ViewExpiredException issue with session invalidate on IE9

Similar Messages

• Issue with session.invalidate() in OC4J

  Ok, here's the thing- I've got a servlet that autogenerates
  pages to the client via XSL; so far so good. However whenever
  the login page is displayed, we would like to "logout" the
  current user if there is one and start fresh, as it were. All of
  our persistent data is stored via the user's session object so
  we are doing something like this:
  public void doGet( HttpServletRequest request) {
  HttpSession session = request.getSession();
  // Some misc. stuff happens here;
  // Nothing is written to the session, however
  if ( page == LOGIN_PAGE) {
  session.invalidate();
  session = request.getSession();
  String info = session.getAttribute( "INFO");
  As soon as we request the attribute, after performing the
  session invalidation & re-obtaining a new session the system
  bails with an IllegalStateException: Session invalidated
  exception.
  Note that the exact same code works under the Sun Reference
  Implementation (Apache Groups Tomcat 4.0) and is pretty much
  verbatim from Jason Hunter's book Java Servlet Programming 2nd
  Edition pg. 220.
  Any ideas for a fix and/or workaround?

  Hi
  This works, here is a sample I've run on OC4J
  public class SessionTestServlet extends HttpServlet
  private static final String CONTENT_TYPE = "text/html";
  HttpSession sess = null;
  private static boolean login_page = true;
  public void init(ServletConfig config) throws ServletException
  super.init(config);
  public void doGet(HttpServletRequest request,
  HttpServletResponse response) throws ServletException,
  IOException
  sess = request.getSession(true);
  try
  if (login_page)
  if(sess != null)
  sess.invalidate();
  sess = request.getSession(true);
  sess.setAttribute("name","kalle");
  catch(Exception e)
  e.printStackTrace();
  response.setContentType(CONTENT_TYPE);
  PrintWriter out = response.getWriter();
  out.println("<html>");
  out.println
  ("<head><title>SessionTestServlet</title></head>");
  out.println("<body>");
  out.println("<p>Session: "+ sess+"<p>Name: "+
  sess.getAttribute("name"));
  out.println("</body></html>");
  out.close();
  Regards
  //Mike

• Issue with session management with portal 701 AFP

  Hi portal experts,
  We are facing an issue with one of our portal 7 ehp1 running the AJAX framework pages.
  When logging off, the DSM popup is shown and it disappears. However, the backend sessions are kept alive when we look in transaction SM12, which indicates that the backend session has not been closed (proven in transaction SM04)
  The same issue arises when closing a popup window. In this case, no DSM popup is shown and the sessions are maintained as well.
  Popup blockers are disabled
  Portal url and backend url are in the trusted sites collection
  Does this have something to do with the AJAX framework?
  Does anyone have any pointers for us?
  Thanks in advance!
  Regards,
  Luk

  Hi Tom,
  I already came across this note earlier. Currently I'm unable (not allowed) to install the httpwatch utility.
  To add to the complexity, web dispatchers are used to access the portal and used between the portal and the backend systems. If I understood correctly, we need to have the ABAP Security Sessions Enabled setting turned on in this sort of landscape. Is this correct?
  If it is not required, couldn't we just turn off this setting?
  Thanks in advance!
  kr,
  Luk

• Issue with Session ID during POST

  Hi All,
  I am using Weblogic server version weblogic 9.2 and facing an issue with the session ID.
  I have a client side script with numerous GET calls and one POST call that it makes in a single session. Frequently I come across with issue that the session ID that I send in POST request is not the same as received and this affects my subsequent GET calls not to be in the same session. The call order is like this
  GETij/POSTij where i is the sent and j is the recieved session IDs.
  [GET11, GET11, GET11, POST12, GET11, GET11, <after few secs interval> GET22, GET22]
  I store the session id in a cookie. And I always create a session using the HttpServletRequest.getSession();
  Can some one advice on this.
  Thanks
  Shankar

  Hi,
  Again as a follow-up, I am using net scape ns plugin for load balancing (iPlanet/Weblogic). The issue happens when the primary server id and the secondary server id are same in the session id (set in the cookie) when the cookie is sent and received, where session id is of the default format <session id>!<primary server id>!<secondary server id>
  Any clue?

• Known Issues with Session Vars and non-IE browsers?

  Are there any known issues with non-Internet Explorer
  browsers storing or reading session variables. Or loops and
  ListGetAt functions? I'm using CF 5.
  The code works fine in IE, but not in FireFox or Netscape.
  Thanks,
  Josh

  This testing will not really address any cross domain issues, due to the content being hosted by ScormCloud.
  What I found interesting, is that in ScormCloud, using the links below, my results were opposite those that I obtained through my LMS.
  In LMS, Captivate 5 worked, Captivate 6 did not in IE8, both worked in FF
  In ScormCloud, Captivate 5 did not work in IE8, but worked in FF, and Captivate 6 did work in FF and IE8.
  Here are the links:
  captivate 5 http://cloud.scorm.com/sc/InvitationConfirmEmail?publicInvitationId=3c04f298-d0db-4d10-ab6 3-80b9aaf2890b
  captivate 6 http://cloud.scorm.com/sc/InvitationConfirmEmail?publicInvitationId=e2b05753-2f03-421a-87d 9-62b92ad199af
  Thanks for your attention, every bit of information that I can get will help.
  Thanks,
  SL

• Are beans also destroyed with session invalidate()?

  Hi,
  I have a login JSP which creates a new session and puts the username into it.
  My other JSP's also have page session=true, and each of them uses a bean. For example,
  <jsp:useBean id="transferbean" class="transactions.transferBean" scope="session"/>
  My logout JSP calls session.invalidate() and returns the user to the login page.
  My question is- does the session.invalidate() call also destroy the transferbean data? The user will not close his browser window after logging out- he may choose to log in again as a different user. Will he have a new transferbean created for him, or will the previous transferbean data persist?
  Thanks
  Luanne

  This is almost my case... I have a page called index.jsp which holds the session variables;
  <jsp:useBean id="ValidationBean" scope="session" class="com.nbdesigns.beans.nbstore.Validation" />
  <jsp:useBean id="OrderBean" scope="session" class="com.nbdesigns.beans.nbstore.Order" />If you start to shop, the orderbean holds your order. When you checkout you have to register or log in, in both cases the cart will be deleted.
  All pages are included in the index.jsp with the <%include page="" %> tag.
  Any ideas why the editing of values in validationbean causes the values in orderbean to be deleted?

• Weird Issue with session collection creation

  Hello everybody,
  While building a fully redundant RDS infrastrcutre I cam across this issue
  While creating the session collection through Server Management on Windows Server 2012 R2 I get the following error:
  "Unable to configure the RD Session Host server - Invalid Operation".
  Here is a detailed spec of the environment:
  - 2 RDS brokers connected in HA mode to a Cluestered SQL Instance
  - 2 RDS license servers that are correctly configured on the session hosts
  - 3 RDS Session Hosts
  All are Windows Server 2012 R2
  I have checked the Event logs also and everything I do not see any issues, the session hosts have correct communication between one another and to the license and rd  broker servers.
  At this point I am really lost.
  Anybody have any ideeas about such a ambiguous error?
  Thank you!
  Above and Beyond Information Technology

  Hi,
  Thank you for sharing your experience here. It will be very beneficial for other community members who have similar questions. 
  Regards.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Issue with session variable

  Hi,
  I'm trying to setup a session variable to filter an Answer query based on the user login name. I've created the following
  - A database table that contains a user name and its related filter (Entity)
  - An initialization block for the session variable to issue the following sql: select Entity from table where user_name = ':USER'
  - Created a target session variable called CURR_ENTITY as the target and assign a default value as 'No entity'.
  - Filter my Answer query to use the session variable CURR_ENTITY
  After restart of BI server and Presentation services and opening the report, CURR_ENTITY is always set to the default value. I've checked NQQuery,.log and looks like the initialization block was not returning any rows.
  Any ideas on how to get around this issue? Thanks.
  Regards,
  Gerd

  Hi gerd,
  select Entity from table where user_name = ':USER'Check if this query is returning values in the backend DB.If so it is returning then it should work fine in session variable.
  After defining the target variable CURR_ENTITY and test it in the screen.That shows you is it picking all the values or a single defaulted value.
  If its showing all values then re-check your block once again.
  (OR)
  In the target variable instead of variable define row-wise initialization (i mean check it) and change the SQL in the variable to this
  select 'CURR_ENTITY',Entity from table where user_name = ':USER'
  and test it so you can use it in answers .....it should work with what is required.
  hope answered the question.
  Cheers,
  KK

• A simple app to secure coldfusion pages - Running into an issue with Session

  Hello, I am testing out how to protect pages in coldfusion and have run into an issue when attempting to create a process by which users can log out.
  Essentially, I have three pages:
  Page A - The form that submits to Page B
  Page B - That checks the form.username and form.password against a database (works fine)
  Page C - Logout page (Which is where I am having an issue).
  Page C throws a "variable Session is undefined" error
  Here is the code on Page C:
  <cfset StructClear(Session)>
  <cflocation url="index.cfm">
  Here is the code on Page B:
  <cfif NOT IsDefined ("form.username")>
  <cflocation url="index.cfm" addtoken="No">
  </cfif>
  <cfquery name="test" datasource="cfdb">
  SELECT * FROM USERS
  WHERE USERNAME = '#FORM.username#'
  AND PASSWORD = '#FORM.password#'
  </cfquery>
  <!---<CFSET Session.LoggedIn = "1">
  <CFSET Session.FirstName = "#test.FirstName#">--->
  <CFIF test.RecordCount IS 0>
  <cflocation url="index.cfm" addtoken="No">
  <CFSET StructClear(Session)>
  <cfelse>
  <CFSET Session.LoggedIn = "1">
  <!---<cflocation url="test.cfm" addtoken="No">--->
  </cfif>
  <html xmlns="http://www.w3.org/1999/xhtml">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Untitled Document</title>
  </head>
  <body>
  <p><a href="logout.cfm">Log Out</a></p>
  <p> </p>
  <p> </p>
  <p><br>
    This content is protected.
  </p>
  </body>
  </html>
  As you can see, nothing fancy
  Now, I thought that the Session variable could be accessed by any page within a given browser instance, but I am obviously wrong.
  What do I need to do for Page C (my logout page to be able to access the session variable).
  Any guidance is greatly appreciated!

  1.
  “Variable Session is undefined” error comes up when you try to manipulate a session variable which does not exist, as at that point in time. To take care of possible empty session structures, it is good practice to check first if your session is defined.
  So you will have something like:
  <cfif isDefined("session")>
  <cfset StructClear(Session) />
  <cfelse>
  <cflocation url="index.cfm">
  </cfif>
  2.
  To enable you access your session variables from any page in your application, you need to enable session management in your Application.cfm or Application.cfc.
  cfm   <cfapplication sessionmanagement="Yes" />
  cfc        <cfcomponent>
  <cfset THIS.SessionManagement = "Yes" />
  </cfcomponent>
  Reference…http://help.adobe.com/en_US/ColdFusion/9.0/Developing/WSc3ff6d0ea77859461172e0811cbec22c24 -7c48.html

• Reg. Issue with Session Bean -- EJB3

  Have a state full session bean (SFSB):
  @Stateful
  public class test implements itest{
  private static final long serialVersionUID = -4929837299158287545L;
  private int q= 0;
  public void assign(int p) {
  q = p;
  Inetrface is:.
  @Remote
  public interface itest extends Serializable {
  public void assign(int p);
  Accessed as:
  Properties properties = new Properties();
  properties.put(Context.INITIAL_CONTEXT_FACTORY,
  "org.jnp.interfaces.NamingContextFactory");
  properties.put(Context.URL_PKG_PREFIXES, "org.jnp.interfaces");
  properties.put(Context.PROVIDER_URL, "localhost");
  InitialContext ctx = new InitialContext(properties);
  Object i = (itest) ctx.lookup("test/remote");
  itest t = (itest) PortableRemoteObject.narrow(i, itest.class);
  This piece of code fails giving error
  java.lang.ClassCastException: $Proxy135 ....
  But if i change, the state full session bean (SFSB) to stateless session bean (SLSB) i.e @Stateless
  Everything works fine.
  Environment : JBoss as the App Server.
  Any help appreciated.

  Hi Shailesh,
  Thank you for the reply.
  I checked the JCO's and everything is working fine.
  And to be more clear.
  I have the same application in 2 roles and in ESS role the application is working fine but the user in discussion is an external user and we have config in place for externals.
  In XYZ role where the application is not working we created a new role to satisfy the authorizations. which are same in dev and QA. the application for the user with same authorization is working fine in dev but the same is not working in QA.
  Any other inputs will be helpful.
  Thanks & Regards,
  Pramod

• Issue with Session variables

  Hi SDNers,
  I have a few portal components on the portal page that save data directly to the http session as well as some data is stored in the bean and the bean is stored in the component's session.
  When the user logs in and views the portal page, the user is able to see the data correctly as all the values exist in the session.
  The portal components contain navigation links via EPCM to other portal pages.
  If the user clicks on a navigation link to a portal page which contains portal component iViews the session values in the session are retained.
  However, if the user clicks on a link to navigate to a portal page that contains ESS applications or the standard UWL iView and once it is loaded he/she clicks on any TLN entry, then the session values and the bean get nullified, thus resulting in null session values.
  I am a bit confused as to why does this behaviour only happen when pages with ESS apps or Std. UWL iview are loaded and any TLN entry is clicked.
  Any help would be apprciated.
  Regards,
  Melwyn

  Any solutions?
  Regards,
  Melwyn

• Issue with Session slot after implement the tacacs+ on FWSM

  Hi,
  I am trying to implement  tacacs+ on FWSM module using 4.1(10),
  only facing issue when trying to connect from Switch (session slot)
  (Command authorization failed) Rest of the things working fine 
  here is the output
  Router#session slot 3 processor 1
  The default escape character is Ctrl-^, then x.
  You can also type 'exit' at the remote prompt to end the session
  Trying 127.0.0.31 ... Open
  User Access Verification
  Password:
  Type help or '?' for a list of available commands.
  FWSM> en
  Command authorization failed
  Below is the configration done on FWSM
  FWSM# sh run | in aaa
  aaa-server NEW protocol tacacs+
  aaa-server NEW host 10.70.20.1
  aaa authentication enable console NEW LOCAL
  aaa authentication ssh console NEW LOCAL
  aaa authorization command NEW LOCAL
  aaa accounting command NEW
  Can anyone help me solve this issue
  Thanks

  Issue has been solved after using this ...
  aaa authentication telnet console NEW LOCAL
  thanks

• MS Remote Desktop for Mac (v8.0.9 - 8.0.12): issue with "Session (ID #) remote control failed."

  Hello,
  I'm a SysAdmin for a small-med business in CO. We use a cluster of 3 RDS servers that are load-balanced with round-robin DNS and an RD Gateway. When I remote in from a PC, all works as expected. However, when I remote in from my MacPro (my main machine at home)
  and try to remote control a user's session, I get this error: 
  Note the ID number is unique to the user's RDP session, so will vary each time. 
  This is 100% a bug in the "Microsoft Remote Desktop for Mac" program; I am positive of it at this point. 
  Does anyone from MS actually monitor these threads at all, or am I wasting my time? Thanks...

  Hi,
  As this happens with him specific from MRD MAC check whether he is taking RDP with IP address or hostname. Also try to uncheck the Option "Bypass RD Gateway for local address" under RDSH configuration and verify the result. 
  Also for more detail he can collect log from MAC side by following path.
  Microsoft Remote Desktop>About Microsoft Remote Desktop>Send log via email
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• ISSUE WITH SESSION

  Hi...
  I have got a bad issue in my data base. let me put it in this way: "there are three database users in my company. one of my client to say had enterd a wrong data into a table , 3 days ago at 8:00am. i want to roll back the database to 3 days point, to say 7:55am. this should be done in such a way that my two other users entry to database should not be rolled over to previous one." is this possible? we use oracle 9i database.

  Dear Mohammed,
  Do you have RMAN backup??
  If not, then you may follow below steps to recover using your export dump:
  1) Create a new schema somewhere in TEST/Development database, or use any of the existing schema other than the production
  2) Import required table(s) into this schema from export dump.
  3) Give it to users to identify the correct/incorrect data.
  4) Once incorrect data is identified in testing schema, delete it from the production.
  Backup, restore and recovery are responsibilities of a DBA, whereas identifying correct/incorrect data is responsibility of System Analyst/Business Analyst.
  Happy recovery !!!

• Portlet question- session.invalidate()- with weblogic

  Guys:
  Has anyone had a issue with session.invalidate() using weblogic 8.1.
  we have vignette and weblogic 8.1.
  the problem i have noticed is session.getId retunrns a extra timestamp string in the end. And i am thinking since this changes the entire sessionid, it does not get invalidated. I tried adjusting the weblogic.xml's idlength session-param to 52 but this still happens after that. can anyone suggest any insights. i am unable to kill the session and hence the user is always logged in. the only way is to close to broswer window.
  session id:
  F1z2YTQMyD3Yy1Xs4VBHyq3M7LWVfYMnvWJgYLnrR3cPYnKL9NW9!-682555724!1170191618061
  any help will be appreciated..thanks.
  Harsh

  i havent gone to weblogic support yet. Want to check
  if anyone of us might have seen a similar issue.I haven't used weblogic in a while. I doubt many people here have. I would suggest you ask on a weblogic forum. This is a java forum.