hi, i need to know, whether the hibernate's session is thread safe or not. But obvious a new session is attached to every thread for execution. But my question is if in one thread i have updated some value of an entity, so will that be reflected in other thread during same time execution?... My problem is when i fire update from two thr...
Hi, I have a jsp page which has different IF conditions.On load of the jsp page,one of the if condition will be invoked based on value set to fuse action. I have a problem like, first time when the page is loaded then IF condition1(say, for ex) is invoked and a variable is assigned to the HTTPCOntext session object. Second time when the...
My php session is set to expire when user closes the browser but I noticed that if I leave my browser open for an extended period of time (24+ hours for example) the session still persists. Is there a way that I can have these sessions expire either when the browser is closed or when some extended period of time has transpired? ...
I've encountered a very odd issue in regards to session variables and local variables in php. I'm trying to figure out if I am not understanding something about sessions in php or if this is an issue with the php version my host is using. Here is a very simple code to demonstrate the weird issue: session_start(); var_dump($kenny); ...
Hello, I have a ACL+auth driven app. Everything works fine but I discovered that user is logged out after a random period of time. After doing some research I discovered that the cookie set once doesn't change it's expiration date on page refresh. So it goes like this: I set up manually expiration time to 1 minute (Security.level low (...
Hi - I have a Joomla component which calls a helper function to create a captcha image. Everything works fine when sh404 is disabled, but when sh404 is enabled the session variable for the security image isn't being set correctly so when you submit the form you get 'Invalid Captcha' message. The funny thing is if you submit another 5-6 t...
I need unique session id but each it's new unless you write something in it. The fix looks like this Session["stubkey"] = "fsdufhusd" in page load method. It's pretty odd to me. Is there any way to init session or probably I do something wrong with configs? thanks in advance. ...
In my web appication i need to recognize signed in users even if they restart the browser ("Remember me" function of web sites). What is the best practice to achieve this using Java Servlet API? I've considered the following options: Using long-term HttpSession sessions and storing user identifier as an attribute of the session. This...
At a lot of places I have seen the following pattern. Consider the code: Customer cust = (Customer) Session["Customer"]; //Do something to the object cust Session["Customer"] = cust and the code : Customer cust = (Customer) Cache["Customer"]; //do something to object cust Cache["Customer"] = cust; Now, in the second case, putti...
Is there a proper .NET solution for providing persistent server sessions over multiple domains? i.e. If a user of the site logs in under www.site1.com, they will also then be logged in under www.site2.com Security is an issue with the program we are working on... Thanks! ...
I have 2 domain names on the same server but want to pass some data using session variable how to do this? ...
Is session_start() supposed to extend the life of the session ID cookie by the session.gc_maxlifetime variable? My session.gc_maxlifetime is 24 minutes, and each session is only living 24 minutes regardless of additional activity on the site. I get my session, refresh the page, and the expiration time does not change. This results in a ...
This simple issue I know, in my program session variable is already working properly but now it show some error. I am starting the session in my config page with session_start(); ob_start(); And then include this page in all pages. But if run the program I receive this error message: Cannot send session cache limiter - headers alrea...
Is it safe to store the user's role in Codeigniter's session? The role will determine what function the user will have; that is being a admin, a regular subscriber, or a premium user. I am also storing the session in a database for additional security, but I would like to know if I should use a alternate route, such as querying the use...
Hi, I want to allow users to use only one system to login. if they use another machine then they should not be able to login. If they want to login then they can click request login option which will sent a reset link to the users email which when clicked will reset and update the database so that from now on he can login form that mac...
Hi, Just spent the last 3 days exploring membership, iprincipal, identity and other goodies..but something is still not clear. Why it is better to use that incited of simply store a minimize logged in user object in session? it can hold roles, permissions and other custom properties. to achieve the same thing the asp.net form auth way ...
I was wondering if it would be possible to set a session variable from a radio button. This is what I have so far: <form action="process.php" method"post"> <input type="radio" name="number" id="number" value="1" /> 1 <input type="radio" name="number" id="number" value="2" /> 2 <input type="radio" name="number" id="number" value="3" /...
I'm creating some sort of "wishlist" where users can click on any item in a repeater (clicking on a button). When a users clicks the button I add that item to a session("wishlist"). The session contains a list of strings that are shown in a wishlist. To render the wishlist on several pages I'm using a user control that contains a repe...
How do you handle keeping a user logged in or updating a cart when you can't use sessions? adding the userId or cartId to hidden input fields feels like a security flaw ...
When I came out of a site without logging out, next time i browse that site I found I am logged in there? How that server restore the session value for my browser? Is there any chance to be hacked in this process? Can that restored session value be stolen by others? please share your concept about this. thanks in advance ...