Losing Sessions
I posted this on the ejb group, but then it occured to me this might be
better.
Hi all,
Something very odd here.
WLS 7.0, trying to get a WAR ported.
Deploys allright, connects to the EJBs allright, but after the first page
(our login page), the next JSP explodes because something it is looking for
in the HttpSession that was put there by the Login page, is gone. In fact,
the session that I get in the JSP's 'session' variable has no items
whatsoever (using getAttributeNames() to check).
WLS is running on my own machine, so my URL to the app is:
http://localhost:7001/appName.
I played around a bit looking at the HTTP headers and what not, and it seems
that the JSESSIONID cookie is always changing from WLS, which would explain
why my sessions are going away.
The WAR works fine under Tomcat (no mean feat, as we had to tweak a lot of
stuff to get this to compile under WLS), but now with the session loss, the
app is pretty much dead in the water, as we can't get past our login page.
Any ideas?
Thanx!
Will Hartung
([email protected])
Will Hartung wrote:
> I posted this on the ejb group, but then it occured to me this might be
> better.
>
> Hi all,
>
> Something very odd here.
>
> WLS 7.0, trying to get a WAR ported.
>
> Deploys allright, connects to the EJBs allright, but after the first page
> (our login page), the next JSP explodes because something it is looking for
> in the HttpSession that was put there by the Login page, is gone. In fact,
> the session that I get in the JSP's 'session' variable has no items
> whatsoever (using getAttributeNames() to check).
>
> WLS is running on my own machine, so my URL to the app is:
> http://localhost:7001/appName.
>
> I played around a bit looking at the HTTP headers and what not, and it seems
> that the JSESSIONID cookie is always changing from WLS, which would explain
> why my sessions are going away.
>
> The WAR works fine under Tomcat (no mean feat, as we had to tweak a lot of
> stuff to get this to compile under WLS), but now with the session loss, the
> app is pretty much dead in the water, as we can't get past our login page.
>
> Any ideas?
>
> Thanx!
>
> Will Hartung
> ([email protected])
>
>
>
>
>
Did anyhow you wrote to the "next JSP" with some expiring control on the
top/header of the page?
Thank you,
Neo Gigs
[email protected]
"Follow the white rabbit..."
Similar Messages
-
Losing session with WLS 7.02 in cluster env
PROBLEM: We are losing our session when running in our app in a clustered environment.
The user can use the app for a while, but then weird stuff starts happening. In
some cases, the login check that we do at the begining of each request fails,
because it tries to check for a login token in the session, and the session has
been wiped out. The user gets forwarded to the login page.
Our configuration is:
WLS 7.0.2 (OS = Windows 2000)
Admin Server and a managed server A at APP1 (physical machine), another managed
server B
at APP2 (physical machine), A and B is in one cluster. We had 6 Apache Servers
2.0.45 (OS = Linux) and each works together with Weblogic Plugin. The weblogic
plugin has the following configuration:
<Location /sample>
SetHandler weblogic-handler
WeblogicCluster 10.1.1.11:7010,10.1.1.12:7010
Idempotent ON
CookieName JSESSIONID
</Location>
The server A and B use round-robin loadblancing, and we have a hardware loadblancer
infront of Apache to do loadblancing for our 6 web servers.
In weblogic.xml we config our application to use replicated for session failover.
Losing session is randomly happened.
Anyone of you have any idea?
Thanks in advance.
Harry
To verify that it is WL and not your app logic, try using a different
session replication implementation for testing, such as the one that comes
with Coherence for Servlet 2.3 containers:
http://www.tangosol.com/coherence.jsp
Peace,
Cameron Purdy
Tangosol, Inc.
http://www.tangosol.com/coherence.jsp
Tangosol Coherence: Clustered Replicated Cache for Weblogic
"Harry Yu" <[email protected]> wrote in message
news:[email protected]...
>
> PROBLEM: We are losing our session when running in our app in a clustered
environment.
> The user can use the app for a while, but then weird stuff starts
happening. In
> some cases, the login check that we do at the begining of each request
fails,
> because it tries to check for a login token in the session, and the
session has
> been wiped out. The user gets forwarded to the login page.
>
> Our configuration is:
> WLS 7.0.2 (OS = Windows 2000)
> Admin Server and a managed server A at APP1 (physical machine), another
managed
> server B
> at APP2 (physical machine), A and B is in one cluster. We had 6 Apache
Servers
> 2.0.45 (OS = Linux) and each works together with Weblogic Plugin. The
weblogic
> plugin has the following configuration:
> <Location /sample>
> SetHandler weblogic-handler
> WeblogicCluster 10.1.1.11:7010,10.1.1.12:7010
> Idempotent ON
> CookieName JSESSIONID
> </Location>
>
> The server A and B use round-robin loadblancing, and we have a hardware
loadblancer
> infront of Apache to do loadblancing for our 6 web servers.
>
> In weblogic.xml we config our application to use replicated for session
failover.
>
> Losing session is randomly happened.
>
> Anyone of you have any idea?
>
> Thanks in advance.
>
> Harry
>
-
Losing Session for Weblogic 7.0.2 in Cluster env
PROBLEM: We are losing our session when running in our app in a clustered environment.
The user can use the app for a while, but then weird stuff starts happening. In
some cases, the login check that we do at the begining of each request fails,
because it tries to check for a login token in the session, and the session has
been wiped out. The user gets forwarded to the login page.
Our configuration is: WLS 7.0.2 (OS = Windows 2000) Admin Server and a managed
server A at APP1 (physical machine), another managed server B at APP2 (physical
machine), A and B is in one cluster. We had 6 Apache Servers 2.0.45 (OS = Linux)
and each works together with Weblogic Plugin. The weblogic plugin has the following
configuration: <Location /sample> SetHandler weblogic-handler WeblogicCluster
10.1.1.11:7010,10.1.1.12:7010 Idempotent ON CookieName JSESSIONID </Location>
The server A and B use round-robin loadblancing, and we have a hardware loadblancer
infront of Apache to do loadblancing for our 6 web servers.
In weblogic.xml we config our application to use replicated for session failover.
Losing session is randomly happened.
Anyone of you have any idea?
Thanks in advance.
Harry
The advice on version numbers given above is quite generic. While JDK 1.4 may work, if you want to run a supported configuration the answer to this question depends on what OS you're running. Further, BEA supports different JDK versions for running the server and for client applications. Here is the whole chart:
http://e-docs.bea.com/platform/suppconfigs/configs70/70_over/overview.html
Be sure to click on your operating system to get the specific information about what JDK is "fully-supported" and what is "client-only".
Hope that helps,
Justin -
Deployig to a Cluster without losing session.
Hi,
We have a cluster setup with 4 servers. We use HttpSession and
StatefulSessionBeans in the cluster with in-memory replication. Is it
possible to redeploy the application to a cluster without losing
session ?.
Thanks,
-Senthil.
We have a cluster setup with 4 servers. We use HttpSession and > StatefulSessionBeans in the cluster with in-memory replication. Is it
> possible to redeploy the application to a cluster without losing
> session ?.
Not with WebLogic session replication. The session replication is "lazy"
(only when something happens) so the best approach is to make sure there are
no imcompatibilities and then cycle the cluster one server at a time, maybe
one server every hour (or whatever your session timeout is).
Peace,
Cameron Purdy
Tangosol, Inc.
http://www.tangosol.com/coherence.jsp
Tangosol Coherence: Clustered Replicated Cache for Weblogic
"Senthil" <[email protected]> wrote in message
news:[email protected]..
> Hi,
>
>
> Thanks,
> -Senthil.
-
Losing session ... please help me
I am developing a program that connect between Applet and Servlet.
I have a problem that losing session in servlet , when I request a servlet using URLConnection in Applet.
I don't know why the servlet loses the session.
I guess that the session is changed when I connect server by URLConnection.
please give me a hand...Try using a java.net.HttpURLConnection instead of java.net.URLConnection. Your session is probably not maintained across requests because cookies aren't being handled properly.
-
Hi,
When I use a javascript to open a popup window from a page in my pageflow, it directs to the action as intended but I am not able to access any attributes that are in the session scope.
Can anyone please help.
Thanks in advance.
gurujiSorry,
What I meant was to set your home page in your browser to some url (like http://amazon.com)
instead of file://C:\temp\junk.html
Actually setting it to about:blank may also work.
Pankaj
"srm" <[email protected]> wrote:
>
Hi,
We are experiencing the same problem with the pop up window as well.,
could you
please elaborate on where you have to set the "Open with" to something
else.,
I will try this out.
I tried encoding the url and it does not work when you pass it to the
javascript
window.open()
Thank you,
-S
"Pankaj Tandon" <[email protected]> wrote:
Hi,
I was just browsing and came across you post. This is something we had
encountered.
The reason you loose your session when a popup is invoked in IE5.5 (and
up) with
windows XP is due to a bug in IE. More here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;300895;cf0A1E0661=Q0NJQ1xDSGVpbmxlOnJlYWxtbnRsbToAolMlR9EI//RZc/fFPs+G
The solution of setting the "Open With" to something other than file://
worked
for us.
HTH
"Mahesh" <[email protected]> wrote:
HI Kelley
Did you get it working. I am not sure about the pageflow stuff, butI
know the
reason behind it. You are losing the session id when the popup happens.
Trying
encoding the URL...response.encodeURL('/popup.do')
Mahesh
John Rohrlich <[email protected]> wrote:
Kelly,
Is the popup showing a page from a nested page flow?
- john
Kelly wrote:
I'm popping open a new window and making a call to an action, but
it
appears that
some session information is getting lost by the time it makes it
to
the called
action.
If I switch it to use the original window it works, but unfortunatelyI must use
a popup.
Any ideas on what might be causing this? -
Help... losing session contexts
Hi,
I'm trying to build a web based application that allows users to log in and be tracked as being logged in using the set_context options.
Basically, the user name and password are validated by a table in a procedure, then if a match is found, the context is set for that user. By doing so I can use vpd to restrict which reports in the app the user can see.
This works just fine on my personal laptop with me browsing my web pages generated by the mod_plsql plug in for apache. If I migrate my code to my linux box and access it over the web (which feeds through a second apache reverse proxy server), the context is frequently lost as soon as I log in. Sometimes it's not lost, and I can navigate to my reports, but then find that the logged in user it displays can be the one I logged in as, or another user I logged in as previously.
I've added a cursor in my code to output all namespace, attribute and value values from the session_context table
while I'm navigating through my app and find that all values for all three columns disappear when I navigate further into my report.
It appears that I'm a losing my sessions because of the feed through the reverse proxy server that ensures that my reports can be seen by the outside world. Is this a reasonable explanation and if so, does anyone know of any work arounds for this issue?
Thanks.
KurtSomething I need to add. All access to the web session is being done as TEST. When the user logs in, he's being validated against a table for that application, but not actually logging into the database. I was just reading the asktom article about Application contexts in a web environment (http://asktom.oracle.com/pls/ask/f?p=4950:8:11131473361978280247::NO::F4950_P8_DISPLAYID,F4950_P8_CRITERIA:5669294472933, ). He refers to a 9i feature for contexts called accessed globally and the best example I see in the article talks about using cookies to maintain session_id's which link the user back to the session as they navigate through each page of the web. Is there any way to do this without using cookies to re-establish context in relation to a session? Is there any way to do this in 8i or am I stuck with a 9i and higher feature?
Or have I totally missed the boat in understanding all this.
Thanks.
Kurt -
I have a Login JSP which talks to a Servlet which then passes the login request to a Bean. In the Bean I save the login information in the Session, if the login fails I am trying to 'forward' to the Login JSP page again. On the Login JSP there is an 'errorText' field that gets the errorText Property from my Bean. However, when the 'getErrorText' method is called by the JSP I seem to have a new Session and have lost all of my login information.
What have I done wrong ? I have tried setting the 'scope' of the Login JSP to session and the application but with no result.
How can I ensure that when I re-display the Login JSP with an error message on it that I am using the Session (and copy of my bean) that I had when I set the properties ?
Sarah.have the code for setting the session values in the servlet that comes after the JSP login page.
in the jsp login page try to retreive the session values for the user name and the password.
store these values in the name and password variables.
for the first time it'll be null and an exception will be thrown. so in the catch block, set the value of the name variable and the password to null string ie "" and set these values as the values of the textfields (for user name and password). also in the catch block, set the error message string also . this one u can use to display when u r redirected to the JSP login page by the servlet. if first time, then set it to null string "".
but assuming that the JSP page has been called from the servlet when an error occured i.e when the server cannot recognize the user name and password combination, the session variables for the user name and the password won't be null and u can use these values to be displayed in the respective textfields.
so when the user name and password cannot be recognized by the server, just call the same JSP login page.
hope that clears a bit of ur doubt!!
rgds
JP -
How to open multiple report windows on button click without losing session?
Hi,
JDev : 11.1.1.2.0
I am trying to open multiple discoverer plus report windows using my ADF application.
My requirement is that user has to select multiple reports from the screen and by clicking on submit button all the reports should be opened in different windows.
1) Below link provided me the the first solution but I can't go with it because my page is jsff and in jsff it doesn't support form tag.
http://andrejusb.blogspot.com/2007/07/opening-report-window-in-adf-faces.html
2) RichGoButton also provide targetFrame property but there is not action property in it so I can't call backing bean method with RichGoButton
3) I have tried to open report windows using javascript window.open with ExtendedRenderKitService but on discoverer side it giving error message that Discoverer Plus cannot attach same session to multiple request.
4) I have created one jsp page in the same folder where my jsff is kept in my ADF application and on submit button click I have launch this jsp page using afConetxt.launchDialog and in jsp scriplet I have written response.sendRedirect to report url but here all report are getting open properly to seperate windwos but my ADF application session is getting timeout so after clicking on submit button it will automatically goes to login page it cann't stay with the current page.
Hoe you have understnad my problem and please provide me if you know any other solution aprart from above mentioned 4 solutions
Regards,
DevDsURL is query parameter value that I want to pass on jsp page. It is used to set some value on jsp page.
If this is not a right approach then let me know how to pass the parameter in jsp page. -
Losing session state after error page
Hi there,
I'm kinda new to all this so please bear with me.
I've created a little app in HTML DB using the Oracle 10g XE database. The app is now in production and working ok. I do however have one issue that I am unable to resolve. The problem is this.
If the user encounters an untrapped error on a page, e.g. they type in more data than the database field allows, then an error message will be displayed on a separate page, with an OK button. When they click the OK button, they are taken back to the page they came from, but any data they had typed in is gone. As you can imaging this is quite frustrating for the user. I know that this feature does work correctly (i.e. your data is retained), as I've seen it working on one of the demo applications. However, I'm at a loss at to what controls this behavior. Does anyone have any idea what setting I might need to change to get this working?
Additional Info: When I call this page initially, I do clear session state for the page I am going to (using the f?p syntax), as I want the page to be blank when the user has clicked on the create new record button. Perhaps this in causing the session state to be lost when I navigate back there after being on the error page. If this is the case is there some way I can stop it from clearing session state for the page it is returning from the error page?
Regards
Joe KennedyScott,
I have created the application on online as you suggested. I was unable to login to the application with my username and password so I deleted the login page and security scheme and accepted the default login page. The really wierd thing is it works as expected, i.e. when I get the error and click ok, the data is still on the page as I entered it. That means there must be something wrong with my setup on my PC, but I don't know what. I will try dropping and recreating the appication from scratch to see if that will fix it. Could it have something to do with the security scheme? That is the only thing I changed with the version I created online.
Thanks
Joe. -
We are having a problem with being able to keep track of HttpSessions. Here's
the two scenarios where this occurs:
1. We have an JSP/Servlet application hosted on Weblogic 6.0 One of the frames
within the JSP page it opens a URL on a IIS content server on a different domain
serving up static content. At some point the static content redirects to a URL
back on the Weblogic server, but it can't find the user session. If the Weblogic
server and the content server are on the same domain it works fine but because
of operational considerations this is very hard to do.
2. A third party application (blackboard) running on Weblogic opens a URL (servlet)
in our Weblogic application, again two servers on different domains. This servlet
creates a session but the next time the blackboard server opens a URL it can't
find the same session.
Could someone explain why this is taking place is the session is maintained through
cookies. I haven't seen this functionality before in dealing with sessions in
other non J2EE applications. Is there a solution other than putting the servers
on the same domain?
-Matt
gfbn
matt heaton <[email protected]> wrote in message
news:3ade23be$[email protected]..
>
> We are having a problem with being able to keep track of HttpSessions.
Here's
> the two scenarios where this occurs:
>
> 1. We have an JSP/Servlet application hosted on Weblogic 6.0 One of the
frames
> within the JSP page it opens a URL on a IIS content server on a different
domain
> serving up static content. At some point the static content redirects to
a URL
> back on the Weblogic server, but it can't find the user session. If the
Weblogic
> server and the content server are on the same domain it works fine but
because
> of operational considerations this is very hard to do.
>
> 2. A third party application (blackboard) running on Weblogic opens a URL
(servlet)
> in our Weblogic application, again two servers on different domains. This
servlet
> creates a session but the next time the blackboard server opens a URL it
can't
> find the same session.
>
> Could someone explain why this is taking place is the session is
maintained through
> cookies. I haven't seen this functionality before in dealing with
sessions in
> other non J2EE applications. Is there a solution other than putting the
servers
> on the same domain?
>
> -Matt
-
Losing sessions after moving to CF10
Hi,
We recently moved an application from CF 7 to CF 10 and have since noticed that browsing to a non secure page (http) to a https page makes the server lose our log-in session. Our site has a log-in page, and this is served securely. When the user logs in they can access all other pages that securely link from that log-in page. But, as soon as they click on a non-secure page, the session is lost.
This is a clean CF 10 install, not an upgrade. Are there any known issues with sessions and HTTPS in CF10 that we should be aware of? I printed out the session/cookie scopes on each page and it seems we get a new JSESSIONID for http/https sites, even though they have the same domain.
Our cfapplication tag is defined as:
cfapplication name="ourSite" clientmanagement="yes" sessionmanagement="yes" sessiontimeout="#CreateTimeSpan(0, 0, 20, 0)#" setclientcookies="yes" setdomaincookies="no" clientstorage="Cookie" scriptprotect="all"
Can anyone please shed some light on this? The domain is the same between http/https calls, so surely CF should be able to retrieve the cookie?
Thanks,
MarkDavid, I tried resetting the browser as you said, but to no avail. I also tried five other different browsers; all the same issue. Something has changed in CF10 and it seems to be to do with CFIDs and sessions. I know that the CF Admin no longer allows multiple logins using the same user id, but something else has changed in CF10 to do with session management. I tried a JVM parameter that returns sessions to their CF 9 mode, but that did not work either.
What I found out was that if I went to the login page securely, all subsequent secure pages retained the session, but insecure ones would not. So, I just made the login page use a http:// link in the form submission method, and that overcomes the issue since all subsequent pages are then http:// links. The solution seems to be make ALL pages served as either http:// or https://. Pages that are secure and post successively to other secure pages are fine, e.g. our e-commerce payment pages.
Very strange this, and no still no definitive workaround or response from Adobe. A cookie with the same domain should be served irrespective of the page being http:// or https://, indeed my own test pages show the same cookie is served in both cases. -
OutputStream Losing session Data
i have a jsf adf 11 project where i have a jspx page with two graphs.
and i have a button where clients make a download the graph image.
FacesContext fctx = FacesContext.getCurrentInstance();
HttpServletResponse response = (HttpServletResponse) fctx
.getExternalContext().getResponse();
response.reset();
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Refresh", "1");
response.setContentType("application/png");
response.setHeader("Content-disposition", "attachment; filename=teste.png");
try {
OutputStream outputStream = response.getOutputStream();
graphSexo.getImageView().exportToPNG(outputStream);
outputStream.flush();
} catch (Exception e) {
e.printStackTrace();
fctx.responseComplete();
My problem is after download prompt displays to the client, i lose all data from the page !
I need to reder this page again to another download of this image !
can anyone help me!?
sorry about my english !!!I think you are using IE6 plus SP1. If yes try uninstall SP1 and you should be able to run an application as expected. I just had experienced "lost session" on WebSphere 4(WS4) with IE6+SP1 so I tested IE6+SP1(with varity of configuration setting) with WS on all SP of WS -> still lost the session. But testing IE6+SP1 on another application servers, I just tried couple of them but it all work fine. I finally test IE6 without SP1 -> the session is worked fine with the same application that didn't work on IE6+SP1.
Guess it is the conflict between WS and IE6+SP1
hope this helps. -
Hi all,
I've a wierd problem wherein the session data is lost only in IE6 browser. I'm storing all the parameters passed to my application in the Httpsession object, but for some reason in IE6 browser the session object becomes null. And all the data I store is lost.
This doesn't happen in IE5 or IE5.5.
CAn anyone help?
Thanks,
nkoneruI think you are using IE6 plus SP1. If yes try uninstall SP1 and you should be able to run an application as expected. I just had experienced "lost session" on WebSphere 4(WS4) with IE6+SP1 so I tested IE6+SP1(with varity of configuration setting) with WS on all SP of WS -> still lost the session. But testing IE6+SP1 on another application servers, I just tried couple of them but it all work fine. I finally test IE6 without SP1 -> the session is worked fine with the same application that didn't work on IE6+SP1.
Guess it is the conflict between WS and IE6+SP1
hope this helps. -
Hi,
Recently, I have just upgraded from weblogic 6.0 to weblogic 6.1. The Windows
version is behaving strangely. Somehow, weblogic 6.1 is unable to retain session
information of incoming request.
ie.
1) client log in
2) client makes a request
If the client isn't logged in, then the client will not be allowed to make the
request. The login information is stored in cookie in http header.
My application seems to work fine in weblogic 6.0 and linux version of weblogic
6.1. Can you tell me what's wrong?
Thanks for your time.Hi,
Recently, I have just upgraded from weblogic 6.0 to weblogic 6.1. The Windows
version is behaving strangely. Somehow, weblogic 6.1 is unable to retain session
information of incoming request.
ie.
1) client log in
2) client makes a request
If the client isn't logged in, then the client will not be allowed to make the
request. The login information is stored in cookie in http header.
My application seems to work fine in weblogic 6.0 and linux version of weblogic
6.1. Can you tell me what's wrong?
Thanks for your time.
Maybe you are looking for
-
How to use CSS and images in a plsql-dbms_output reports?
Hi. Windows 2000 SP4 SQL Developer 1.2.1.32.13 Java 1.5.0_07 Oracle 9.2.0.6 I'm trying to create a plsql-dbms_output report with HTML that uses a stylesheet (CSS) and an image. These seem to be ignored by the report viewer. The following example work
-
Can't find the manual setup anymore
Hi Community! Yesterday I got myself a TC 2 TB for my MBP and PC setup. Everything went fine with the setup so far. The airport setup assistant guided me through to make my basic settings. Now I would like to make fine adjustments here and there. But
-
OIM 11g process implementation
Hi All, We have a requirement where some roles(priviliges in the target app) are getting provisioned. Each role is considered as a separate resource instance and getting provisioned for users.And we have automated this process using schedulers where
-
Hello, When I want to make an audiocrossfade between to clips on my timeline, I find both of the clips frozen on the time line. I.e. I cannot move, resize or degroep them anymore, even after I undo the operation. I'm working with PE 7 and I use the a
-
Odd List Order in the Paragraph Catalog
I set up the paragraph catalog in FrameMaker 8, running on Windows XP. All listings were in alphabetical order, top-to-bottom. After logging on to the computer with a new user account and starting up FM, the paragraph catalog re-ordered itself into a