Help with SESSION.Auth.IsLoggedIn

Similar Messages

• Need help with session sharing in WebCenter Portal

  Hi, How can I share session between a WebCenter Portal application and the portlets it is consuming?
  Basically I want this for authentication. In the portal framework application, I'm setting a user object in the session, How can I get the object in a portlet?
  Regards,
  Navaneet

  IN the second page, you have to make sure that the session
  has been started.
  Put this at the very top of the page -
  <?php if (!isset($_SESSION)) session_start(); ?>
  Murray --- ICQ 71997575
  Adobe Community Expert
  (If you *MUST* email me, don't LAUGH when you do so!)
  ==================
  http://www.dreamweavermx-templates.com
  - Template Triage!
  http://www.projectseven.com/go
  - DW FAQs, Tutorials & Resources
  http://www.dwfaq.com - DW FAQs,
  Tutorials & Resources
  http://www.macromedia.com/support/search/
  - Macromedia (MM) Technotes
  ==================
  "Alidad" <[email protected]> wrote in
  message
  news:g184i4$jgf$[email protected]..
  > have created a login page (php/mysql) with username and
  password boxes.
  > when
  > the form is submitted the mainpage loads up.
  >
  > i want the main page to be specific to that user, so i
  want their name to
  > appear in the first line. eg.. Welcome back 'David'
  >
  > I read a tutorial in the past that tought me to send the
  users id in the
  > URL
  > and then create a record set on the mainpage that was
  filtered by the URL
  > parameter.
  >
  > I have forgotten how to do this and the tutorial is no
  longer available on
  > Adobe's site.
  >
  > I tried that with
  > $_SESSION['MM_Username'] = $loginUsername; \\ in first
  page then
  > echo $_SESSION["MM_username"]; \\in second page, but
  > the
  > problem is that is not showing user name.
  >
  > i need help with that please!
  >
  > can anyone tell me how to do this? Thanks in advance,
  >
  > AM
  >

• Need help with session using dreamweaver

  have created a login page (php/mysql) with username and
  password boxes. when the form is submitted the mainpage loads up.
  i want the main page to be specific to that user, so i want
  their name to appear in the first line. eg.. Welcome back 'David'
  I read a tutorial in the past that tought me to send the
  users id in the URL and then create a record set on the mainpage
  that was filtered by the URL parameter.
  I have forgotten how to do this and the tutorial is no longer
  available on Adobe's site.
  I tried that with
  $_SESSION['MM_Username'] = $loginUsername; \\ in first page
  then
  echo $_SESSION["MM_username"]; \\in second page, but the
  problem is that is not showing user name.
  i need help with that please!
  can anyone tell me how to do this? Thanks in advance,
  AM

  IN the second page, you have to make sure that the session
  has been started.
  Put this at the very top of the page -
  <?php if (!isset($_SESSION)) session_start(); ?>
  Murray --- ICQ 71997575
  Adobe Community Expert
  (If you *MUST* email me, don't LAUGH when you do so!)
  ==================
  http://www.dreamweavermx-templates.com
  - Template Triage!
  http://www.projectseven.com/go
  - DW FAQs, Tutorials & Resources
  http://www.dwfaq.com - DW FAQs,
  Tutorials & Resources
  http://www.macromedia.com/support/search/
  - Macromedia (MM) Technotes
  ==================
  "Alidad" <[email protected]> wrote in
  message
  news:g184i4$jgf$[email protected]..
  > have created a login page (php/mysql) with username and
  password boxes.
  > when
  > the form is submitted the mainpage loads up.
  >
  > i want the main page to be specific to that user, so i
  want their name to
  > appear in the first line. eg.. Welcome back 'David'
  >
  > I read a tutorial in the past that tought me to send the
  users id in the
  > URL
  > and then create a record set on the mainpage that was
  filtered by the URL
  > parameter.
  >
  > I have forgotten how to do this and the tutorial is no
  longer available on
  > Adobe's site.
  >
  > I tried that with
  > $_SESSION['MM_Username'] = $loginUsername; \\ in first
  page then
  > echo $_SESSION["MM_username"]; \\in second page, but
  > the
  > problem is that is not showing user name.
  >
  > i need help with that please!
  >
  > can anyone tell me how to do this? Thanks in advance,
  >
  > AM
  >

• Help with session variable please - CS5.5 PHP

  Hi all,
  I am needing a little assistance with using a session variable and hope that someone may point me in the right direction.
  I have created a PHP page that uses the Dreamweaver 'User Authentication' feature, and the basics of this works fine, directing a user to the correct pages depending on whether they are or are not a valid user. I would like however to personalise the 'valid user' page with the persons Username as entered in the User Authentication table....a seemingly simple task using a session variable, but one that I just don't seem to be able to get working!
  The code generated for the UA on page 1 is as follows:
  <?php
  // *** Validate request to login to this site.
  if (!isset($_SESSION)) {
    session_start();
  $loginFormAction = $_SERVER['PHP_SELF'];
  if (isset($_GET['accesscheck'])) {
    $_SESSION['PrevUrl'] = $_GET['accesscheck'];
  if (isset($_POST['txtfirst_name'])) {
    $loginUsername=$_POST['txtfirst_name'];
    $password=$_POST['txtsurname'];
    $MM_fldUserAuthorization = "";
    $MM_redirectLoginSuccess = "member_update.php";
    $MM_redirectLoginFailed = "login.php";
    $MM_redirecttoReferrer = false;
    mysql_select_db($database_panto, $panto);
    $LoginRS__query=sprintf("SELECT firstname, surname FROM web_access WHERE firstname=%s AND surname=%s",
      GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
    $LoginRS = mysql_query($LoginRS__query, $panto) or die(mysql_error());
    $loginFoundUser = mysql_num_rows($LoginRS);
    if ($loginFoundUser) {
       $loginStrGroup = "";
      if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
      //declare two session variables and assign them
     $_SESSION['MM_Username'] = $loginUsername;
      $_SESSION['MM_UserGroup'] = $loginStrGroup;         
      if (isset($_SESSION['PrevUrl']) && false) {
        $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];   
      header("Location: " . $MM_redirectLoginSuccess );
    else {
      header("Location: ". $MM_redirectLoginFailed );
  ?>
  Firstly, the text highlighted in red above appears to be setting the session variable that I require. Is This correct?
  If so, what is the code that I need to place in page 2 to use that session variable? or
  Do I need to do something else on page 1 to properly assign the session variable?
  Would really appreciate your expertise
  Mark

  It looks as though you've set the columns incorrectly in the User Authentication server behavior. This is the SQL query that checks the user's credentials:
    $LoginRS__query=sprintf("SELECT firstname, surname FROM web_access WHERE firstname=%s AND surname=%s",
      GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
  You're looking for firstname and surname, whereas you should be looking for the user's login name and password.
  $_SESSION['MM_Username'] is a session variable that stores the user's login name. To use it in a subsequent page, all that's needed is for the page to begin with session_start(). You can then echo the value to display it.
  If you want to display the person's real name, you need to create a recordset in the second page using $_SESSION['MM_Username'] to find the firstname and surname. Alternatively, you can edit the existing code like this (I've copied only part of it):
    $LoginRS__query=sprintf("SELECT firstname, surname FROM web_access WHERE firstname=%s AND password=%s",
      GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
    $LoginRS = mysql_query($LoginRS__query, $panto) or die(mysql_error());
    $loginFoundUser = mysql_num_rows($LoginRS);
    if ($loginFoundUser) {
       $loginStrGroup = "";
      $row = mysql_fetch_assoc($LoginRS);
       $_SESSION['full_name'] = $row['firstname'] . ' ' . $row['surname'];
      if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
      //declare two session variables and assign them
     $_SESSION['MM_Username'] = $loginUsername;
      $_SESSION['MM_UserGroup'] = $loginStrGroup;
  You can then use $_SESSION['full_name'] in a subsequent page that begins with session_start().

• Help with session in custom tag

  Hello,
  I want to create a tag that returns true if the session is valid.
  <s:Expired>
  do something
  </s:Expired>
  How do you get the session in a *.java file that is not a servlet?
  I'm new to tags, ans am using JSTL 1.1 and Tomcat 5.0.19
  Thanks
  Frank

  In a custom tag you have a pagecontext object as a member of your class
  with it you can do something like
  HttpServletRequest request = (HttpServletRequest) pageContext.getAttribute(PageContext.REQUEST);
  then it's the usual
  request.getSession()

• Applet on client to help with session invalidation

  Dear All,
  I have a web application that when run by a user, per request, takes up approximately 40 MB of memory due to massive data structures being created, etc. Obviously, if the user leaves the site and goes elsewhere, I don't want that memory being held, even until the session times out(which I have to set at 30 minutes, due to the user community requests). It was suggested to me to create an applet that is embedded in every JSP page that constantly updates an property in a servlet basically saying "I'm here" and when that property hasn't been updated in N seconds, the servlet will call the invalidate method on the session that's not been updated.
  Is this approach feasible? Is there some simpler method I could take to get the same effect? I realize the web is state-less, but I need a work-around in this case to make it act like it is.
  Thanks,
  Mike Brubaker

  You should not need a full-blown applet. You could always use the HTTP meta-refresh tags to request that the browser poll over an interval you specify. The simplest approach would be to open a popup window that has the refresh logic. Place a button there, "logout". You could also have a message, such as, "User [username] has been logged on for [interval]."
  Also, consider serializing the 40 mB memory structure to the filesystem. This would work best if the time between requests is relatively longer than in most applications. If the latency of the database routines to generate the 40 mB structure is low, and the interval between requests is relatively high, consider discarding the memory structure after the request has been completed.
  - Saish
  "My karma ran over your dogma." - Anon

• Can anyone help with "session timed out" at iTunes store?

  I am trying to purchase music from the iTunes store and I am being asked to accept Terms and Conditions to continue which I do - I check the box and I click on accept (immediately). At this point I am told that my session has timed out and to try again. I cannot get past this step, I'd appreciate some advise.  Thank you.

  I used to see that in iOS6 once in a while. Close the apps and reboot the iPad and then look in the apps again. You know how to close the apps so close them first.
  Reboot the iPad by holding down on the sleep and home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider if it appears on the screen - let go of the buttons. Let the iPad start up.

• Need help with session state/item refresh

  I have an application that allows users to record productivity information for our employees. There are different types of work they have to do, so the form is in header/multiple-detail form and uses collections to handle all processing. In the header portion are the fields that record the time of work. Though this is stored in the database as a single field for start of shift and single field for end of shift, in the entry it is split up into 9 fields: 3 for day, month, and year, and three more each for start hours, start minutes, AM/PM, end hours, end minutes, and AM/PM, which I then concatenate to get the dates to store. The update part works fine. When I go in to display each of these, I have to use an SQL query to retrieve only that section of the time.
  The problem I am having is that if the user pulls up several timecards to edit them, it retains these time values from the previous timecard, and due to the way the collections refresh, I can't seem to get either item session state parameter (Only when Null/Always from Source) to achieve the desired result. If I use the Only When Null option, I retain the values from the previous timecard. If I use the Always from Source, the user can't update any of the time-related input.
  Can anyone suggest a solution? I've tried a session state process that fires on entry to clear those items and ran into the same problem as using the Always From Source option. There has got to be a way to handle this, but it's got me stumped and my users are clamoring for a fix.
  Page initial load
  A. Before Header process populates job collection and other collection (not header info), which comes straight from DB table.
  B. Data displays for Header (from table) and two detail sections (from collections)
  User presses Submit to save changes
  1. On Submit Before Processing: updates job and other collections (to preserve changes in case validation fails)
  2. Validations check to make sure job codes are valid, date is valid, employee is valid, etc.
  3. On Submit After Processing: Writes changes to header from input form, writes changes to job and other from collections to appropriate DB tables
  I also have two On Submit After Processing processes to add blank lines - one for each collection. These are triggered via buttons.

  Blair:
  Does creating a 'before header' process to populate these fields make a difference ? The sql could be something like
  select TO_CHAR(TC_START_TIME,'HH') into :P1115_TIME_IN_HH from TC where TC_ID = :P1115_TC_ID;You should set the 'Source Used' back to 'Only when current value in session is null' and the 'Source Type' to 'Static Assignment(....)' and clear out the 'Source value or expression' field.
  varad

• Help with session

  I have multiple application running under webapp of my tomact. I have put an index.jsp page in the ROOT folder instead of the tomcat default one. On that page I created a session object, I was now wondering if would be possible to share session accross the different application running under the same tomcat.
  Many thanks,

  well in the index.jsp I have links to other application, so instead of making the user logging in again for different app, have one login store the username in a session object , on each application I want to get the username from the session, to little check, if the access they see the application, if not they get an error page.
  At the moment I getting null from the session.

• Help with Login Form (JSP DB Java Beans Session Tracking)

  Hi, I need some help with my login form.
  The design of my authetication system is as follows.
  1. Login.jsp sends login details to validation.jsp.
  2. Validation.jsp queries a DB against the parameters received.
  3. If the query result is good, I retrieve some information (login id, name, etc.) from the DB and store it into a Java Bean.
  4. The bean itself is referenced with the current session.
  5. Once all that's done, validation.jsp forwards to main.jsp.
  6. As a means to maintain state, I prefer to use url encoding instead of cookies for obvious reasons.I need some help from step 3 onwards please! Some code snippets will do as well!
  If you think this approach is not a good practice, pls let me know and advice on better practices!
  Thanks a lot!

  Alright,here is an example for you.
  Assume a case where you don't want to give access to any JSP View/HTML Page/Servlet/Backing Bean unless user logging system and let assume you are creating a View Object with the name.
  checkout an example (Assuming the filter is being applied to a pattern * which means when a resource is been accessed by webapplication using APP_URL the filter would be called)
  public doFilter(ServletRequest req,ServletResponse res,FilterChain chain){
       if(req instanceof HttpServletRequest){
              HttpServletRequest request = (HttpServletRequest) req;
              HttpSession session = request.getSession();
              String username = request.getParameter("username");
              String password = request.getParameter("password");
              String method = request.getMethod();
              String auth_type  = request.getAuthType();
              if(session.getAttribute("useInfoBean") != null)
                  request.getRequestDispatcher("/dashBoard").forward(req,res);
              else{
                      if(username != null && password != null && method.equaIsgnoreCase("POST") && (auth_type.equalsIgnoreCase("FORM_AUTH") ||  auth_type.equalsIgnoreCase("CLIENT_CERT_AUTH")) )
                           chain.doFilter(req,res);
                      else 
                        request.getRequestDispatcher("/Login.jsp").forward(req,res);
  }If carefully look at the code the autherization is given only if either user is already logged in or making an attempt to login in secured way.
  to know more insights about where these can used and how these can be used and how ?? the below links might help you.
  http://javaboutique.internet.com/tutorials/Servlet_Filters/
  http://e-docs.bea.com/wls/docs92/dvspisec/servlet.html
  http://livedocs.adobe.com/jrun/4/Programmers_Guide/filters3.htm
  http://www.javaworld.com/javaworld/jw-06-2001/jw-0622-filters.html
  http://www.servlets.com/soapbox/filters.html
  http://www.onjava.com/pub/a/onjava/2001/05/10/servlet_filters.html
  and coming back to DAO Pattern hope the below link might help you.
  http://java.sun.com/blueprints/corej2eepatterns/Patterns/DataAccessObject.html
  http://java.sun.com/blueprints/patterns/DAO.html
  http://www.javapractices.com/Topic66.cjp
  http://www.ibm.com/developerworks/java/library/j-dao/
  http://www.javaworld.com/javaworld/jw-03-2002/jw-0301-dao.html
  On the whole(:D) it is always a good practice to get back to Core Java/J2EE Patterns.and know answers to the question Why are they used & How do i implement them and where do i use it ??
  http://www.fluffycat.com/java-design-patterns/
  http://java.sun.com/blueprints/corej2eepatterns/Patterns/index.html
  http://www.cmcrossroads.com/bradapp/javapats.html
  Hope that might help :)
  REGARDS,
  RaHuL

• Need help with the session state value items.

  I need help with the session state value items.
  Trigger is created (on After delete, insert action) on table A.
  When insert in table B at least one row, then trigger update value to 'Y'
  in table A.
  When delete all rows from a table B,, then trigger update value to 'N'
  in table A.
  In detail report changes are visible, but the trigger replacement value is not set in session value.
  How can I implement this?

  You'll have to create a process which runs after your database update process that does a query and loads the result into your page item.
  For example
  SELECT YN_COLUMN
  FROM My_TABLE
  INTO My_Page_Item
  WHERE Key_value = My_Page_Item_Holding_Key_ValueThe DML process will only return key values after updating, such as an ID primary key updated by a sequence in a trigger.
  If the value is showing in a report, make sure the report refreshes on reload of the page.
  Edited by: Bob37 on Dec 6, 2011 10:36 AM

• Policy agent 2.2 amfilter local authentication with session binding failed

  Hi All,
  I have policy agent 2.2 for weblogic 8.1 sp4 installed on redhat linux. All are working fine in my development box. But I was running all the process under user root, so today I decided to change it to a regular user, joe. I changed all the files' owner for weblogic server and policy agent from root to joe, and restart server as user Joe. After the change, I can not access the application on Weblogic server. I changed file ownership back to root and restart weblogic server as root, still same error.
  Here is the error I got:
  10.4.4 403 Forbidden
  The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
  Here is the error I found from agent log file, amFilter:
  AmFilter: now processing: SSO Task Handler
  05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  SSOTaskHandler: caching SSO Token for user uid=amAdmin,ou=People,dc=etouch,dc=net
  05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  AmBaseSSOCache: cached the sso token for user principal : uid=amadmin,ou=people,dc=etouch,dc=net sso token: AQIC5wM2LY4Sfcx4XY/x/M7G1Y3ScVjFj8E3oT0BV45mh0Q=@AAJTSQACMDE=#, cache size = 1
  05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  SSOTaskHandler: SSO Validation successful for uid=amAdmin,ou=People,dc=etouch,dc=net
  05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  AmFilter: now processing: J2EE Local Logout Task Handler
  05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  AmFilter: local logout skipped SSO User => amAdmin, principal =>null
  05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  AmFilter: now processing: J2EE Local Auth Task Handler
  05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  LocalAuthTaskHandler: No principal found. Initiating local authentication for amAdmin
  05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  LocalAuthTaskHandler: doing local authentication with session binding
  05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  LocalAuthTaskHandler: Local authentication failed, invalidating session.05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  WARNING: LocalAuthTaskHandler: Local authentication failed for : /portal/index.jsp, SSO Token: AQIC5wM2LY4Sfcx4XY/x/M7G1Y3ScVjFj8E3oT0BV45mh0Q=@AAJTSQACMDE=#
  05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
  AmFilter: result =>
  FilterResult:
       Status      : FORBIDDEN
       RedirectURL     : null
       RequestHelper:
            null
       Data:
            null
  -----------------------------------------------------------

  Hi,
  I'm having the exact same problem in the Prod environment, but on a Sun App Server. In development all is fine, in prod we now have:
  ERROR: AmFilter: Error while delegating to inbound handler: J2EE Local Auth Task Handler, access will be denied
  java.lang.IllegalStateException: invalidate: Session already invalidated
  at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1258)
  at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:164)
  at com.sun.identity.agents.filter.LocalAuthTaskHandler.doLocalAuthWithSessionBinding(LocalAuthTaskHandler.java:289)
  at com.sun.identity.agents.filter.LocalAuthTaskHandler.authenticate(LocalAuthTaskHandler.java:159)
  at com.sun.identity.agents.filter.LocalAuthTaskHandler.process(LocalAuthTaskHandler.java:106)
  at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:185)
  at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
  at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:38)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
  at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
  at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
  at java.security.AccessController.doPrivileged(Native Method)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
  at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
  FilterResult:
  Status : FORBIDDEN
  RedirectURL : null
  RequestHelper:
  null
  Data:
  null
  Also, we I debug I see:
  LocalAuthTaskHandler: No principal found. Initiating local authentication for ...
  Did you receive any solution for this?
  Many, many thanks,
  Philip

• Please help with SSL POST: Servlet returns Error 500

  I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
  Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
  Any help is deeply appreciated!
  I copy-paste the method directly from NetBeans:
  CODE>
  void connectHTTPS(String url){
  try {
  URL page = new URL(url); // login page necessary to get a jsp session cookie
  //------------ SET UP SSL - is it right?
  System.setProperty("java.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol");
  try {
  //if we have the JSSE provider available,
  //and it has not already been
  //set, add it as a new provide to the Security class.
  final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
  if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
  Security.addProvider((Provider)clsFactory.newInstance());
  } catch( ClassNotFoundException cfe ) {
  throw new Exception("Unable to load the JSSE SSL stream handler." +
  "Check classpath." + cfe.toString());
  URLConnection urlc = page.openConnection();
  urlc.setDoInput(true);
  *Get the session id cookie set by the TelkomInternet java server
  String cookie = urlc.getHeaderField("Set-Cookie");
  //textpane.setText(totextpane);
  textpane.setText(cookie);
  //---------------- form an auth request and post it with the cookie
  String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
  // set the servlet that handles authentication as target
  URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
  // cast to httpConn to enable setRequestMethod()
  HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
  // formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
  urlc2.setRequestMethod("POST"); // experimental
  urlc2.setRequestProperty("Content-Length",""+postdata.length());
  urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
  urlc2.setRequestProperty("Accept-Language","en-us");
  urlc2.setUseCaches(false);
  urlc2.setDoOutput(true);
  urlc2.setDoInput(true);
  urlc2.setFollowRedirects(true); // ??
  //send cookies
  urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
  //write other data
  PrintWriter out = new PrintWriter(urlc2.getOutputStream());
  out.print(postdata); // username and password here
  out.flush();
  out.close();
  //---------------- get the authenticated page with real ADSL statistics
  BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
  String totextpane = "";
  String buffer = "";
  while (buffer != null) {
  try {
  totextpane = totextpane + "\n" + buffer;
  buffer = br.readLine();
  } catch (IOException ioe) {
  ioe.printStackTrace();
  break;
  textpane.setText(totextpane);
  } catch (Exception ex) {
  System.err.println(ex.getMessage());
  ---- END CODE---
  Thank you very much for any attempt at helping with this problem!

  I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
  Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
  Any help is deeply appreciated!
  I copy-paste the method directly from NetBeans:
  CODE>
  void connectHTTPS(String url){
  try {
  URL page = new URL(url); // login page necessary to get a jsp session cookie
  //------------ SET UP SSL - is it right?
  System.setProperty("java.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol");
  try {
  //if we have the JSSE provider available,
  //and it has not already been
  //set, add it as a new provide to the Security class.
  final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
  if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
  Security.addProvider((Provider)clsFactory.newInstance());
  } catch( ClassNotFoundException cfe ) {
  throw new Exception("Unable to load the JSSE SSL stream handler." +
  "Check classpath." + cfe.toString());
  URLConnection urlc = page.openConnection();
  urlc.setDoInput(true);
  *Get the session id cookie set by the TelkomInternet java server
  String cookie = urlc.getHeaderField("Set-Cookie");
  //textpane.setText(totextpane);
  textpane.setText(cookie);
  //---------------- form an auth request and post it with the cookie
  String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
  // set the servlet that handles authentication as target
  URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
  // cast to httpConn to enable setRequestMethod()
  HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
  // formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
  urlc2.setRequestMethod("POST"); // experimental
  urlc2.setRequestProperty("Content-Length",""+postdata.length());
  urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
  urlc2.setRequestProperty("Accept-Language","en-us");
  urlc2.setUseCaches(false);
  urlc2.setDoOutput(true);
  urlc2.setDoInput(true);
  urlc2.setFollowRedirects(true); // ??
  //send cookies
  urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
  //write other data
  PrintWriter out = new PrintWriter(urlc2.getOutputStream());
  out.print(postdata); // username and password here
  out.flush();
  out.close();
  //---------------- get the authenticated page with real ADSL statistics
  BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
  String totextpane = "";
  String buffer = "";
  while (buffer != null) {
  try {
  totextpane = totextpane + "\n" + buffer;
  buffer = br.readLine();
  } catch (IOException ioe) {
  ioe.printStackTrace();
  break;
  textpane.setText(totextpane);
  } catch (Exception ex) {
  System.err.println(ex.getMessage());
  ---- END CODE---
  Thank you very much for any attempt at helping with this problem!

• Problem with Sessions in JSP

  Hi,
  I am working on a JSP based website, where I am facing problem with sessions. The user is asked to login by providing her id and password. If found correct, a bean is created and populated with all her details and placed in session scope. I plan to use the information stored in the bean on other related pages until she logs out.
  <jsp:useBean id="validUser" scope="session" class="UserBean" >
  <c:set target="${validUser}" property="userId" value="${fn:trim(dbValues.UserId)}" />
  <c:set target="${validUser}" property="userName" value="${fn:trim(dbValues.UserName)}" />
  </jsp:useBean>
  <c:redirect url="userHome.jsp" /> The user is presented her homepage - 'userHome.jsp', where she can find various links, like 'Update Profile', 'Pay Registration Fees', 'Book Room' etc. The information stored in the bean is available on 'userHome.jsp'page.
  <A HREF='userHome.jsp'>Home</A>
  <A HREF='editPersonal.jsp'>Update Profile</A>
  <A HREF='registrationFee.jsp'>Pay Registration Fees</A>
  <A HREF='bookRoom.jsp'>Book Room</A>
  <A HREF='logout.jsp'>Logout</A> The problems are:
  1. Whenever user clicks on any of the above mentioned links and moves to any page, the bean comes out as null.
  <%-- Verify that the user is logged in --%>
  <c:if test="${validUser == null}">
  <jsp:forward page="loginForm.jsp">
  <jsp:param name="origURL" value="${pageContext.request.requestURL}" />
  <jsp:param name="errorMsg" value="You must be logged in to access this site." />
  </jsp:forward>
  </c:if> 2. The URL shows an additional jsessionid, which my client doesn't want to see.
  3. On every click on any link, the value of this jsessionid changes.
  What I presume, when I am clicking on different links, my session changes, and so I am seeing a different jsessionid. And since session is changing, therefore the bean is not available in a different session.
  All this works fine with localhost, problem comes into picture, when I upload my pages to the server.
  Puzzled, can anyone help, where am I going wrong? Let me add here, I am new to JSP and hence don't have much resources with me.

  There are several ways sessions can be exchanged between the browser and the server in a j2ee web application.
  1. The default is through cookies. However when the client does not accept cookies, the server appends the session id to the url.
  2. Some servers also facilitate session information exchange using session id in the url even if the client does accept cookies. This is usually ahieved through a setting in some server configuration file.
  You will have to find out why the server in your application is appending the session id to the url.
  Whatever be the case, the server should be able to look up the session from the incoming request (be it from the session id in the url or a session cookie).
  When session information is exchanged through the JSESSIONID in the url, you should ensure that each and every url that goes to the server has this input parameter. To do that all links and form post urls in your servlet/jsp should be treated with a call to encodeURL().
  For example, in a jsp
     <a href = "<%=response.encodeURL("/nextJsp.jsp")%>">Click here </a>
  or
     <form action = "<%=response.encodeURL("/nextJsp.jsp")%>">
     </form>etc.
  ram.

• Is there a Java utility class to help with data management in a desktop UI?

  Is there a Java utility class to help with data management in a desktop UI?
  I am writing a UI to configure a network device that will be connected to the serial port of the computer while it is being configured. There is no web server or database for my application. The UI has a large number of fields (50+) spread across 16 tabs. I will write the UI in Java FX. It should run inside the browser when launched, and issue commands to the network device through the serial port. A UI has several input fields spread across tabs and one single Submit button. If a field is edited, and the submit button clicked, it issues a command and sends the new datum to the device, retrieves current value and any errors. so if input field has bad data, it is indicated for example, the field has a red border.
  Is there a standard design pattern or Java utility class to accomplish the frequently encountered, 'generic' parts of this scenario? lazy loading, submitting only what fields changed, displaying what fields have errors etc. (I dont want to reinvent the wheel if it is already there). Otherwise I can write such a class and share it back here if it is useful.
  someone recommended JGoodies Bindings for Swing - will this work well and in FX?

  Many thanks for the reply.
  In the servlet create an Arraylist and in th efor
  loop put the insances of the csqabean in this
  ArrayList. Exit the for loop and then add the
  ArrayList as an attribute to the session.I am making the use of Vector and did the same thing as u mentioned.I am using scriplets...
  >
  In the jsp retrieve the array list from the session
  and in a for loop step through the ArrayList
  retrieving each CourseSectionQABean and displaying.
  You can do this in a scriptlet but should also check
  out the jstl tags.I am able to remove this problem.Thanks again for the suggestion.
  AS