Cookies with ie 6.0

Similar Messages

• How to integrate a SSO based in cookie with ADF Security

  At work they asked me to integrate a existing SSO based in cookie with the new ADF + Jdeveloper 11g + WLS. After google for days and read a lot of blogs and official documentation I've made a custom LoginModule. I made it very simple, it's just an "if" inside the login() function with the username, if the username is "john" I put to the Subject some Principals. My steps are:
  1- Create a new app based on "Fusion application" template.
  2- Make a new ADF Taskflow with only one view inside (the entry point of the taskflow). The jspx only contains a welcome message.
  3- Run the ADF Security wizard, all the steps with the default option, I don't change anything.
  4- Put some users and some roles in jazn-data.xml, and maping them to an application role. Then I grant permissions to the application role to view the previous task flow.
  At this point everything is ok. I run the taskflow and a basic login popup prompts me to write my username and password. Now I try to remove everything useless for me, like idstore, credentials, anonymous, etc. I only want a LoginModule that get the HttpRequest and passes it to an already done class that returns a true/false depending if the cookie is correct or not but, as I said before, my LoginModule is so simple now and even didn't try to do something more complicated than an if. The steps I try are:
  in jps-config.xml
  5- Remove idstore.xml and credentials.
  6- (loginmodule tab) Make a new login module, and put here my class. The class is in the ViewController project and JDeveloper find it navigating through the heriarchy, so I have visibility. I put REQUIRE flag, add all roles and debug mode.
  7- In the security context unmark the idstore.loginmodule and mark myLoginModule. Also delete the anonymous security context.
  All that I got until now is a 500 error (Internal server error - Authorization Exception). Sometimes (the close i've ever been to do something correct) the browser ask me for user/password but then only recognizes the users that already are in WLS (idstore from previous tests), but NOT the "john" user that is inside my custom LoginModule. Even more, if I run the WLS from JDeveloper 11g in debug mode, the runtime never stops at breakpoints inside my custom login module. It seems that my LoginModule isn't deployed or I made some error maping the roles.
  So, my questions are:
  - I'm in the good way? If I want an authentication based in cookie/httprequest I have to do a custom LoginModule? My goal is to do a re-usable code, and re-use the code that my co-workers have done. They have a class that with only the HttpRequest determines if a user is logged or not.
  - If I'm in the good way... how can I put my custom LoginModule in the WLS? I tried to search something in the Administration Panel (localhost:7101/console) but I did'nt find nothing.
  - In case I'd got the custom LoginModule working fine in WLS... how can I get a HttpRequest from a LoginModule and avoid the username/password dialog? I've to make a filter and pass it to the my LoginModule? If it's correct... how?
  I don't post my code because is so simple, it's based on DBTableLoginModule but without all the database access code.
  Thanks to all!
  P.D.: If this message isn't in the correct forum, I'm sorry. Feel free to move it.
  P.D.2: Sorry about my english, I'm spanish. I know i've to practise a lot :)

  Hi Frank,
  Thanks a lot for your answer. Just one more easy question: what I need to do is a custom Authentication Module (which will read the cookie)? If only you can point me to the correct chapter of the WLS documentation I'll be very pleased.
  In future releases of JDeveloper will be easier to do this kind of things related to security?
  Riveck

• Cannot see Cookies with new update of firefox. I recently updated firefox, but when I look on the PRIVACY window, where websites store cookies, I am no longer a

  Cannot see Cookies with new update of firefox.<br />
  I recently updated firefox, but when I look on the PRIVACY window, where<br />
  websites store cookies, I am no longer able to see any cookies that<br />
  are being stored, and I am not able to delete the cookies as soon as I leave<br />
  their site, as I had been doing for a long time prior to updating.<br />
  So I am wondering where the heck are the cookies being stored now, with the<br />
  new update? I like to be able to delete their cookies immediately, and<br />
  I also wonder why firefox does not make it much easier for us to see<br />
  all the cookies and delete them with one click, instead of having to <br />
  use the &lt;&lt;TOOLS&lt;&lt;OPTIONS&lt;&lt;PRIVACY way of looking at and deleting cookies.<br />
  The option to delete the cookies when firefox closes is not as efficient<br />
  and I will get tracked until I close firefox, and I prefer to not be tracked<br />
  so I like to just delete their cookies as soon as I am no longer using their<br />
  site anymore.

  (my question was not fully showing so I added this here)
  way of looking at and deleting cookies.
  The option to delete the cookies when firefox closes is not as efficient
  and I will get tracked until I close firefox, and I prefer to not be tracked
  so I like to just delete their cookies as soon as I am no longer using their
  site anymore. So I need to know how to make the cookies visible again, so I can immediately delete them. thank you

• How do delete cookies with ios7 on I-phone and I-pad ?

  How do you delete cookies with ios7 on I-phone and I-pad  ?

  Cheers for that but what I really meant was when you double click your home button you used to be able to keep your finger on one of the apps for 2 seconds and they all would have a cross on them and you could delete them now you can't ? , not delete the app completely just close the app  properly to save your battery

• Cooking with iPad how to make screen stay on longer

  Cooking with iPad how to make screen stay on longer

  Try, settings - General - Auto Lock. Set to your preferred time.
  Stedman

• How can I block selected cookies with Ver. 3.6.3?

  How can I block selected cookies? This feature seems to be missing on 3.6.3! Is there an addon?
  == This happened ==
  Every time Firefox opened
  == When I upgraded to Version 3.6.3

  I think the question here (or at least mine) is how to block cookies based on *their name*, instead of their source site. E.g. how to stop Google's data mining and user profiling mania, based on numerous cookies with name __ut* . The source of these cookies is not Google. They are first party cookies, "provided to you" by the sites you visit, which delegate the hit counting to Google analytics.

• Handling cookies with URLConnection

  Hello,
  I am trying to figure out how to store and use the cookie in the same session. To capture the cookie in the first place I need the open connection to be connected. Without calling connect() directly, this happens automatically when calling getHeaderFieldKey(i), then I look for and store the cookie.
  But, then setting the cookie with setRequestProperty works only before a call to connect(), or I get a IllegalStateException (Already connected). If I open a new connection, the cookie has a fresh new value and the cookie stored is no longer any good. This seems a lot like a chicken and egg issue.
  I can't see any obvious way out of this at the moment. Any hints would be greatly appreciated.
       URL myUrl = new URL("https://www.google.com/accounts/ServiceLoginAuth?service=mail");
            URLConnection urlConn = myUrl.openConnection();
            HttpURLConnection http = (HttpURLConnection) urlConn;
               // http.setRequestProperty("Cookie", "myCookie"); //Cookie is not retrieved yet. Connection is not opened
            String headerName=null;
            for (int i=1; (headerName = http.getHeaderFieldKey(i))!=null; i++) {
                 if (headerName.equals("Set-Cookie")){
                      System.out.println(http.getHeaderField(i));
            // http.setRequestProperty("Cookie", "myCookie"); //Exception! Already connected
       }

  Now i know how to send cookies and keep the HTTPSession active

• Passing a cookie with a URL call

  Hi there,
  Is it possible to pass a cookie with a url call?
  Thanks in advance!
  Ryan

  I should probably clarify a bit. The goal is to pass a cookie to a url call in order to keep a session alive. It's for a part of an AIR app that pulls in a html frame that requires a login.

• Cookie with a Secure Falg

  In Portal, Can we mark JSESSIONID cookie with a secure flag ?
  After logging into the Portal, the portal sets a cookie called JSESSIONID to track the useru2019s session. This cookie is not set with the u201Csecureu201D flag, which means that the cookie could potentially be transmitted via a non-SSL connection.
  Thanks

  Dear net pas,
  Hope you are doing good.
  You have raised a very valid issue.
  Please do have a look at the SAP NOTE: 1144722-Global configuration of session cookies and attributes
  Also:
  Protecting Sessions Security
  http://help.sap.com/saphelp_nw70/helpdata/en/44/691ccdce2a3675e10000000a114a6b/frameset.htm
  Here pay special attention at:
  cookies named JSESSIONID (in accordance with the JavaÔ Servlet 2.3 specification) for tracking Web browser sessions.
  For this purpose, make sure that the value of SystemCookiesDataProtection and SystemCookieHTTPProtection properties of the HTTP Provider Service on the server nodes is set to true:
  More info at:
  http://help.sap.com/saphelp_nw70ehp2/Helpdata/EN/44/691ccdce2a3675e10000000a114a6b/content.htm
  Thank you and have a nice day :).
  Kind Regards,
  Hemanth
  SAP AGS

• OSB set cookie with Transport Header action

  I am trying to set a cookie using the Transport Header action in the OSB. The thing is that it seems to need some special format?
  When I trying to set a simple cookie with params like: Defined:http,cookie with value xs:string('test') it returns a General runtime error: error: Unexpected element: CDATA.
  I tried looking for an example of someone setting a cookie using this but I can't find anything!
  Can anyone enlighten me on how this functionality works?
  Best regards!

  I'm still confused. The Transport Header seem to want a cookie-values xml so I created a variable which holds my cookie like this:
  <http:cookie-values xmlns:http="http://www.bea.com/wli/sb/transports/http">
       <http:value>MyCookie=%7BBC09751C%2D1F79%2D45A7%2DBC8E%2D3865D71A1888%7D</http:value>
  </http:cookie-values>If I insert my variable into the header, the callout works but when I look in the outbound it seems to flatten the xml into this:
  <tran:headers       xsi:type="http:HttpRequestHeaders" xmlns:tran="http://www.bea.com/wli/sb/transports">
       <tran:user-header       name="Cookie" value="MyCookie=%7BBC09751C%2D1F79%2D45A7%2DBC8E%2D3865D71A1888%7D"/>
       <http:Content-Type>
       application/soap+xml; action="http://www.mycomp.com/Login"
       </http:Content-Type>
       <http:Cookie>
       &lt;http:cookie-values xmlns:http="http://www.bea.com/wli/sb/transports/http">
    &lt;http:value>MyCookie=%7BBC09751C%2D1F79%2D45A7%2DBC8E%2D3865D71A1888%7D&lt;/http:value>
  &lt;/http:cookie-values>
       </http:Cookie>
       </tran:headers>Only the http:cookie-values tag is colored black so i suspect there is a CDATA in front of it of some sort but it looks like it adds a user-header with the same value which looks correct!
  Can anyone tell me how this works?
  Edited by: 860367 on 14-feb-2012 15:56
  Edited by: 860367 on 14-feb-2012 15:59

• Using cookie with DII

  Here is an example to use cookie with static web service call:
  http://download.oracle.com/docs/cd/B32110_01/web.1013/b28974/j2sewsclient.htm#DAFDHCFA
  could some one give an example using cookie with dynamic invocation interdace to inva=oke web service?
  Thanks

  Dear net pas,
  Hope you are doing good.
  You have raised a very valid issue.
  Please do have a look at the SAP NOTE: 1144722-Global configuration of session cookies and attributes
  Also:
  Protecting Sessions Security
  http://help.sap.com/saphelp_nw70/helpdata/en/44/691ccdce2a3675e10000000a114a6b/frameset.htm
  Here pay special attention at:
  cookies named JSESSIONID (in accordance with the JavaÔ Servlet 2.3 specification) for tracking Web browser sessions.
  For this purpose, make sure that the value of SystemCookiesDataProtection and SystemCookieHTTPProtection properties of the HTTP Provider Service on the server nodes is set to true:
  More info at:
  http://help.sap.com/saphelp_nw70ehp2/Helpdata/EN/44/691ccdce2a3675e10000000a114a6b/content.htm
  Thank you and have a nice day :).
  Kind Regards,
  Hemanth
  SAP AGS

• Use cookies with sessionManagement?

  I'm trying to create cookies that I can pass to subsequent
  webpages - all of my webpages are controlled by an Application.cfm
  file with sessionManagement turned on (enabling session variables).
  When a user logs in, I create a cookie for his org name (i.e.
  <cfcookie name="orgname" value="#org_name#"
  domain=".sprint.com">. With the debugger on, I can see the
  cookie set on the login page. However, when I go to another page,
  the debugger no longer shows the cookie. I only see CFID and
  CFTOKEN.
  Are we not allowed to use cookies with session
  management?

  Are we not allowed to use cookies with session management?
  Sure you are. What version of CF. There was some cookie
  issues with
  older, pre 5.0, versions of ColdFusion.
  Are you doing anything on the subsequent pages with the
  cookie? I'm not
  sure a cookie would show up in debugger on any page if you
  are not
  writing or reading it on that given page.

• Android - StageWebView cookies with URLLoader

  Hi,
  does StageWebView not share cookies with URLLoader on Android?
  Thank you.

  StageWebView does not share cookies with URLLoader on Android. It only works on Desktop and iOS. Plesae check the link http://helpx.adobe.com/air/kb/stagewebview-differences-platforms-air-sdk.html# for more reference.
  Regards,
  Nimit

• Cookies with Dates

  Where can I locate a list of cookies with all the dates accessed?
  Thank you

  You may have installed an extension like TACO (Abine) or TrackerBlock that maintains a set of OPT-OUT cookies.
  * Targeted Advertising Cookie Opt-Out (TACO): https://addons.mozilla.org/firefox/addon/targeted-advertising-cookie-op/
  * TrackerBlock: https://addons.mozilla.org/firefox/addon/trackerblock/
  * Beef Taco (Targeted Advertising Cookie Opt-Out): https://addons.mozilla.org/firefox/addon/beef-taco-targeted-advertising/
  In that case you need to uninstall the extension to remove those opt-out cookies.

• Is there any way to DISABLE/RE-ENABLE a SINGLE cookie with a SINGLE click?

  I'm unable to figure out a SINGLE-CLICK method for blocking/unblocking just ONE cookie.... for example, the data-sucking obscenely intrusive google.com cookie. (something I could put on the desktop and just click once when needed) I do flush History at the end of every session and I have the Toggle Favorites buttons for disabling Java&Flash but that's not practical when I've a dozen or more windows/tabs open.
  The frustrating click-heavy method Cor-el would likely suggest of drilling down thru FF's Tools> Options> Exceptions> path and then scrolling down to unblock and then re-block google.com quickly becomes tiresome during long surfing/researching sessions, and it wouldn't address google's First Party HTTPS cookie. I'm not even sure where google's First Party cookie is stored.
  FWIW, I rely on useful add-ons/extensions/plug-ins and FREE software - CCLeaner, SpywareBlaster, NoScript, Ghostery, AdBlock Edge and BetterPrivacy to tailor my "personal browsing experience" on various web sites that abuse eyeballs. I typically leave all 3rd-Party cookies blocked but that google.com and their HTTPS version are inherently the most persistent/egregious, especially as the HTTPS version exploits the First Party cookie rule. Maybe I'm overlooking an obvious settings workaround but I suspect what's really needed is a dedicated PurgeBlockKillGoogle utility or a command file that modifies a Registry entry or a FF session setting with one click.
  If anyone can point me to a plug-in, add-on or browser independent DOS command or utility that accomplishes this, I'll personally petition Santa to bring you 2 new front teeth for Xmas! Even a one click method of opening FF's EXCEPTIONS would eliminate about 50 clicks a day. Seriously, help would be greatly appreciated.

  Been years since I've seen mention of Cookie Monster. For some reason I thought it was paid software, didn't know there was a plug in, happy to give it a try and see if it'll do the trick. Thanks!

• How to set HTTP header field "cookie" with http receiver adapter?

  Hi,
  I am using http receiver adapter (not axis) in a scenario. I could not set a parameter with key cookie in http header. Is there some kind of restriction to set it? I am able to set others like connection and create custom fields using ASMA and dynamic key configuration via UDF on mapping.
  Could you please comment on, is cookie http parameter special or noneditable by PI's http adapter? I am looking for a solution without editing any abap code...
  Regards,

  I believe it is possible since axis adapter provides very same functionality. Let me summarize my scenario may be it helps:
  I am trying to call series of webservice lets say in a BPM. First service (login service) will provide me with a session id (in http header with key Set-Cookie) then I will call another service which has that session id in its http header with key cookie then I am going to logout. So I am testing the second part now, but it doest let me send cookie http header parameter.
  I hope I clarified a bit more my problem.
  Regards,