CFLOGIN not maintaining cfauthrization session variable

I have a simple CF web site where all of the .cfm is in the
same directory. I can not use client cookies as the people I am
writing this for have cookies turned off in IE, therefore I am
using J2EE session variables and CFLOGIN in an application.cfm file
(code attached) for authentication. Everything works correctly
during login and I can see the encrypted username/password as the
cfauthorization session variable....
Session Variables:
cfauthorization=Y3BkYWRtaW46cmVwb3J0ODQzOmNwZA==
sessionid=c23059df643c42544069
urltoken=CFID=783&CFTOKEN=91556252&jsessionid=c23059df643c42544069
Once I try to browse to another cfm page on the site, I get
booted back to the index.cfm login page. After some digging I
figure out that the cfauthorization variable was blank after I
click on the link, which as I understand it indicates that I am not
logged in and the
<cfif not IsDefined("cflogin")>
<cfinclude template="index.cfm">
<cfabort>
code in the application.cfm sends me back to the login page.
I have confirmed that using valid credentials causes <cfif
cpdauth.recordcount GT "0"> to return true.
Any idea as to why my session authorization is not being
maintained between pages? Or if I am completely off base as to the
reason this is happening.....and if so, what am I doing wrong.
Thanks
Greg

Your login code seems to be fine. You yourself are already
aware that you have to have a way to pass-the-baton between
requests, to maintain a session.
The usual way Coldfusion maintains sessions is to send CFID
and CFTOKEN cookies to the client browser. That happens
automatically under the hood, assuming you haven't switched
setClientCookies off.
For session management by means of cookies, I would use a
cfapplication tag like
<cfapplication name = "cpd"
applicationTimeout = "#createTimespan(1,0,0,0)#"
sessionManagement = "yes"
clientManagement = "yes"
sessionTimeout = "#createTimeSpan(0,0,20,0)#"
setClientCookies = "true"
scriptprotect="all"
loginstorage="Session">
However, all of that assumes that the client browser accepts
cookies. Where it doesn't, the usual way to maintain sessions is to
pass CFID and CFTOKEN values in the URL of every request. In fact,
the function that Bluetone suggests,
URLSessionFormat,
makes the process efficient. It instructs Coldfusion to append CFID
and CFTOKEN to the URL only when the client doesn't accept cookies.
Which means Coldfusion would still be using cookies wherever
possible. Some examples
<a href="#URLSessionFormat('orders.cfm')#">My
orders</a>
<cfform method="Post"
action="#URLSessionFormat("MyActionPage.cfm")#">
</cfform>
<cflocation url = "products.cfm" addToken = "yes">

Similar Messages

Can someone tell me why this is not setting the session variable?

first page
<?php
// script1.php
session_start();
echo "<form action=\"script2.php\" method=\"post\"
name=\"name1\">";
echo "Your name: <input name=\"name\" type=\"text\"
size=\"20\" value=\"\"> ";
echo "<input name=\"submit\" type=\"submit\"
value=\"Submit\">";
echo "</form>";
?>
second page
<?php
// script2.php
session_start();
echo('Hello, ' . $_SESSION['name1']);
?>

jlw12689 wrote:
> second page
>
> <?php
> // script2.php
> session_start();
> echo('Hello, ' . $_SESSION['name1']);
> ?>
You need to set the session variable first.
<?php
session_start();
if (isset($_POST['name1'])) $_SESSION['name1'] =
$_POST['name1'];
echo 'Hello, ' . $_SESSION['name1'];
?>
By the way, using echo to create your form on page one is a
complete
waste of time. Just use an ordinary HTML form - a lot less
typing, and a
lot more efficient.
David Powers
Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
http://foundationphp.com/

Using Session Variable with Conditional Formatting Filter

Hi,
I'm trying to add a condition to my report in order to flag all opportunities that have a close date that is in the past. The way I'm trying to do this is by adding a condition to say when close date is less than current_date, flag the column with an image.
Issue I'm having is that the filter window within conditional format tab appears to not have the session variable option as you do when you create a filter on a column the normal way. A colleague told me to use an SQL expression, but again this option seems to be unavailable too within the conditional format tab.
Can anybody assist please?
Thanks

Create a new column and write a CASE WHEN condition like case when close date < current_date then 'Y' ELSE 'N' END.
Then on your actual date column, you can do conditional analysis based on the newly created column for values having Y then the image.
finally, you can hide the newly created column.

Personalization Server: Reference session variable in cm:select

<%=String X=(String)session.getAttribute(y)%>
How do we get X into a cm:select tag?
I attempting to do a query and want to pass X into it.
Tried doing <%=X%> and it's causing a JSP compile error.
So, I guess I need to know how to pass a session variable into the query of a CM:SELECT
tag?
Thanks,
Mark

Hello Mark,
A coworker of mine created a sample that I tested with an in-lined String variable for
the "query" attribute. It works fine. I suspect that you may have other problems. For
instance, I don't think <%= String X=(String)session.getAttribute(y)%> is legal. The <%=
%> is supposed to contain a java expression, like <%= (String) session.getAttribute(y) %>
Also, double-quotes within an expression can be problematic, such as <%= (String)
session.getAttribute("y") %>. The best way to handle this would be to assign the session
attribute to a String and then inline the String with: <%= myValue %>.
Here is a working sample (that does not use a session variable, but that does not matter
- it uses a String:

<%@ taglib uri="cm.tld" prefix="cm" %>
<%@ taglib uri="es.tld" prefix="es" %>
<%@ page import="com.beasys.commerce.content.ContentHelper" %>

<br>
<%
String newsQuery = "type = 'news'";
%>
<cm:select contentHome="<%=ContentHelper.DEF_CONTENT_MANAGER_HOME%>"
query="<%= newsQuery %>"
sortBy="heading ASC"
id="newsline" cacheId="news_lines"
cacheTimeout="300000" useCache="true" />
<es:forEachInArray array="<%=newsline%>"
id="newsBL" type="com.beasys.commerce.axiom.content.Content"
counterId="i">
<br>
<% out.println((i.intValue()+1) + ") "); %>
<cm:printProperty id="newsBL" name="heading" encode="html" default="Error" />
</es:forEachInArray>
Mark Mangano wrote:
<%=String X=(String)session.getAttribute(y)%>
How do we get X into a cm:select tag?
I attempting to do a query and want to pass X into it.
Tried doing <%=X%> and it's causing a JSP compile error.
So, I guess I need to know how to pass a session variable into the query of a CM:SELECT
tag?
Thanks,
Mark--
Ture Hoefner
BEA Systems, Inc.
2590 Pearl St.
Suite 110
Boulder, CO 80302
www.bea.com
[att1.html]

Server hangs and session variable value not maintained.

dear all,
this is exteremetly urgent. i upgraded my tomcat to 4.1.24.but i have problems running the same code which was working earlier, i get null in the value of session variable. and also get the following error
////////////////error got /////////////
Compile failed; see the compiler error output for details.
at org.apache.tools.ant.taskdefs.Javac.compile(Javac.java:842)
at org.apache.tools.ant.taskdefs.Javac.execute(Javac.java:682)
at org.apache.jasper.compiler.Compiler.generateClass(Compiler.java:317)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:370)
at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext
.java:473)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper
.java:190)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:2
95)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:256)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
a:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:191)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
a:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:
2415)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:180)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatche
rValve.java:171)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:172)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
a:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:174)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
t.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
a:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22
3)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:594)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ssConnection(Http11Protocol.java:392)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java
:565)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:619)
at java.lang.Thread.run(Thread.java:536)
///////////////end of error messsge ////////////
the code where i am getting this message is as follows
<%@ page session="true"%>
<HTML>
<HEAD><TITLE> LOGGED IN ok</TITLE> </HEAD>
<%@ page import="java.sql.*" %>
<%! // declaring variables
String s = "";
java.sql.ResultSet rs=null;
java.sql.Connection con;
java.sql.Statement stmt=null,stmt1=null;
String username = "";
String password = "";
String Ousername = "";
String Opassword = "";
String changepass="";
String usertype ="",useremail="",EmpName="";
%>
<body>
     <%
     try
     //set session for max of 100 milliseconds
     // session.setMaxInactiveInterval(10000);
     Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
     con = java.sql.DriverManager.getConnection("jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};" +"DBQ=c:/vishal/HelpDesk.mdb;DriverID=22;READONLY=false","","");
          stmt = con.createStatement();
          s = "select * from LoginUser";
     username = request.getParameter("LogonId"); //get this through prev. form
     password = request.getParameter("txtPassword");
     out.println(username + " " + password);
     // make explicitly to lower case
     username = username.toLowerCase();
     rs = stmt.executeQuery(s);
                    while(rs.next())
                    //getting data from database
                    Ousername = rs.getString("EmpName");
                    Opassword = rs.getString("Password");
                    useremail = rs.getString("EmailId");
                    usertype = rs.getString("UserType");
                    if(Opassword.equals(password) && Ousername.equals(username)) //found match correct entry
                         changepass = request.getParameter("PasswordNew");
                         if(changepass != null)
                         stmt1 = con.createStatement(java.sql.ResultSet.TYPE_SCROLL_INSENSITIVE,java.sql.ResultSet.CONCUR_UPDATABLE);
                         s = "update LoginUser set Password = '" + changepass + "' where EmpName = '" + username +"'";
                         out.println(s);
                         stmt1.executeUpdate(s);
                         stmt1.close();
                         if(usertype.equals("User") == false)//ie admin
                         session.setAttribute("username",username);
************************this value not maintained *********************
                         session.setAttribute("useremail",useremail);
                         session.setAttribute("usertype",usertype);
************************this value not maintained *********************
                         //closing connections
                         %>
                              <jsp:forward page= "ComplaintType.jsp" />
                         <%
                         else //user
                         EmpName = username;
                         session.setAttribute("EmpName",EmpName);
                         session.setAttribute("useremail",useremail);
                         //closing connections
                         %>
                         <jsp:forward page="ComplaintCategory.jsp" />
                         <%
                         }//end if
                    }//while loop
                    //first closing connections then forwarding
     %>
                    <jsp:forward page="InvalidLOGIN.jsp" />
                    <%
                    ///rs.close();
                    ////closing
                    //stmt.close();
     // con.close();
     }//try
          catch(Exception ep)
          out.println(ep);
          System.exit(1);
     %>
</BODY>
</HTML>

hi all,
thanx a lot for your help,specially hari52
hari52 strangely enough the code started working,but
now i have another problem
after a while my server hangs or gets shutdown ,a
message is shown as
"java.exe has generated error and will be shutdown"
i know that more connections can be a prob. but i
make sure that connections r closed on each page,also
i am a newbie and do not have the time at present to
learn abt. connection pool ,can this problem be
solved easily?
it would be a great help again on your part,
thanx again,You remove the System.exit(1) line from the code inside the catch block
and try again. That's the reason tomcat getting down. System.exit(1) should not be used inside jsp. it will make the underlaying Servlet Engine to shutdown.

Session variable not storing in custom trigger

I have a custom trigger in which I want to store a session variable , so i can use the value in the insert transaction which happens after. But for some reason the session variable is not stored, resulting in the data not being stored.
any clues would help.
rudi
here are the relevant code:
//start Trigger_Custom_Subject_Mentor trigger
function Trigger_Custom_Subject_Mentor(&$tNG) {
//Check subject exists
@session_start();
$_SESSION['sb_id'] = $subject_id;
//end Trigger_Custom_Subject_Mentor trigger
// Make an insert transaction instance
$ins_share = new tNG_insert($conn_smart);
$tNGs->addTransaction($ins_share);
// Register triggers
$ins_share->registerTrigger("STARTER", "Trigger_Default_Starter", 1, "POST", "KT_Insert1");
$ins_share->registerTrigger("END", "Trigger_Redirect", 90);
// Add columns
$ins_share->setTable("`share`");
$ins_share->addColumn("share_item", "NUMERIC_TYPE", "POST", "share_item");
$ins_share->addColumn("share_subject", "NUMERIC_TYPE", "SESSION", "sb_id");
$ins_share->setPrimaryKey("share_id", "NUMERIC_TYPE");
// Register triggers
$ins_share->registerTrigger("STARTER", "Trigger_Default_Starter", 1, "POST", "KT_Insert1");
$ins_share->registerTrigger("BEFORE", "Trigger_Custom_Subject_Mentor", 50);
$ins_share->registerTrigger("END", "Trigger_Default_Redirect", 99, "share.php?item_id={share_item}");

hi User,
1) Pull a dummy column in Fx use the Session variable --->(Variable -->session )
2) Next, goto narrative view in Narrative view section use @1
3) If u want you can hide the column that we created in criteria section

Row level security with session variables, not a best practice?

Hello,
We are about to implement row level security in our BI project using OBIEE, and the solution we found most convenient for our requirement was to use session variables with initalization blocks.
The problem is that this method is listed as a "non best practice" in the Oracle documentation.
Alternative Security Administration Options - 11g Release 1 (11.1.1)
(This appendix describes alternative security administration options included for backward compatibility with upgraded systems and are not considered a best practice.)
Managing Session Variables
System session variables obtain their values from initialization blocks and are used to authenticate Oracle Business Intelligence users against external sources such as LDAP servers or database tables. Every active BI Server session generates session variables and initializes them. Each session variable instance can be initialized to a different value. For more information about how session variable and initialization blocks are used by Oracle Business Intelligence, see "Using Variables in the Oracle BI Repository" in Oracle Fusion Middleware Metadata Repository Builder's Guide for Oracle Business Intelligence Enterprise Edition.
How confusing... what is the best practice then?
Thank you for your help.
Joao Moreira

authenticating / authorizing part is take care by weblogic and then USER variable initialized and you may use it for any initblocks for security.
Init block for authenticating / authorizing and session variables are different, i guess you are mixing both.

Filter view with session variable does not display value properly.

Hi All,
I have a very unique issue and I am not sure if anyone ran into this before.
I have a prompt in my dashboard and a link to a report. The session variable default the value to the current value (term)
when I click the link to the report I get the following value, on the filter view of the report: Term Code Desc is equal to NQ_SESSION.CSA_Analysis_Term
however if I click the go button in the prompt I get the value: Term Code Desc is equal to 2030 (2011 Spring)
does anyone have a solution to this issue
thanks

Hello,
Have the same issue. Any solution. Gurus plz help.
thanks,
deep

Session variable not passing between pages

Hi, I've got a form that calculates checkbox values and puts them in a total field called txtTotal. When the user clicks send, I need to pass the total to a payment page. The form page has PHP
session_start();
$_SESSION['sessTotal'] = $_POST['txtTotal'];
and the payment page has
session_start(); at the top of the page and <?php echo $_SESSION['sessTotal']; ?> where I want the total to display. The total does not carry over to the payment page and I can't work out why.
Here is all the PHP from the form page as I'm pretty new to PHP and not sure if there's a conflict (should session_start appear more than once?) Thanks guys
<?php require_once('Connections/df.php'); ?>
<?php
//initialize the session
if (!isset($_SESSION)) {
session_start();
$_SESSION['sessTotal'] = $_POST['txtTotal'];
// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
$logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
//to fully log out a visitor we need to clear the session varialbles
$_SESSION['MM_Username'] = NULL;
$_SESSION['MM_UserGroup'] = NULL;
$_SESSION['PrevUrl'] = NULL;
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
unset($_SESSION['PrevUrl']);
$logoutGoTo = "index.php";
if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
?>
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && true) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
$colname_userDets = "-1";
if (isset($_SESSION['MM_Username'])) {
$colname_userDets = $_SESSION['MM_Username'];
mysql_select_db($database_df, $df);
$query_userDets = sprintf("SELECT usersId, userName, password, name FROM users WHERE userName = %s", GetSQLValueString($colname_userDets, "text"));
$userDets = mysql_query($query_userDets, $df) or die(mysql_error());
$row_userDets = mysql_fetch_assoc($userDets);
$totalRows_userDets = mysql_num_rows($userDets);
?>

OK I got it. I needed
session_start();
$_SESSION['sessTotal'] = $_POST['txtTotal'];
on the payments page as well, not just session_start();

Function to get session variable is not working

I created a report based on the following sql query:
SELECT EMPNO, ENAME, JOB, MGR, HIREDATE, SAL, COMM, DEPTNO FROM SCOTT.EMP
WHERE DEPTNO = empcust.current_deptno
empcust.current_deptno is a function which returns the value of the session variable. However, nothing gets returned. The value of the session variable is not found.
I know that the session variable is being set b/c i have a procedure that sets it and prints out the assigned.
This is my code for the current_deptno function. If anyone can help, i'd greatly appreciate it!
procedure current_deptno
return VARCHAR2
as
v_Session portal.wwsto_api_session;
v_Return VARCHAR2(20); --DEPT.DEPTNO%TYPE;
begin
v_Session := portal.wwsto_api_session.load_session('PORTAL','SESS_EMP');
v_Return := v_Session.get_attribute_as_varchar2('DEPTNO');
htp.p('Return session var'||v_Return);
RETURN(v_Return);
end;

Hi Imtiaz,
Could you verify that the variable has indeed a value? You could check via the Session Manager in the Admin Tool. You could also check the Query Log to verify whether the Initialization Block is working like expected.
Thanks.
Daan Bakboord
http://obibb.wordpress.com

Non-system session variable is not initializing

Hi,
I have created a non-system session variable using Row wise initialization, and using it in answers to filter a column. it is displaying below error
State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 23006] The session variable, NQ_SESSION.Visible_All_Offices1, has no value definition. (HY000)
I have tried all possible ways like giving the session variable in SQL result set, giving with quotes and without quotes. In all ways it is throwing the same error.
I think this variable is not getting initialized when starting the session, is there any way to check it. this variable is also not showing in Manage > Sessions > Variables in OBIEE Admin.
Please reply, if anyone faced similar issue. I am trying this from last 2 days.
Thanks,
Ash.

When you run this sql query against the database, are you seeing results? and why are you using non-system session variables for this? Session variables are usually used to retrieve data into variables based on the user login.
Check the following things:
1) In variable target, make sure the row-wise initialization is checked.
2) Make sure the cache option is UN-checked
3) Run the sql against the database and make sure it is retrieving results.
4) Try this in init block:
select distinct 'Visible_Regions', NVL(Regions, '0') from SH.Regions_Dim A inner join SH.USER_Table B on A.employee_ID = B.employee_ID;
-Amith.

Session Variables Not Sticking

We are having issue with Session variables sticking from page to page in our Admin area of our website. You can login, but as soon as you click on another link (or anything) they drop.
It's not a code issue because we have the same code on 2 other networks and it works fine. We also have the same code on our backup website on the same network and it works fine. The backup is on a different server in a different location. So that's 3 networks the code is running fine on. It even worked on this network on the main website up until about 9 months ago. I've verified/reverified the code mutiple times. Something must have happened with security patches, some IIS setting, or other server related issue. We are running 2003 Windows Server Edition SP2 and Coldfusion version 8,0,1,195765.
The browsers used are IE7 and IE8. I don't think it's a browser issue because I can open another tab in the same browser and login and stay logged in on the website on another network. We have already gone into browser advanced settings to make sure session variables are allowed. We've also had a couple of other admins look at it from various locations throughout the Country and they also cannot stay logged in on our main site. They can all stay logged in on the backup site.
Frustrating beyond belief. I'm betting it's a Microsoft issue. Anybody out there have a similar issue or know what it might be?

I've experienced a similar problem with CF8 using IE8. I've narrowed it down to being cookie related which causes CF to loose the existing session and create a new session. For me, I can consistently duplicate the issue by having multiple tabs open to various sites and then accessing my site to login -- login is successful but the first page request is treated as unauthorized because the session is empty. If I shutdown and restart the browser and bring up only my site, everything works fine. And once I'm logged in, I have never lost a session by opening other tabs. And this has never failed using Firefox or Safari. What is very strange is that I have multiple sites using CF8 and CF9 and only one exibits this behaviour.

SESSIONS are NOT Maintained

Hello Everyone!
I am using Servlets, JSP and JDBC for my Web Application.
I am using SESSION Variables. My entry point is Login Screen "www.man.com/proj/servlet/login" where user enters USERNAME/PASSWROD.
This FORM calls PROCESS.JAVA Servlet which creates a SESSION for them as shown:
HttpSession session = req.getSession(true);
String uname = (String)session.getValue("uname");
// code coonects to JDBC and see if they match
// IF MATCH
session.putValue("uname",req.getParameter("username"));
String uid = "";
uid = uid.valueOf(rs.getInt("uid"));
session.putValue("uid",uid);
//I then redirect to MENU Page ....which list options availabe for this user.
res.sendRedirect(menuURL);
on my menu page (MENU.JAVA), I have following:
HttpSession session = req.getSession(true);
String uname = (String)session.getValue("uname");
String uid = (String)session.getValue("uid");
if (uname == null)
PRINT ERROR.....
Later then user selects one of the MENU options and it takes to another Servlet (say OPT1.JAVA)...
OPT1 Servlet is processed and at the end it displays a LINK which will take a User back to MENU.JAVA Page....
But When users clicks this LINK (A HREF) it takes to MENU.JAVA Page but shows UNAME as NULL...... How is it possible...? SHOULD IT NOT RETAIN the SESSION....?
HOW CAN I RETAIN my PREVIOUS Session Variables...?
Any related informaiton on this is appreciated.
THANKS!

on my menu page (MENU.JAVA), I have following:
HttpSession session = req.getSession(true);
String uname = (String)session.getValue("uname");
String uid = (String)session.getValue("uid");
if (uname == null)
PRINT ERROR.....
Here when you are getting the Session from the Request object you need to use
HttpSession session = req.getSession(false);
to retain the old Session. If you use true, it creates a new Session

Reports containing session variables do not cache

I have a general report that is filtered using information from session variables, for example which teamleader or supervisor the user has to tailor the report.
BUT the problem is that any request with a session variable in it from Answers does not hit the cache.
Actually they do cache but only for that user, not across users. Even when I preload the cache with the report with no filtering, it is not used by subsequent filtered requests.
Question:
- it is possible to get the report to cache when the session variable is used on the Answers side?
- if not does caching happen if used in a WHERE clause in the logical or physical layers
Otherwise, how to do get this to work?
Edited by: Rob Scott on 28-Jul-2011 05:16

Thanks for your reply.
The problem is this. Imagine you have a table say of the number of calls that each user has made and users belong to teams, so you have a table like this:
team, user, # of calls
You also have a session variable containing the team for that user.
What I do is have a where filter that filters the table depending on the session variable against the team, so each user only sees data relevant to their team.
This works OK but there is a caching problem.
If I don't do filtering and just have the report with all the data in it, then that is cached.
If I then run the same report but with the session variable filtering on, then it doesn't hit the cache even though it is a subset of the first request.
If you have 10s of teams each with say 20 reports, then that makes 200 requests whereas really it should just pick up the first super-table that is cached.
I will do more tests but I simply couldn't get it to pick up the cached copy.

Session is not maintaining value in iStore 11i - JTF Framework

I have used the following two methods to maintain the session. But, it is not working.
java.util.HashMap hashItemsInfo = (java.util.HashMap) pageContext.getAttribute("hashItemsInfo", PageContext.SESSION_SCOPE);
pageContext.setAttribute("hashItemsInfo", hashItemsInfo, PageContext.SESSION_SCOPE);
and
java.util.HashMap hashItemsInfo = (java.util.HashMap) (java.util.HashMap) session.getValue("hashItemsInfo");
session.putValue("hashItemsInfo", hashItemsInfo);
putSessionValue and putSessionValueDirect are not available for the current version.
Pls let me know if anybody have an idea.
Thanks in advance.

Pls ignore this. session was disabled at parent JSP page. That is the reason for not maintaining session value.

CFLOGIN not maintaining cfauthrization session variable

Similar Messages

Maybe you are looking for