.disconnect(); } //the code above should be the login part //----------------------------------------- //this is copy-pasted from wireshark's info. String smsParam="from=men&" + "sender=0&" + "msisdn=359886737498&" + "tophone=0&" + "smstext=tova+e+proba%21+1.&" + "id=&" + "sendaction=&" + "direction=&" + "msgLen=84"; url = new URL("http://www.mtel.bg/moyat-profil-sms-tsentar_3004/" + "mm/smscenter/mc/sendsms/ma/index"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Cookie", headerName[0]); connection.setRequestProperty("Cookie", headerName[1]); //conn urlParameters = URLEncoder.encode(urlP, "CP1251"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); //I'm not rly sure what exactly to do with this response. // Get Response InputStream is = connection.getInputStream(); BufferedReader rd = new BufferedReader(new InputStreamReader(is, "CP1251")); String line; StringBuffer response = new StringBuffer(); while ((line = rd.readLine()) != null) { response.append(line); response.append('\r'); } rd.close(); System.out.println(response.toString()); if (connection != null) { connection.disconnect(); } so that's my code so far. When I execute it ... I don't receive any text on my phone - so it clearly doesn't work as supposed to. I would appreciate any guidance or remarks. Is my cookie handling wrong? Is my login method wrong? Do I pass the right URLs. Do I encode and send the parameter string correctly? Is there any addition valuable data from these POSTs I should take? P.S. just in any case let me tell you that the username and password is not real. For security reasons I don't want to give valid ones. (I think this is appropriate approach) Here are the POST requests: POST /1/mm/auth/mc/auth/ma/index/mo/1 HTTP/1.1 Host: www.mtel.bg User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1 Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=28%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.3.10.1349274374 Content-Type: multipart/form-data; boundary=---------------------------151901450223722 Content-Length: 475 -----------------------------151901450223722 Content-Disposition: form-data; name="maccount" myRawUserName -----------------------------151901450223722 Content-Disposition: form-data; name="mpassword" myRawPassword -----------------------------151901450223722 Content-Disposition: form-data; name="redirect_https" http -----------------------------151901450223722 Content-Disposition: form-data; name="submit" ........ -----------------------------151901450223722-- HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:26:40 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Content-Length: 0 The above text is vied with wireshark's follow tcp stream when pressing the log in button. POST /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index HTTP/1.1 *same as the above ones* Referer: http://www.mtel.bg/moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=29%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.4.10.1349274374 Content-Type: application/x-www-form-urlencoded Content-Length: 147 from=men&sender=0&msisdn=35988888888&tophone=0&smstext=this+is+some+FREE+SMS+text%21+100+char+per+sms+only%21&id=&sendaction=&direction=&msgLen=50 HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:31:38 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/success/s/1 Content-Length: 0 The above text is when you press the send button.

    Read the article

  • Accessing HttpApplication.Application variables from a class

    - by Young Ninja
    I set up various global parameters in Global.asax, as such: Application["PagePolicies"] = "~/Lab/Policies.aspx"; Application["PageShare"] = "/Share.aspx"; Application["FileSearchQueries"] = Server.MapPath("~/Resources/SearchQueries.xml"); ... I have no problem accessing these variables form .ascx.cs or .aspx.cs file -- ie. files that are part of the Web content. However, I can't seem to access 'Application' from basic class objects (ie. standalone .cs files). I read somewhere to use a slight variations in .cs files, as follows, but it always comes throws an exception when in use: String file = (String)System.Web.HttpContext.Current.Application["FileSearchQueries"];

    Read the article

  • Big task - problems with page refresh and ajax

    - by user1830414
    I have a navigation which load dynamically content via ajax. But if I refresh the page or visit another url and go back the current content is away and I see the old content under the first menu tab. Now I have to solve this problem. The index.php include the elements header_registrated.inc.php, navigation.inc.php and main_container.inc.php index.php: <?php include("inc/incfiles/header_registrated.inc.php"); ?> <?php if (!isset($_SESSION["userLogin"])) { echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/project\">"; } else { echo ""; } ?> <?php include("inc/incfiles/navigation.inc.php"); ?> <?php include("inc/incfiles/main_container.inc.php"); ?> <?php include("inc/incfiles/footer.inc.php"); ?> header_registrated.inc.php: <?php include ("inc/scripts/mysql_connect.inc.php"); session_start(); $user = $_SESSION["userLogin"]; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>title</title> <link href="css/style.css" rel="stylesheet" type="text/css" /> <script language="JavaScript" src="js/framework/jquery.js"></script> <script language="JavaScript" src="js/dropdown/window.js"></script> <script language="JavaScript" src="js/navigation/navigation.js"></script> </head> <body> </body> navigation.inc.php: <div class="navigation"> <ul> <li id="1"> <div id="menuImage1" class="menuImage"></div> <div class="menuText"><p>Punkt 1</p></div> <div class="navigationDart"></div> </li> <li id="2"> <div id="menuImage2" class="menuImage"></div> <div class="menuText"><p>Punkt 2</p></div> </li> <li id="3"> <div id="menuImage3" class="menuImage"></div> <div class="menuText"><p>Punkt 3</p></div> </li> <li id="4"> <div id="menuImage4" class="menuImage"></div> <div class="menuText"><p>Punkt 4</p></div> </li> <li id="5"> <div id="menuImage5" class="menuImage"></div> <div class="menuText"><p>Punkt 5</p></div> </li> <li id="6"> <div id="menuImage6" class="menuImage"></div> <div class="menuText"><p>Punkt 6</p></div> </li> </ul> </div> main_container.inc.php: <div class="mainContainer"> <div class="containerHeader"> <div class="contentHeader"> </div> </div> <div class="contentContainer"> <div class="content"> </div> <div class="advertisement"> </div> </div> </div> Now the divs content, cnotentHeader and advertisement (in file main_content.inc.php) is filled via ajax. Also the navigation has some jquery effects which also have to be the same after page refresh. navigation.js: $(document).ready(function() { $.get('inc/incfiles/content_container/header/1.php', function(data) { $('.contentHeader').html(data); }); $.get('inc/incfiles/content_container/content/1.php', function(data) { $('.content').html(data); }); $.get('inc/incfiles/content_container/advertisement/1.php', function(data) { $('.advertisement').html(data); }); var current = '1.php'; $(".navigation li").click(function() { var quelle = $(this).attr('id') + ".php"; // the current content doesn't load again if(current === quelle) { return; } current = quelle; // content $(".content").fadeOut(function() { $(this).load("inc/incfiles/content_container/content/" + quelle).fadeIn('normal'); }) // advertisement $(".advertisement").fadeOut(function() { $(this).load("inc/incfiles/content_container/advertisement/" + quelle).fadeIn('normal'); }) // header $(".contentHeader").fadeOut(function() { $(this).load("inc/incfiles/content_container/header/" + quelle).fadeIn('normal'); }) }); $(".navigation li").click(function() { $(".menuImage").removeClass("menuImageActive1"); $(".menuImage").removeClass("menuImageActive2"); $(".menuImage").removeClass("menuImageActive3"); $(".menuImage").removeClass("menuImageActive4"); $(".menuImage").removeClass("menuImageActive5"); $(".menuImage").removeClass("menuImageActive6"); }); $("#1").mousedown(function() { $("#menuImage1").addClass("menuImageClick1"); // new class on mouse button press }); $("#1").mouseup(function() { $("#menuImage1").removeClass("menuImageClick1"); //remove class after mouse button release }); $("#1").click(function() { $("#menuImage1").addClass("menuImageActive1"); }); $("#2").mousedown(function() { $("#menuImage2").addClass("menuImageClick2"); // new class on mouse button press }); $("#2").mouseup(function() { $("#menuImage2").removeClass("menuImageClick2"); //remove class after mouse button release }); $("#2").click(function() { $("#menuImage2").addClass("menuImageActive2"); }); $("#3").mousedown(function() { $("#menuImage3").addClass("menuImageClick3"); // new class on mouse button press }); $("#3").mouseup(function() { $("#menuImage3").removeClass("menuImageClick3"); //remove class after mouse button release }); $("#3").click(function() { $("#menuImage3").addClass("menuImageActive3"); }); $("#4").mousedown(function() { $("#menuImage4").addClass("menuImageClick4"); // new class on mouse button press }); $("#4").mouseup(function() { $("#menuImage4").removeClass("menuImageClick4"); //remove class after mouse button release }); $("#4").click(function() { $("#menuImage4").addClass("menuImageActive4"); }); $("#5").mousedown(function() { $("#menuImage5").addClass("menuImageClick5"); // new class on mouse button press }); $("#5").mouseup(function() { $("#menuImage5").removeClass("menuImageClick5"); //remove class after mouse button release }); $("#5").click(function() { $("#menuImage5").addClass("menuImageActive5"); }); $("#6").mousedown(function() { $("#menuImage6").addClass("menuImageClick6"); // new class on mouse button press }); $("#6").mouseup(function() { $("#menuImage6").removeClass("menuImageClick6"); //remove class after mouse button release }); $("#6").click(function() { $("#menuImage6").addClass("menuImageActive6"); }); $("#1").click(function(){ $(".navigationDart").animate({ top: "16px" }, 500 ); }); $("#2").click(function(){ $(".navigationDart").animate({ top: "88px" }, 500 ); }); $("#3").click(function(){ $(".navigationDart").animate({ top: "160px" }, 500 ); }); $("#4").click(function(){ $(".navigationDart").animate({ top: "232px" }, 500 ); }); $("#5").click(function(){ $(".navigationDart").animate({ top: "304px" }, 500 ); }); $("#6").click(function(){ $(".navigationDart").animate({ top: "376px" }, 500 ); }); }); My idea was it to work with if(isset($_SESSION['ajaxresponse'])) but I don't no how to do this. Please help me. I have the feeling that I've searched the whole web to find an answer.

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • maintain user login status in express.js

    - by chenliang
    when user login the app the username will be display in the header, this is my header.jade div#header_content input(type='text',name='search',id='globle_search') span#user_status if(req.isAuthenticated()) a(class='user_menu_btn',href='home', target='_blank' ) req.user.username a(class='user_menu_btn',href='logout') Logout else a(id='login_btn',href='login',class='user_status_btn') login run the app i get the error says ReferenceError: F:\shopping\views\includes\header.jade:4 req is not defined this is my index route: app.get('/',index.index); exports.index = function(req, res){ res.render('index', { title: 'Express' }); }; how to maintain login ststus in the heaedr? by the way am using passport to login user

    Read the article

  • Control user actions with jQuery

    - by SonOfOmer
    Hi everyone, I want to write javascript that will kill sestion on the web page if user did not make any action for some time taken from configuration. How can I know that user did not make any actions by using jQuery. Thanks a lot.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >