How do I set Session name with Cherrypy?
In PHP I would do it like this: session_name("special_session_name"); So how do I do it with Cherrypy? Just need to find exact equivalent for it. PHP manual page: http://fi2.php.net/session_name ...
session
Number Appears after Array Stored in SESSION
I'm doing a print_r on a array stored on a session variable and for some unknown reason it's adding a number after the array prints. Example: Array ( [0] => 868 [userid] => 868 ) 1 If I do a print_r directly in the function itself and before the variable gets stored on session variable, it doesn't add that number 1. Solution...
PHP object serialization and Sessions
Hi there, I have a quick question, first one too! How is it possible to serialize sub-objects to $_SESSION? Here. <?php // this is "arraytest.php" class arraytest{ private $array1 = array(); public function __construct(){ $this->array1[] = 'poodle'; } public function getarray(){ return $this->array1; ...
ASP.NET: Multiple Session objects in a single application
I have one ASP.NET web application running at the web server root which provides multiple (similar) web sites by using URL redirection. To give a real world example: http://webshopserver/company1/ProductList.aspx -> http://webshopserver/ProductList.aspx?showProductsFrom=company1 http://webshopserver/company2/ProductList.aspx -> http://w...
Handling logins to a XMPP server via servlets
I would like to hear some comments about how to manage long lived XMPP connections on a servlet container i.e. Tomcat. Basically we have a client that submits login credentials to a servlet and we create a XMPPConnection for each session and store it in HttpSession. To simplistic, the client can perform 4 operations: login, send/receiv...
How do sites support http (non-SSLed) sessions securely?
I note that some sites (such as gmail) allow the user to authenticate over https and then switch to http with non-secure cookies for the main use of the site. How is it possible to have http access to a session but this still be secure? Or is it not secure and hence this is why gmail gives the option to have the entire session secured ...
ASP.NET MVC - How to access Session data in places other than Controller and Views
We can access session data in controllers and views like this: Session["SessionKey1"] How do you access Session values from a class other than a controller or view? ...
Restrict file access to authorized php users
I've inherited an application with a glaring security hole. It has session-based security, but file uploads (which are user specific) are not secured in any way and they are stored in the public file tree. Filenames do not follow any convention as such, making them hard to guess, but the data is sensitive and thus I need to implement ...
Do you consider it bad form in PHP to access super globals within class methods?
Take an example login() function within a class Account. class Account { /* Class variables */ public function login() { if(isset($_POST['username']) else if(isset($_SESSION['accountId'])) return $this->_sessionLogin(); else if(isset($_COOKIE['username']) else return false; } ...
Session state serialization
Hello, i have problem with serialization my session object. What i'm doing wrong? I tried serialize that object with XmlSerializer and BinaryFormatter and there was no problem. When i try save the basket object to the session i'll get error: Unable to serialize the session state. In 'StateServer' and 'SQLServer' mode, ASP.NET will...
Session handling in Struts 2.1.6
Hello folks, I have a project with the following setup: Tomcat 6.x Struts 2.1.6 DisplayTag 1.2 Spring 2.x (1 or 5, don't remember now) I want to know to to do session controlling in every action of my app, like if the users weren't logged in, they're redirect to certain page to login (in the case of my project, either the user come t...
How can I manage sessions in J2EE?
In my J2EE application, I have a problem with sessions. Different users can login to the application and the specified user can see the data for which he is authorized. He should not be able to see other user data. To differentiate users, we are using Client_ID. As soon as the user logs in we are fetching this Client_ID from the dat...
Is it a possible to invalidate an individual session in JBoss through JMX?
We are tracking down some memory issues in our application and we have visibility into the size of our sessions where the problem seems to be. It is only affecting certain sessions where they seem to balloon out of control and we'd like to have the ability to invalidate those sessions more-or-less 'by hand' to reclaim that memory . Is ...
Problem with sessions after ISP moved my site to new server
Hello, I'm having some sessions problems after my ISP moved my site to a new server, supposedly setup the same. The problem appears to be browser-specific as well, which I don't quite understand. First, my site uses sessions to login, this has been broken since they moved the site. My ISP has set up a test page at http://launchcomplex...
How do I get an http session created by url in word document to be used when a link in the browser is clicked
I have a servlet based application that creates a session and stores some information the first time it is accessed. This information is used in subsequent pages. The process runs into trouble if the initial url is clicked from inside a msword document. The servlet creates a session and sends the response back. The response is displa...
How to find out size of ASP.NET session, when there are non-serializable objects in it?
I have a feeling that I'm putting rather much data in my ASP.NET session, but I've no idea how much and if I should be concerned. I found a similar question, but that relies on serializing objects and checking their serialized size. In my case the majority of data in the session is in objects from another library which doesn't have its c...
[STRUTS 2.1.6] SessionAware does not inject session Object
Hello guys, Once more here I come with a question of s2, i'm a beginner at it and got some trouble finding examples. I'm build a menu service wich depends upon a login, wich is give when the user enter at start page. Once the login has been made, I store the user object into the session by doing the follow: @Override public String int...
Should a web browser delete all `session' (expiry = 0) cookies on exit?
Everything I read about cookies says that setting the expiry time of a cookie to zero should make it a `session' cookie, which the browser will then delete upon exit. http://www.cookiecentral.com/faq/ says that : "...generally a session is the length of time that the browser is open for..." http://uk2.php.net/manual/en/function.se...
safest way to create sessions in php
i m working on a website..... and wants to create user login and their session..... what is the safest way to check their session exist or not( like cookie or session variable check)..... or any better idea then using sessions in php ...
Persisting memcache sessions in rails
Is it possible to use two session types simultaneously in Rails? Memcached for speed on reads and say SQL for persistence? I hate the idea of losing all sessions on reboots. MemcacheDB as mentioned below looks promising, but the idea would be to make all writes to disk, and all reads come from memory if possible. ...