Communication Express - session timeout too fast

Similar Messages

• Win 7 Bluetooth pairing timeout too fast

  I recently bought a Microsoft Bluetooth keyboard 6000 for my HP 2730p tablet pc. I paired the keyboard and number pad to Windows 7 (x86) Ultimate without issue the first time but had to clean install the computer. Now, I cannot pair them any longer...
  When I go through the "add device" operation, I can sometimes find the BT devices and sometimes not. If I press a key, then the devices will appear and I can select the "create a pairing code" which gives me the 8 digits. I start entering them and then get timed out because I only have 5 seconds or so for entering the numbers.
  Is there a way to lengthen the timeout or some other options I'm not seeing?
  This device does not have its own codes like a cell phone of 0000.Keith Hageman

  HOLD THAT BLUETOOTH BUTTON!!!
  AMAZING!  Thank you Keith!  I've been trying to get this keyboard (Windows 6000 bluetooth) to pair for hours and finally came across your posting.  How did you find out about the 'hold for 30 seconds rule?'  This really needs to be added
  to the main FAQ on windows for this and any bluetooth devices with a button.
  Here's what worked for me from start to finish: (Using a usb bluetooth on windows vista)
  1.Choose 'add wireless device' in the blue tooth device window
  2. Once the keyboard was detected I right clicked --> properties --> services tab --> check box next to 'Drivers for keyboard, mice etc (HID)'
  (Thanks to farwest1 for THAT tip: http://forums.macrumors.com/showthread.php?t=739314)
  3. DO NOT CLOSE THIS WINDOW., just press 'apply' rather than 'OK'
  4. Return to the 'pair with a wireless device' window
  5. HOLD THE BLUETOOTH BUTTON ON THE BOTTOM OF MS 6000 KEYBOARD for 30 SECONDS
  (or until it shows up) <-- (~ THANK YOU KEITH H.!!!)
  6. Double click when you see the keyboard icon
  It will say 'connecting to device' 
  7.  Choose the second option (Enter the devices pairing code)
  8. Type in any code you like USING YOUR MAIN DEVICE (LAPTOP/TABLET etc) ~ I used 1122
  9. Press 'ENTER'
  10. It will say 'pairing device'
  11.  NOW press 1122 then 'Enter' on your MS 6000 Keyboard
  12. It will say 'Configuring device'
  13. Once done it will say the device is paired and ready to use!
  I don't know why it is so complicated and not in the instructions to HOLD the bluetooth button.  This is my first bluetooth device so I had no context.  Anyway, I now know why there were three open-box (returned) MS 6000 keyboards at the place
  I bought them.  Great keyboard... when it works.
  Good luck to all!

• Communication express 6.3 - timeout issus

  Dear Sun,
  Recently my office communication express 6.3 mail proxy encounter a timeout issue while login, i had changed the timeout sessions to value 600, but the problem still remain, sometime we need to login few times . Can Sun guide me to find out the root cause? thanks

  elson.vhliu wrote:
  i had applied the patch 122793-31 few weeks ago, but this problem started before i apply the patch, i'm using application server as a web container. for your information, in our server have 2 LDAP server
  This behaviour has been reported before by a number of customers who are running UWC/CE on Application Server:
  http://forums.sun.com/thread.jspa?threadID=5424006
  My advice remains the same name:
  1. Deploy UWC/CE to Sun WebServer 7 instead which has not exhibited this behaviour.
  2. Log a Sun Support case so a detailed investigation can be performed.
  Regards,
  Shane.

• Communications Express doesn't create access Manager SSO session

  Hi all,
  I'm running Communications Express, Sun Access Manager and Sun messaging server, each on seperate hosts.
  Single Sign On works i.e. when users have a valid session and point their browser at the Communications Express URL they can access their mail, calendar and addressbooks without further ado.
  When they don't have a valid session though and the users go to the Communications Express URL they get a username and password prompt. If they enter valid credentials they will be logged in, but the session created is only a local session, not an Access Manager SSO session. This behaviour has changed from the previous versions of Comm Exp which wouldn't work at all without SSO.
  Is it possible to configure communications express to either redirect users to the Access Manager's authentication page or have Comm Exp create the SSO session on the users behalf?
  TIA
  Herman
  Versions:
  - Communications Express 6.3 update 1
  - Sun Java(tm) System Messaging Server 6.3-4.01 (built Aug 3 2007; 32bit)
  libimta.so 6.3-4.01 (built 17:13:29, Aug 3 2007; 32bit)

  Hi Shane,
  as always your anwer is better then I could have expected. A more or less complete manual
  just hours after asking my question. Thanks!
  shane_hjorth wrote:
  The cleanest solution I could develop to address the behavioural change was to
  leverage a web-server policy agent to perform the redirections.
  I wrote up a guide but never received any feedback unfortunately so results-may-vary.
  I have republished this guide externally - feedback is welcome:
  http://msg.wikidoc.info/index.php/AM_redirection_using_Policy_AgentTook me some time to implement, test and write feedback:
  The setup we have is a little more complex then the a single box scenario you
  have tested on:
  From the internet working inwards we have load balanced
  SSL accelerators (apache+SSL doing reverse proxy) in front of
  dedicated application servers running communications express.
  Mail is retrieved from separate mail-store clusters.
  Access manager is configured similarly: load balanced SSL accelerators
  in front of application servers running the login page (disributed
  authentication UI). Those then talk to the access manager cluster.
  Firewalls and access lists between each of those layers. None of the
  applications can be accessed directly from the internet and they are
  limited in what they can access in the DMZ as well.
  I followed your recipe to the letter. After a bit of tweaking everything
  worked like a charm. Policy agent installed and configured on the
  SUN webserver where communications express is deployed.
  Instructions were very good on detail and easy to follow.
  We deploy uwc in the root of the server not in /uwc. Something I didn't notice right away.
  It would seem that the policy agent expects the values com.sun.am.naming.url
  (The URL for the Access Manager Naming service) and
  com.sun.am.policy.am.login.url (The URL of the login page on the Access Manager
  where users should enter their credentials) to be the same host.
  In our setup the URL/host users have to use to log in can't be accessed by the policy agent.
  The policy agent should verify sessions directly against the access manager cluster.
  I played with some of the override settings in the policy agent configuration file but
  without much success. Eventually I used the hostname our users have to use to log
  in and abused the /etc/hosts file to map the external hostname to the internal address
  of the access manager cluster. Users end up on the correct login page, and the policy
  agent can verify the sessions. Ugly, but it works.
  The other issue is that the policy agent redirects to:
  com.sun.am.policy.am.login.url?goto=URL_Protected_by_Policy_Agent
  When a users enters incorrect credentials they get the default login url, without the
  goto parameter. (May be bug in access manager or by design...) After entering their
  credentials correctly on their second or third try users won't be redirected back to UWC,
  but will end up on the default page defined by their iplanet-am-user-success-url LDAP attribute.
  I solved that in the policy agents configuration file by adding the gotoOnFail=URL in the
  definition of com.sun.am.policy.am.login.url:
  com.sun.am.policy.am.login.url = https://login.domain.com:443/amserver/UI/Login?gotoOnFail=https://uwc.domain.com:443When you enter incorrect credentials you'll be redirected back to uwc (where the policy agent
  will again intercept you and send you on to the login page for your next try). May be more of
  an issue in the policy agent then your manual.
  Regards,
  Herman

• Problem in Session Communication Express

  Dear All,
  We are using Communication Express for Two uses in our application..
  1.The one is for View Mail...There my app Users will See ..all the tabs Mail,Calendar,Address Book & Options..I enabled this by..referring URL http://....../uwc
  2.Another one is for them to view their calendar activities ..for that we are enabling calendar tab of Comm Express and I can get the calendar... by referring URL http://....../uwc?calid=admin:course14 like that.,
  The Problem Im facing is ,If the User First checks his Mail..and then calendar means my User calendar displays all the Comm tabs..(I need to get Only the Calendar tab here)
  Or else.., If the User checks the Calendar first and then Mail ..means ..the Mail box (here Comm Expp) only displays the calendar tab..(I need to get all the tabs here)
  We enabled SSO ... the problem clearly points Session.,, Is Any Suggestions..
  Thanks In Advance
  Ashik

  Hi..
  Thanks for the explain..
  ./imsimta version
  Sun Java(tm) System Messaging Server 6.2-3.04 (built Jul 15 2005)
  libimta.so 6.2-3.04 (built 01:30:02, Jul 15 2005)
  Linux nile.jlcc.com 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005 i686 athlon i386 GNU/Linux
  and you asked about the problem Im facing..
  The Sceniro is ...
  We need to display Calendar & also Mail for our Users in two Separate Links...both links are in two different pages..
  for the Mail Link Im getting Comm Express by., referring URL
  http://myserver/uwc (Here I need all the tabs, and Im getting)
  for the Calendar ., Im creating Calendars for every User..and I need to show only the Calendar..presented in the Comm Expp..(When my user wants to see his Calendar)
  im getting this by Like.....http://....../uwc?calid=admin:course14
  The Problem is When a User First views his ...calendar he will get...but after that he not able to get mail...there its showing only the calendar for the URL..http://.../uwc
  or else...Say..He first View his Mail ...he is getting Comm Expp ...but after that he is not able to get Calendar...there it is showing only the Comm expp for the URL http://.../uwc?calid=admin:course14
  how to solve this...is any problem in Session.
  Or you can help me in another way..
  How to enforce access to Calendar tab in comm expp..
  I tried with ....http://myserver/uwc/index.jsp?gotoUri=/base/UWCMain?calid=admin:course3
  but im gettingblank page for this..
  Thanks
  Ashik

• Tuning the Communications Express Timeout

  It seems as though the Communications Express Web interface is hard-coded to log idle users out in about 15 minutes. There doesn't appear to be any mention in the CommExpress documentation or anything in any of the config files that provide a clue as to how to change this.
  Has anyone found some magic way to change this timeout?
  thanks,
  Brian

  That was the first thing we tried, but it didn't work.
  The CommExpress web interface itself, which you are
  running when you are in address book or options just times
  out after 15 minutes.

• Session Timeout directly taking to login page

  Hi,
  In our application when session time out happens, it is directly taking to login page, instead of showing the time out error message . We have a CustomExceptionHandler defined in our application. When I debugged, I identified that the following error message
  <StateManagerImpl><restoreView> Could not find saved view state for token -ppfn0o4n8 (*ADF_FACES-30107)*
  comes when user clicks login the second time.
  We want to know how to get the error message first before it goes to the login page? Any configuration we are missing?
  Here is our applications web.xml
  <?xml version = '1.0' encoding = 'UTF-8'?>
  <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
  <description>Empty web.xml file for Web Application</description>
  <context-param>
  <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
  <param-value>client</param-value>
  </context-param>
  <context-param>
  <param-name>jndiContext</param-name>
  <param-value>inv</param-value>
  </context-param>
  <context-param>
  <param-name>UserEnvironmentName</param-name>
  <param-value>UserEnvironment</param-value>
  </context-param>
  <context-param>
  <param-name>CacheConfigureFile</param-name>
  <param-value>inv-cache.xml</param-value>
  </context-param>
  <context-param>
  <param-name>SecurityRepositoryClass</param-name>
  <param-value>oracle.communications.inventory.api.framework.security.impl.SecurityRepositoryImpl</param-value>
  </context-param>
  <context-param>
  <description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
  <param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
  <param-value>false</param-value>
  </context-param>
  <context-param>
  <param-name>oracle.adfinternal.view.rich.libraryPartitioning.ENABLED</param-name>
  <param-value>true</param-value>
  </context-param>
  <context-param>
  <param-name>ilog.views.faces.CONTROLLER_PATH</param-name>
  <param-value>/_contr</param-value>
  </context-param>
  <context-param>
  <param-name>ilog.views.faces.CONTENT_LENGTH_ENABLED</param-name>
  <param-value>true</param-value>
  </context-param>
  <context-param>
  <description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
  <param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
  <param-value>false</param-value>
  </context-param>
  <context-param>
  <param-name>APPLICATION_NAME</param-name>
  <param-value>Unified Inventory Management</param-value>
  </context-param>
  <context-param>
  <param-name>COPYRIGHT_FROM_YEAR</param-name>
  <param-value>2007</param-value>
  </context-param>
  <context-param>
  <param-name>COPYRIGHT_TO_YEAR</param-name>
  <param-value>2011</param-value>
  </context-param>
  <context-param>
  <!-- Maximum memory per request (in bytes) -->
  <param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_MEMORY</param-name>
  <!-- Use 500K -->
  <param-value>512000</param-value>
  </context-param>
  <context-param>
  <!-- Maximum disk space per request (in bytes) -->
  <param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_DISK_SPACE</param-name>
  <!-- Use 100M -->
  <param-value>104857600</param-value>
  </context-param>
  <filter>
  <filter-name>trinidad</filter-name>
  <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>trinidad</filter-name>
  <servlet-name>Faces Servlet</servlet-name>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  </filter-mapping>
  <listener>
  <listener-class>oracle.communications.inventory.api.framework.listener.ContextListener</listener-class>
  </listener>
  <listener>
  <listener-class>oracle.communications.inventory.ui.framework.IlogContextListener</listener-class>
  </listener>
  <!-- Cartridge Installer servlet for post re-deploy -->
  <listener>
  <listener-class>
  oracle.communications.inventory.cartridge.deploy.CartridgeInstallerServletContextListener
  </listener-class>
  </listener>
  <persistence-context-ref>
  <persistence-context-ref-name>persistence/EntityManager</persistence-context-ref-name>
  <persistence-unit-name>default</persistence-unit-name>
  </persistence-context-ref>
  <listener>
  <listener-class>oracle.adf.mbean.share.connection.ADFConnectionLifeCycleCallBack</listener-class>
  </listener>
  <listener>
  <listener-class>oracle.adf.mbean.share.config.ADFConfigLifeCycleCallBack</listener-class>
  </listener>
  <servlet>
  <servlet-name>BIGRAPHSERVLET</servlet-name>
  <servlet-class>oracle.adfinternal.view.faces.bi.renderkit.graph.GraphServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>BIGAUGESERVLET</servlet-name>
  <servlet-class>oracle.adfinternal.view.faces.bi.renderkit.gauge.GaugeServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>MapProxyServlet</servlet-name>
  <servlet-class>oracle.adfinternal.view.faces.bi.renderkit.geoMap.servlet.MapProxyServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>GatewayServlet</servlet-name>
  <servlet-class>oracle.adfinternal.view.faces.bi.renderkit.graph.FlashBridgeServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>media</servlet-name>
  <servlet-class>oracle.communications.inventory.ui.media.servlet.MediaServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>BIGRAPHSERVLET</servlet-name>
  <url-pattern>/servlet/GraphServlet/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>BIGAUGESERVLET</servlet-name>
  <url-pattern>/servlet/GaugeServlet/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>MapProxyServlet</servlet-name>
  <url-pattern>/mapproxy/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>resources</servlet-name>
  <url-pattern>/bi/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>GatewayServlet</servlet-name>
  <url-pattern>/flashbridge/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>media</servlet-name>
  <url-pattern>/media_image</url-pattern>
  </servlet-mapping>
  <resource-ref>
  <res-ref-name>wm/ruleWorkManager</res-ref-name>
  <res-type>commonj.work.WorkManager</res-type>
  <res-auth>Container</res-auth>
  <res-sharing-scope>Unshareable</res-sharing-scope>
  </resource-ref>
  <filter>
  <filter-name>JpsFilter</filter-name>
  <filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
  <init-param>
  <param-name>enable.anonymous</param-name>
  <param-value>true</param-value>
  </init-param>
  <init-param>
  <param-name>remove.anonymous.role</param-name>
  <param-value>false</param-value>
  </init-param>
  <init-param>
  <param-name>addAllRoles</param-name>
  <param-value>true</param-value>
  </init-param>
  <init-param>
  <param-name>jaas.mode</param-name>
  <param-value>doasprivileged</param-value>
  </init-param>
  </filter>
  <filter>
  <filter-name>ADFLibraryFilter</filter-name>
  <filter-class>oracle.adf.library.webapp.LibraryFilter</filter-class>
  </filter>
  <filter>
  <filter-name>adfBindings</filter-name>
  <filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>JpsFilter</filter-name>
  <servlet-name>Faces Servlet</servlet-name>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>INCLUDE</dispatcher>
  </filter-mapping>
  <filter-mapping>
  <filter-name>ADFLibraryFilter</filter-name>
  <url-pattern>/*</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <servlet-name>Faces Servlet</servlet-name>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  </filter-mapping>
  <servlet>
  <servlet-name>Faces Servlet</servlet-name>
  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>resources</servlet-name>
  <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>adflibResources</servlet-name>
  <servlet-class>oracle.adf.library.webapp.ResourceServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <init-param>
  <param-name>success_url</param-name>
  <param-value>/faces/InventoryUIShell</param-value>
  </init-param>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>Controller</servlet-name>
  <servlet-class>ilog.views.faces.IlvFacesController</servlet-class>
  <load-on-startup>3</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>/faces/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>resources</servlet-name>
  <url-pattern>/adf/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>resources</servlet-name>
  <url-pattern>/afr/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>adflibResources</servlet-name>
  <url-pattern>/adflib/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>adfAuthentication</servlet-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Controller</servlet-name>
  <url-pattern>/_contr/*</url-pattern>
  </servlet-mapping>
  <session-config>
  <session-timeout>35</session-timeout>
  </session-config>
  <mime-mapping>
  <extension>html</extension>
  <mime-type>text/html</mime-type>
  </mime-mapping>
  <mime-mapping>
  <extension>txt</extension>
  <mime-type>text/plain</mime-type>
  </mime-mapping>
  <jsp-config>
  <jsp-property-group>
  <url-pattern>*.jsff</url-pattern>
  <is-xml>true</is-xml>
  </jsp-property-group>
  </jsp-config>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>allPages</web-resource-name>
  <url-pattern>/</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>valid-users</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Unsecured resources</web-resource-name>
  <url-pattern>/images/</url-pattern>
  <url-pattern>*.png</url-pattern>
  <url-pattern>*.gif</url-pattern>
  <url-pattern>*.jpg</url-pattern>
  <url-pattern>*.jpeg</url-pattern>
  <url-pattern>*.bmp</url-pattern>
  <url-pattern>*.css</url-pattern>
  <url-pattern>*.js</url-pattern>
  <url-pattern>/css/*</url-pattern>
  <url-pattern>/afr/blank.html</url-pattern>
  </web-resource-collection>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>adfAuthentication</web-resource-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>valid-users</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/faces/login.jspx</form-login-page>
  <form-error-page>/faces/error.jspx</form-error-page>
  </form-login-config>
  </login-config>
  <security-role>
  <role-name>valid-users</role-name>
  </security-role>
  <welcome-file-list>
  <welcome-file>/faces/InventoryUIShell</welcome-file>
  </welcome-file-list>
  </web-app>

  hi
  this can be done using a simple "Servlet Filters" which will check whether the user session is valid or not. so for every connect to the server the filter runs and redirects to the login page if the session has expired. here you can configure your filter to be activated for every URL or a patterns of urls.
  u need servlet2.3 supported server for this.
  hope this helps
  shrini
  I have an business j2ee application run on oc4j. When the session timeout declared on the web.xml expire, i want to redirect automaticaly the user to my login.jsp to force him to reconnect. I try j_security_chek, but i want to restart the business application at the top and not to the page which are request. Somebody know who i can do this mechanism. I try too special tag in jsp, this run very good but i have to repeate this call on every page. I look for an other simply mechanism to that
  Thanks

• Re: [iPlanet-JATO] Re: session timeout when not submitting to a handler

  Mark--
  I know what's happening here, but am curious about your approach. You said
  in an earlier email that you were generating links directly to JSPs, but
  from what you are describing, you are generating JATO-style links to access
  JATO pages. Nothing wrong with that, but there is a signficant difference.
  Actually, it just occurred to me, I'm wondering what your URLs look like.
  The way the request dispatching works in JATO is it ignores anything after
  an initial "." in the final part of the URL path. For example, a request
  for "/myapp/module1/MyPage.jsp" doesn't actually try to hit the JSP, instead
  it tries to hit the JATO page "/myapp/module1/MyPage".
  The end result is that you may think you are accessing a JSP directly, but
  are instead accessing a JATO page. The reason the request dispatching works
  this way is because it is illegal to access JATO JSPs directly, and there is
  actually a (disabled) JATO feature that piggybacks on the use of the
  dot-delimited URL.
  So, now I need to understand your intent. I wasn't really sure why you were
  generating direct JSP/page links to begin with. This works against the Type
  II architecture JATO uses, in which all JATO requests go back to the
  controller servlet.
  If you are trying to design something like a menu page, you may have thought
  that it was burdensome to create a number of HREF children, plus implement
  event handlers for each of them. This definitely would be burdensome beyond
  just a handful of links, but this is why JATO provides other mechanisms for
  doing what I'll call here "polymorphic HREFs".
  Assuming this menu page scenario, the easiest thing to do is to simply use
  one HREF child on the page, and add a value to it each time it is rendered
  that distinguishes it from the other instances on the page. In your event
  handler for the HREF, you simply check this value and use it to decide which
  page to forward to. You can add a value to an HREF or Button by using the
  "addExtraValue()" method. Or, if you are using JATO 1.2, you can add extra
  query string NVPs right in the JSP document using the "queryParams"
  attribute of the <jato:href> tag. Thus, your one HREFchild and event
  handler become "polymorphic" because what they do depends on the context in
  which they are invoked.
  Now, I still don't have confirmation that this is what you were trying to
  do, so until I do, let me explain the exception you're seeing. JATO assumes
  that when a request comes in for a page that includes the pageAttributes
  NVP, it is a request coming from a previously generated JATO page. Because
  of the way JATO works, this means that the request dispatching code should
  send the request back to the originally rendered page. For example, if Page
  A renders an HREF, which the user then activates, JATO sends the request
  back to Page A for handling. All of the HREFs and forms generated during
  rendering of Page A actually refer back to Page A, regardless of where those
  links or buttons actually pass the request in their event handlers/Command
  objects.
  So, what's happening when you include the pageAttributes in your HREFs is
  that JATO is assuming that a request is being sent to the target page, with
  the assumption that the target page has a mechanism in place to handle the
  request. This assumption relies on the specification of the "originator" of
  the request being specified in the request. For links/HREFs, the name and
  value of the HREF is sent along with the request. For forms, the name and
  value of the button that was pressed are sent in the request. JATO uses the
  presence of these name/value pairs to decide which event handler, or which
  Command object, to invoke to handle the request.
  The exception you are receiving is saying that there was no object on the
  target page that indicated it could handle the request. This is to be
  expected, since you have not specified a query parameter that indicates
  which CommandField child is responsible the request. However, this is where
  I see the disconnect, because that is not what I believe you were trying to
  do (as explained above).
  So now, given all the information above, can you tell me what you're trying
  to accomplish, and whether or not the info I've given you has helped you to
  design a mechanism more in line with a JATO approach? If not, given that I
  understand what you're trying to do, I can offer a more concrete solution.
  Todd
  ----- Original Message -----
  From: <Mark_Dubinsky@p...>
  Sent: Monday, November 05, 2001 2:54 PM
  Subject: [iPlanet-JATO] Re: session timeout when not submitting to a handler
  This is the exception we get:
  (And BTW, leaving a blank value for the pageAttributes doesn't help)
  [05/Nov/2001 17:49:18:4] error: <portalServlet.processRequest>
  javax.servlet.ServletException: The request was not be handled by the
  specified handler
  at java.lang.Throwable.fillInStackTrace(Native Method)
  at java.lang.Throwable.fillInStackTrace(Compiled Code)
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled Code)
  at
  javax.servlet.ServletException.<init>(ServletException.java:107)
  at
  com.putnaminvestments.common.jato.ApplicationServletBase.dispatchRequ
  est(Compiled Code)
  at
  com.putnaminvestments.common.jato.ApplicationServletBase.processReque
  st(Compiled Code)
  at
  com.putnaminvestments.bp.portal.portalServlet.processRequest(Compiled
  Code)
  at
  com.putnaminvestments.common.jato.ApplicationServletBase.doPost(Compi
  led Code)
  at
  com.putnaminvestments.common.jato.ApplicationServletBase.doGet(Compil
  ed Code)
  at javax.servlet.http.HttpServlet.service(Compiled Code)
  at com.putnaminvestments.bp.bpServletBase.service(Compiled
  Code)
  at javax.servlet.http.HttpServlet.service(Compiled Code)
  at
  com.netscape.server.servlet.servletrunner.ServletInfo.service(Compile
  d Code)
  at
  com.netscape.server.servlet.servletrunner.ServletRunner.execute(Compi
  led Code)
  at com.kivasoft.applogic.AppLogic.execute(Compiled Code)
  at com.kivasoft.applogic.AppLogic.execute(Compiled Code)
  at com.kivasoft.thread.ThreadBasic.run(Native Method)
  at com.kivasoft.thread.ThreadBasic.run(Native Method)
  at com.kivasoft.thread.ThreadBasic.run(Native Method)
  at com.kivasoft.thread.ThreadBasic.run(Native Method)
  at com.kivasoft.thread.ThreadBasic.run(Compiled Code)
  at java.lang.Thread.run(Compiled Code)
  --- In iPlanet-JATO@y..., "Todd Fast" <Todd.Fast@S...> wrote:
  Mark--
  Initially we tried to add the pageAttributes NVP as well, but that
  was
  causing an exception, so we stopped doing that.That's odd--what was the exception?
  Our problem now is that when the SessionTimes out it does not go
  to
  onSessionTimeout method as in processRequestMethod of the
  ApplicationServletBase it looks for pageAttributes. If it is notnull
  then only onSessionTimeOut method is called.This is sadly the only technique for determining if a session hastimed out
  and a new one been created, versus the initial creation of thesession.
  Is there any work around for this? Maybe you can suggest how topass
  the pageAttributes without causing the initial exception?Definitely--let me know what the exception was and I'll be able tosuggest
  something. However, it shouldn't really be any harder thanappending a
  "jato.pageAttributes=" empty NVP on the HREF.
  Todd
  Todd Fast
  Senior Engineer
  Sun/Netscape Alliance
  todd.fast@s...
  For more information about JATO, please visit:
  http://developer.iplanet.com/tech/appserver/framework/index.jsp

  OK, here's what I'm trying to do: We have, like you said, a menu
  page. The pages that it goes to and the number of links are all
  variable and read from the database. In NetD we were able to create
  URLs in the form
  pgXYZ?SPIDERSESSION=abcd
  so this is what I'm trying to replicate here. So the URL that works
  is
  pgContactUs?GXHC_GX_jst=fc7b7e61662d6164&GXHC_gx_session_id_=cc9c6dfa5
  601afa7
  which I interpreted to be the equivalent of the old Netd way. Our
  javascript also loads other frames of the page in the same manner.
  And I believe the URL-rewritten frame sources of a frameset look like
  this too.
  This all worked except for the timeout problem. In theory we could
  rewrite all URLs to go to a handler, but that would be...
  inconvenient.

• Session Timeouts and SmbServer

  Hi,
  When having iFS mapped to a network drive (via SMB), the SMB server
  is unable to recover from a timeout of the LibrarySession. The network
  drive then seems to be empty and doing a refresh within explorer
  doesn't help either. The only thing that helps, is remapping the
  network drive.
  Within Node.log of iFS I see this stacktrace.
  7/10/02 9:02 AM SmbServer: oracle.ifs.common.IfsException
  oracle.ifs.common.IfsException: IFS-21000: Session is not connected or has timed-out
  at java.lang.Throwable.fillInStackTrace(Native Method)
  at java.lang.Throwable.fillInStackTrace(Compiled Code)
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.beans.LibraryObject.verifyConnected(Compiled Code)
  at oracle.ifs.beans.Folder.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.protocols.smb.server.DbTree$DbQuery.<init>(Compiled Code)
  at oracle.ifs.protocols.smb.server.DbTree.getQuery(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.trans2FindFirst(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.replyTransaction2(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.process(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComSmb.handleSmbMessage(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.handleNbMessage(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.readPackets(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.run(Compiled Code)
  This behavior actually causes us big problems when editing files via MS Office.
  Fortunately Office is able to still save it's data using some generated filename.
  (At least until now I could not create any data loss)
  But then you have to close it, remap then network drive, rename the file and then
  reopen the file. This is big trouble to users, which are not familiar with mapping
  network drives and renaming files with extensions.
  Is there a way to make the SmbServer keep the LibrarySession alive, as long as
  the network drive is mapped ?
  Regards,
  Jens Lorenz

  Workflow #2:
  Login to my account
  Click view all email
  Open Drafts Folder
  Open draft email response
  Select "Send" to send email (total in session time of 30 seconds)
  On screen reload, where I would expect to see some sort of indication that my email was successfully sent, instead the system throws session time out message and kicks me out.
  I have no idea if my email was successfully sent or not.
  Workflow #3:
  Login to my account
  Click view all email
  Attempted to open the first new email in my inbox (total time in session <15 seconds)
  System throws session timeout error and kicks me out to the main login.
  There is obviously something going on with your session holding code. The session variable is not being passed correctly or something but it's very, very frustrating to spend 30-45 minutes trying to type out a couple of lines, particularly when you have multiple important activities going on that you need to respond too via email.

• How to set session timeout per user

  Hi,
  Ho do I set the session timeout per User in the
  Application.cfm File??
  I tried using
  <cfif SESSION.UID EQ 1>
  <CFAPPLICATION NAME="appControl" SESSIONMANAGEMENT="Yes"
  sessiontimeout="#CreateTimeSpan(0,0,20,0)#">
  </cfelse>
  <CFAPPLICATION NAME="appControl" SESSIONMANAGEMENT="Yes"
  sessiontimeout="#CreateTimeSpan(1,0,0,0)#">
  </cfif>
  But this didnt work because the cfapplication seems to have
  to be at the top before I call the variable SESSION.UID which
  I set on my login page..
  Someone know how to do this??
  Regards
  Martin

  Martin,
  Your code example cannot work because the "session" scope
  doesn't exist until your application scope is defined. So you have
  to handle this manually. Here's how you can get it done. First,
  define your application to the maximum sessiontimeout you want to
  have.
  <CFAPPLICATION NAME="appControl" SESSIONMANAGEMENT="Yes"
  SESSIONTIMEOUT="#CreateTimeSpan(1,0,0,0)#">
  Then, I don't know how you are doing your login
  authentication but when you have authenticated the user, you need
  to define the userid and the most recent activity in the session.
  Also determine your timeout value based on the userid. See example:
  <CFIF IS_AUTHENTICATED>
  <CFSET session.user.uid = form.userid>
  <CFSET session.user.most_recent_activity = now()>
  <CFIF session.user.id eq 1>
  <CFSET session.user.timeout_mins = 20>
  <CFELSE>
  <CFSET session.user.timeout_mins = 1440>
  </CFIF>
  </CFIF>
  Now, all you have to do is check whether the user has been
  idle for too long and kill the session by purging all session
  variables. For example:
  <!--- if user id is defined, this means user is logged in
  --->
  <CFIF structKeyExists(session, "user") and
  structKeyExists(session.user, "id")>
  <!--- check if timeout has expired --->
  <CFIF datediff("n", session.user.most_recent_activity,
  now()) gt session.user.timeout_mins>
  <!--- timeout has expired, kill the session and log the
  user out --->
  <CFSET StructClear(session)>
  <!--- insert your logout code here --->
  <CFELSE>
  <!--- user hasn't timed out, so reset the most recent
  activity to now --->
  <CFSET session.user.most_recent_activity = now()>
  </CFIF>
  </CFIF>

• Session Timeout Thoughts

  I saw a post from awhile ago that you can't change the session timeout in iTunes U. Is this still true?
  Our users are having timeout issues and we have an unfortunately lengthy login process to get back into iTunes U so I had some thoughts on the Site Login URL.
  We use a portal to authenticate our users who then click an SSO link to take them to a jump page that assembles their credentials and generates an SSO link into iTunes U. I'd really like to avoid having to go back through the portal to get users back into iTunes.
  What if, instead of passing just the destination back to the site login URL, iTunes U passed a full SSO link. This way, I can just point my site login URL to the jump page. The jump page can then parse the SSO link to verify the user's credentials and just create a new SSO link right back into iTunes U, almost transparently to the users.
  Are there any better options to solve this problem? I know this would require some modification on the iTunes U side, but it seems like it'd solve some problems.
  Thanks
  Jason

  Hi Jason,
  I don't think I did a good job at explaining what I'm trying to get at. Sorry, let me try another way.
  The problem is not one of security necessarily. If you get a signature back from Apple, sure, your jump site can verify that Apple sent you warnings about sessions that are about to timeout. The problem is that Apple cannot distinguish our local users from the identity and credentials we send. It might seem that way in specific instances (because some sites have an elaborate identity/credentialling scheme), but it is not true in the general case. It is entirely possible that scores of people can share exactly the same identity/credential info ... that is totally legal in the iTunes U world (and why I urge people not to think of "users" and "accounts" whenever they think iTunes U). For example, lessay I have a site that has a very simple credentialling scheme, say ...
  Administrator@urn:mace:itunesu.com:sites:uic.edu
  Instructor@urn:mace:itunesu.com:sites:uic.edu
  Student@urn:mace:itunesu.com:sites:uic.edu
  Authenticated@urn:mace:itunesu.com:sites:uic.edu
  Unauthenticated@urn:mace:itunesu.com:sites:uic.edu
  All@urn:mace:itunesu.com:sites:uic.edu
  Further, let's say that I "anonymize" my users by sending no identity info to Apple. So if Apple sends my jump site the following:
  credentials=Student@urn:mace:itunesu.com:sites:uic.edu
  identity=
  time=123456789
  signature=stringwith_bunch_ofhex
  which one of my local users does that belong to? ... whose session should I recredential? Sure, you can make a complex credentialling scheme that narrows usage down to the specific person ... but I would urge you to think of credentials as a kind of "hall pass" ... a token that lets you into a specific place within iTunes U ... and not as a way to identify someone. Remember that Apple has to use a system that applies in the general case and what I have above is totally legal. If I want, I can obfuscate my users to be certain that only -I- know who's accessing iTunes U.
  Recall, too, the way that iTunes U is setup. Your transfer CGI sends a URL to Apple and Apple sends you back loads of HTML/JavaScript/CSS in return. Your transfer CGI passes all of it back to the end user. The heart of the HTML Apple sends is this itmss: redirect:
  itmss://deimos.apple.com/WebObjects/Core.woa/BrowsePrivately/uic.edu?
  credentialKey=1474615910&identity=2253747564656e7422203c5374756
  4656e74407569632e6564753e202853747564656e7429205b305d&time=
  1203747692&signature=32d169daa7a282f8c7efa7d4f7f7fb0dceaac507c26
  f205123473f09d6b9ef50&x=true&ignore.mscache=8974210
  That is how Apple talks to your end users. The session is private ... between Apple and your end users. The only way for you to know which session belongs to which local user is for Apple to send you that itmss link and say, in effect, "the session associated with this link is about to time out". Your jump site would have to maintain a connection between itmss links, your local users, and the credentials associated with both. But if your site is -already- caching local user/credential info, there is no need for Apple to send your creds/identity back to you.
  As ever, if my understanding is itself cloudy, I bow to Duncan. He knows all and I am happy to be corrected. Like you guys, I am here to learn.

• Session Timeout (secs) WiSM's

  Hi All,
  Probably an easy question here.
  I am just wondering what I should set my Session Timeout (secs) on my SSID's to int the WiSM's? Mine is currently set to 1800secs, but I sort of want to change it to 300 secs so that when people walk out of a particular building, they will need to re-associate and get a new IP address (If that makes Sense!)
  Thanks,

  There is no exact definiton for session timeouts. In your case it could be 900 secs[15 mins] so hat its not too early session timeouts. Normally users need to reauthenticate if they move to different access points.

• "Session Timeout" on WebMail Today on a Win7 NetBook!!^​$*^%^*#(*

  I'm generally a low-maintenance Verizon home phone and dsl client but this is a major PITA.  Wondering if it's my OS or browsers or the crappy new netmail site is just not working today.
  Get the "Session Timeout" on everything associated with mail. Can access my home phone and dsl account profiles but zip on netmail on the "new" or even  "classic" views.  Get the pop-up to log back in and I do so, but NADA.  Cleared cookies and history frlom both Firefox and IE8 and restarted. Disabled Norton 360.  Nothing works.
  I don't access netmail often, but I am on a biz trip this week.  It's not the server.  I can send/receive on this account on both an iPhone and the work Blackberry and just did test msgs on both a few minutes ago.  But I need the netbook to send a couple of large word and excel files.
  So for my 1st post I am thinking about raising the **bleep** flag on Verizon since 2 calls and a chat runaround got me nowhere today. They are basically indifferent or uninformed.
  So are there any issues with Win7 (mine is still the starter version on the netbook) or is the site just down today?  Or am I an idiot missing something that's very obvious ? Which is entirely possible.
  Trout

  I have been having the same problem.  Never happened until a few months ago, and now happens all the time - once it times out once, that's it for the rest of the day, every subsequent login is immediately logged out again.
  Can anyone explain to me the purpose of having "the community" ask each other how to solve this problem, when clearly it is a Verizon website issue?

• Session Timeout in weblogic 6.1 SP3-- Urgent

  Hi
  We are currently using weblogic 6.1 SP3 and iPlanet for our application. The session timeout in web.xml is set to 100 mins but the session doesn't timeout, i.e., we can still access the application without being locked out. How can I fix this??
  What is happening is that a new session is being created automatically after the sesion timeout. our application doesn't validate the user.. the authentication is done by some PKI tokens. can that be the reason for this behavior??? If so, how can we fix it??

  What is the heap size ? How many useres are hitting the system ? What is the approx size of the session? Turn on -verbose:gc and monitor the GC activity. Are the sessions really inactive ?
  Make the timeout 30 secs and the InvalidationIntervalSecs to 20 secs and see if it makes a difference.
  If you still have the same results attach the pofiler trace here. A test case would be good too.
  Rakesh Aggarwal wrote:
  We are running a J2EE servlet in Weblogic 6.1 SP3 on Windows NT. The test client to this servlet opens a new Http session on every request.
  The server containing the servlet does not seem to be releasing memory associated with the session. The server eventually runs out of memory due to this. We verified this with a profiler tool. It shows Strings allocated with ServletRequestImpl.getSession() (weblogic.servlet.internal.session.RSID.getID()) not freed. We have set the session invalidation timeout to 1 min using:
  1) session-timeout=1 in web.xml,
  2) TimeoutSecs=60, InvalidationIntervalSecs=60 in weblogic.xml for the web-app containing the servlet.
  We have also tried setting session.setMaxInactiveInterval(60secs) for the servlet. The latter setting does seem to work as verified from a UI client. We are wondering whether weblogic server is not cleaning up the session even after invalidating it.
  We are not saving any reference to the Http session in our servlet. So we would think that the weblogic server should cleanp the inactive session after 1 min according to the above setting.
  Any help regarding this will be sincerely appreciated. Thanks.
  -Rakesh--
  Rajesh Mirchandani
  Developer Relations Engineer
  BEA Support

• Session Timeout and DAD Authentication

  My application uses the authentication scheme 'No authentication (using DAD)'. The users log in from an external program and the user IDs are captured in the variable remote_user. My authorization scheme checks that the user ID exists in a database table. All this seems to work fine.
  However, I need to implement a session timeout on the application. I've followed the steps described in the "Automatic Session Timeouts" utility in the Application Express Studio but when I tried to modify the authentication scheme by adding:
  return auth_pkg.check_timeout;
  to the Session Verify Function I got the following errors:
  No functional attributes may be set when page sentry function is '-DATABASE-'.
  and
  Session verification function may not be specified if page sentry function is specified.
  I'm new to Apex and I don't know where to go from here. Any advice please?
  Thanks
  Maria

  Maria,
  The usual way to do the authentication part is to use a custom page sentry function. Many examples have been posted on the forum based on the ntlm page sentry code. Search for those keywords here (ntml page sentry) and you should find it easily. Then you can modify it by adding the session timeout logic in that function.
  Scott