Problem with JAAS logout
Hi!
I've got the problem, that I want to test my security implementation by the help of JUnit tests.
Therefore a user gets authenticated (JAAS based authentication)to the system and tries do commit some actions. To get the identification of the calling user I call the SessionContext.getCallerPrincipal() method within a stateless session bean. This is working in the way it has to until I try to log out the user and relogin with another one (this is done within one TestCase several times..)
Unfortunately (even after a call to the LoginContext.logout() method) the SessionContext.getCallerPrincipal() method returns for the whole JUnit-test only the first authenticated user.
Does anybody has an idea what I need to do to get the SessionContext from the bean changed every time I call the LoginContext.logout() method?
Thx for your answers
Andreas
Hi Andreas,
We are having exactly the same problem that you have mentioned here, i.e we are not able to switch between users in the JUnit test. Our Security JUnit tests are working properly on JBoss and Websphere but are not working on Weblogic because of this problem.
Can you please let me know if you have found a solution or workaround for this problem.
thanks,
Raj
Similar Messages
-
Problems with customized logout.html
First question...
Should the <FORM action> in the customized logout.html be set to itself (logout.html) or the default logout page https://1.1.1.1/logout.html
Assuming the second option... after I click submit on logout.html it takes me to https://1.1.1.1/logout.html which then displays a message:
To complete the log off process and to prevent access to unauthorized users, you must
close all browser windows and exit the browser application.
Is it possible to change this mesage?
Thanks,You can download the bundle from here and look at the this tar file:
WLC Authentication with Customized Logout Page
This is an example custom webauth bundle when authentication is in use. After successful login, the customized 'logout.html' page comes up. After unsuccessful login, the customized failed.html comes up. These pages will not be seen unless the user has popups enabled in the browser. This bundle goes on the WLC itself. It contains an Acceptable Use Policy (aup.html) and graphic (yourlogo.jpg) besides the base 'login.html'.
logout/login.tar
http://software.cisco.com/download/release.html?mdfid=282600534&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"***** -
Problem with JAAS authentication using jboss client
I'm trying to make a little compiled application works. It has two parts: a little client(one class) and a server part which runs on a jboss server, and comunicates between them using JAAS + SSL. It works perfectly alone if I run it in a java project, without the messing sap JAAS implementation.
I followed all the steps in:
https://websmp101.sap-ag.de/~sapidb/011000358700003517632004E.PDF
and managed to apply the configuration into the security service of WAS, using <b>jboss-client.jar</b> as the library with the login module, and <b>org.jboss.security.ClientLoginModule</b> as the login module.
I included the client class into a web service developed for my WAS, packing the class and its library plus jboss-client.jar into my EAR.
But when it tries to do the authentication, sometimes it uses:
<b>org.jboss.security.ClientLoginModule</b> (that's the correct class) but throws a "<b>User is locked</b>" exception.
Have I need to create the user who I use to connect to jboss in my WAS UME ? This has no much sense. Anyway doesn't work either, and the user is not locked.
Other times (withouth changing anything) it uses:
<b>com.sap.engine.system.SystemLoginModule</b> and throws this exception:
<b>com.sap.engine.services.security.exceptions.BaseLoginException</b>: Call logout before login
I have nightmares trying to integrate things which works in every application server but WAS. Why couldn't they simply follow the standard!?
I'm thinking in installing a tomcat with the client, and use axis to wrap it with a web service I can consume from my WAS. Not very elegant solution.
I think it maybe has something to do with specific callback classes from sap implementation.
Any idea? I can't go forward.Did you resolve this problem? Please let me know. I have the same issue now and don;t know what I should be doing next
-
Problems with JAAS setup in WL 8.1 SP3
Hi all,
I have WL 8.1 SP3 installed on a XP Prof box with JDK 1.4.2
I have an application that makes use of the JAAS. I keep getting the following error
javax.security.auth.login.LoginException: No LoginModules configured for <XXXXXX>
at javax.security.auth.login.LoginContext.init(LoginContext.java:189)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:350)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:465)
I know that this means that it couldnt find the login modules defined in the configuration file. But I have it defined there. The following is what I am doing
1. I have the startWebLogic.cmd as below.
%JAVA_HOME%\bin\java %JAVA_VM% %MEM_ARGS% %JAVA_OPTIONS% -Dweblogic.Name=%SERVER_NAME% -Dweblogic.ProductionModeEnabled=%PRODUCTION_MODE% -Djava.security.policy=%JAVA_HOME%\jre\lib\security\java.policy weblogic.Server
2. In the Java policy file located in security folder of the JDK home, I changed the security file to point to config file as below
login.config.url.1=file:${JAVA_HOME}/jre/lib/security/jaas.conf
Can someone suggest me a solution ?
Thanks
meka tokaDid you ever find a solution to this?
I am having the same problem. -
Hi,
I am sailaja, I am developing an application, to that application for authentication/authorization I am using JAAS.
But my problem is, in my application I am using 3rd party tool for document processing, for that tool I need to access a servlet from that application, but the jaas settings are not allowing to access that class file.
So, I need to remove the JAAS settings to that servlet, Can any body guide for this.
Thanks and Regards
N.Sailaja
Edited by: SailajaN on Jun 12, 2009 6:52 AMthanks shashi_rajak
i have resolved now this problem but i have a small question:
i don't understand yet the use of the callback
for example ,i notice in sun documentation that NameCallback Construct a NameCallback with a prompt but i don't like to get the username from prompt but from
a inputTect for example in my web application.
could you please explain me this -
Problem with JAAS Form Based Auth
Hello
I have JAAS form based auth almost working. I have an app and when I try to access it the login page comes up as planned. So far so good. Then problem is when I feed it a bad login password, it comes up with a 403 forbidden error (you are not authorized). What I want (and expected) to have happen was my custom jsp AuthFailed.jsp to come up.
If i go directly to /AuthFailed.jsp it comes up just fine (without logging in). Is there something else i need to do to get this to come up? Any help greatly appreciated. I configured these two forms by right clicking web.xml and choosing properties then under the proper menu I picked form based.
Thanks
troyHi,
You'll want to add something similar to the following in your web.xml file:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>Login.jsp</form-login-page>
<form-error-page>LoginError.jsp</form-error-page>
</form-login-config>
</login-config> -
Problem with JAAS example in WLS6.0sp1
Hi,
I tried to run the SampleClient from the JAAS example in WLS6.0sp1 and got an
exception
when a valid username/password combination is entered. Has anyone experienced
that in WLS6.0sp1?
Thanx
Ralf
SampleLoginModule.initialize(), debug enabled
SampleLoginModule.initialize(), URL t3://localhost:7001
SampleLoginModule.login(), username guest
SampleLoginModule.login(), password guest
Authentication Failed: Unexpected Exception, java.lang.NoSuchMethodError
at weblogic.security.auth.Authenticate.authenticate(Authenticate.java:124)
at examples.security.jaas.SampleLoginModule.login(SampleLoginModule.java:157)
at java.lang.reflect.Method.invoke(Native Method)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
at examples.security.jaas.SampleClient.main(SampleClient.java:92)Weblogic comes with its own implementation of JAAS, unfortunately
conflicting with Sun's. Contact customer support, they will tell you the
exact differences and incompatibilities. Or reverse engineer the two
versions, you'll find quite a few differences (apart from the BEA version
not implementing JAAS authorization, which is documented).
"Narinder Gaheer" <[email protected]> wrote in message
news:[email protected]..
I am happy someone came up with this problem. I also bent backwardssolving
this problem
in my application.
I figured out that as soon as I remove the standard jaas.jar from my
classpath , I can run the example successfully. Weblogic.jar does contain
necessary jaas library , so don't need to include jaas.jar.
I am not sure, but I get the feeling that there is a jaas library conflict
here. May be weblogic
guys are the best to put some light on this issue.
"Ralf Fritsche" <[email protected]> wrote in message
news:3b15188e$[email protected]..
I found out, that the example runs with the JDK delivered by BEA,
but not with a JDK I downloaded from SUN.
Wheras with the first the provided way to set the user defined
configuration class with the system property'weblogic.security.jaas.Configuration'
works, this is not possible with another JDK. According to the
JAAS standard, this class could only be defined in the properties
file 'java.security' of the Java runtime.
How is BEA doing this?
Thanx
Ralf -
Problem with automatic logout between secure and non-secure urls
On my business catalyst page the user login page is located on a non secure url (our site's domain and not worldsecuresystems). When a user is logged in and then views a page on a secure url (i.e. a page to purchase a subscription to a secure zone) it does not retain their login cookie and it appears they have been logged out. This also creates a problem where I cannot pre populate the secure zone purchase form with a user's information based on their account details. Is there a way to retain have both domains recognize the user is logged in to allow the user to freely pass between these domains without having to login twice? I was considering putting the login page on the secure domain and using relative urls for all my links but for some reason some of my pages appear corrupt when viewed on the worldsecuresystems domain so I'd like to avoid this method. Any help would be appreciated.
Make sure the referrer paramter is correctly set on the form.
This is the default BC action. But remember the {module_siteurl} will return the host they are currently on. So if this is used on a secure page you'll need to use {module_sitehost} instead
action="{module_secureurl}/ZoneProcess.aspx?ZoneID=-1&Referrer={module_siteUrl,true,true}&OID={module_oid}&OTYPE={module_otype}"> -
Problem with user logout in servlet
Hi friends,
I develop an web application using JSP and Servlet. When the user login it goes to userhome page and when he click the logout link it goes to logout.jsp page. but the problem is when i click my browsers back button it shows the transaction held. How could i stop this. Here is my code
UserServlet.java
int raj=modelBean.validateUser(username,password,role);
if(raj==1)
session.setAttribute("username",username);
if(session!=null)
getServletContext().getRequestDispatcher("/adminhome.jsp").forward(request,response);
else
{ getServletContext().getRequestDispatcher("/login.jsp").forward(request,response);
Here raj is the output of the validateUser() method that checks the DB for username and password. I set the value to 1 if data exists in DB.
Here my adminhome.jsp page
The userservlet redirects to the adminhome if values found in DB..
<% String sid=(String)session.getAttribute("username");
if(sid==null)
response.sendRedirect("expired.html");
%>
Then it displays a table about user information
Here is my logout page
<%
session.removeAttribute("username");
if(session!=null)
session.invalidate();
%>
What should i do to avoid the problem...
Any help would be appreciatedHere is my complete code BalusC,
UserServlet.java (My Controller servlet)
package com.rajk.javacode.servlets;
import java.io.*;
import java.io.PrintWriter;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.http.HttpSession;
public class UserServlet extends HttpServlet
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
UserModel modelBean = new UserModel();
PrintWriter op=response.getWriter();
HttpSession session=request.getSession(true);
String username = request.getParameter("username");
String password = request.getParameter("password");
String role = request.getParameter("role");
if (username.equals("") && password.equals("")) throw new ServletException
("User name or password not specified");
else
modelBean.setUsername(username);
modelBean.setPassword(password);
modelBean.setRole(role);
try
int raj=modelBean.validateUser(username,password,role);
if(raj==1)
if(session!=null)
getServletContext().getRequestDispatcher("/administratorhome.jsp").forward(request,response);
else
getServletContext().getRequestDispatcher("/err_login_session.html").forward(request,response);
else if(raj==2)
getServletContext().getRequestDispatcher("/customerhome.jsp").forward(request,response);
else if(raj==3)
getServletContext().getRequestDispatcher("/vendorhome.jsp").forward(request,response);
else if(raj==4 || raj==5 || raj==6 || raj==9 || raj==7)
getServletContext().getRequestDispatcher("/err_login.jsp").forward(request,response);
else
getServletContext().getRequestDispatcher("/err_login.jsp").forward(request,response);
catch (SQLException e)
throw new ServletException(e.getMessage());
request.setAttribute("modelBean", modelBean);
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
getServletContext().getRequestDispatcher("/view.jsp").forward(request, response);
}UserModel.java (Bean file)
package com.rajk.javacode.servlets;
import java.io.*;
import java.sql.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class UserModel extends dbmodel implements Serializable
private String username;
private String password;
private String role;
private String userid;
public UserModel()
public static UserModel load(ResultSet rs) throws SQLException
UserModel user = new UserModel();
String value = null;
value = rs.getString(1);
if (value != null)
user.setUserid(value);
value = rs.getString(2);
if (value != null)
user.setUsername(value);
value = rs.getString(3);
if (value != null)
user.setPassword(value);
value = rs.getString(4);
if (value != null)
user.setRole(value);
return user;
//Getter and Setter methods
public String getUserid()
return userid;
public String setUserid(String userid)
this.userid=userid;
return userid;
public String getUsername()
return username;
public String setUsername(String username)
this.username=username;
return username;
public String getPassword()
return password;
public String setPassword(String password)
this.password=password;
return password;
public String getRole()
return role;
public String setRole(String role)
this.role=role;
return role;
// Login Validation Method
public int validateUser(String un,String pwd,String rle) throws SQLException
String un1=null;
String pwd1=null;
String rle1=null;
String uid=null;
int result=0;
System.out.println(un+" "+pwd+" "+rle);
PreparedStatement pstmt = null;
ResultSet rs = null;
connect();
try
final String SQL = "SELECT * FROM tbl_user WHERE user_name = '"+un+"'";
pstmt=con.prepareStatement(SQL);
rs = pstmt.executeQuery();
while (rs.next())
uid=rs.getString("user_id");
un1=rs.getString("user_name");
pwd1=rs.getString("user_password");
rle1=rs.getString("role");
if(rle1.equals(rle) & (rle.equals("admin")))
if(uid.equals(un) & (pwd1.equals(pwd)))
result=1;
return result;
else
result=4;
return result;
else if(rle1.equals(rle) & (rle.equals("customer")))
if(un1.equals(un) & (pwd1.equals(pwd)))
result=2;
return result;
else
result=5;
return result;
else if(rle1.equals(rle) & (rle.equals("vendor")))
if(un1.equals(un) & (pwd1.equals(pwd)))
result=3;
return result;
else
result=6;
return result;
else
result=9;
return result;
catch(Exception e)
result=7;
return result;
finally
if (rs != null)
rs.close();
if (pstmt != null)
pstmt.close();
//return result;
Now tell me what code should i put in the admin home or some other page in order to maintain the user session properly. Please give me the code if u have one..
Thanks in advance -
i new in jaas and stuck when develop jaas aplication using myeclipse
i have follow the tutorial, create MyCallbackHandler class, MyLoginModule class dan some principal class and auth.conf
my problem is where and how can i setting my jaas application so it can refrence to auth.conf
thxwhere must i put this code (-Djava.security.auth.login.config=jaas.conf) in my application, because i using myeclipse ?
or can i set this in web.xml? if i can how to do that? -
Problems using JAAS with EJB 3.0 on JBoss 4.0.4-GA
Hello all,
I am trying to build a very simple JavaEE application with JAAS, but I getting mad.
I have an EAR packed with a WAR module an EJB JAR module and a JAR with other classes. Struts is the MVC framework and EJB 3.0 is been used.
First of all, I configured the "login-config.xml" file within /conf directory in JBoss, like this:
<application-policy name="exemplo1">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:jdbc/Infra_Seguranca</module-option>
<module-option name="principalsQuery">SELECT COD_USUARIO AS Password FROM USUARIO WHERE COD_USUARIO=?</module-option>
<module-option name="rolesQuery">SELECT NOME_ROLE AS Roles, 'Roles' AS RoleGroups FROM ROLE_USUARIO WHERE COD_USUARIO=?</module-option>
</login-module>
</authentication>
</application-policy>Next I configured the "web.xml" file like this:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
<description>Declarative security tests</description>
<url-pattern>*.do</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xxx</role-name>
</auth-constraint>
<user-data-constraint>
<description>no description</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>exemplo1</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginErro.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Role xxx</description>
<role-name>xxx</role-name>
</security-role>Notice that I am using the "xxx" role to protect the "*.do" URL pattern.
The "jboss-web.xml" is like this:
<?xml version="1.0"?>
<jboss-web>
<security-domain>java:/jaas/exemplo1</security-domain>
</jboss-web>As it is, it works perfectly, which means, every time I try to access a "*.do" URL it verifies whether I am authenticated and have authroization or not. If not, the login page shows up.
Now I wanna to be able to also protect my EJBs.
My Stateless Session Bean is implemented as follow:
@RolesAllowed("yyy")
@Stateless(name="UserManagement")
public class UserManagementBean implements UserManagement {
public void add(User user) {
}When I run all this, the container simply igoners the @RolesAllowed("yyy") annotation and allow the EJB execution.
If I add the "jboss.xml" file, like this:
<?xml version="1.0"?>
<jboss>
<security-domain>java:/jaas/exemplo1</security-domain>
</jboss>I start getting this stack trace:
ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:313)
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
... Am I missing something? What do I have to do to get JAAS working fine with my EJBs? Do I have to also configure and/or provide "ejb-jar.xml" ???
Thanks
DanielUsing @SecurityDomain("exemplo1") in my EJB and NOT providing jboss.xml, it works.
@SecurityDomain("exemplo1")
@RolesAllowed("yyy")
@Stateless(name="UserManagement")
public class UserManagementBean implements UserManagement {
public void add(User user) {
}Damn! This is some serious shit... I don�t want to configure this in every single EJB.
EJB 3.0 is nice, but some small trivial details like this and others, that was forgotten by Sun, piss me off! -
Problem with an update page.
I have a problem with an update page on my website
Here's how it work
values are defualted in from the advert table - this works fine
I should then be able to change the fields and click on the update button
This works fine but ONLY when the O_year field is populated.
There doesn't seem to be anything special about the O_year field
I thought spry text validation would of been causing the issues, but I removed them and have the same problem.
For some reason the POST_MMupdate value is not being set to 'form4', which it is doing if O_year is set.
Please can someone have a look at this, code,
Also, is there a way of 'stepping through' dreamweaver code to debug it?
Thanks
Adam
$colname_Advert = "-1";
if (isset($_GET['advert_id'])) {
$colname_Advert = $_GET['advert_id'];
mysql_select_db($database_guitarswap_db, $guitarswap_db);
$query_Advert = sprintf("SELECT * FROM advert WHERE advert_id = %s", GetSQLValueString($colname_Advert, "int"));
$Advert = mysql_query($query_Advert, $guitarswap_db) or die(mysql_error());
$row_Advert = mysql_fetch_assoc($Advert);
$totalRows_Advert = mysql_num_rows($Advert);
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form4"))
//Сheck that we have a file
if((!empty($_FILES["PictureLocation"])) && ($_FILES['PictureLocation']['error'] == 0))
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES["PictureLocation"]["name"]);
$ext = substr($filename, strrpos($filename, '.') + 1);
if (($ext == "jpg") && ($_FILES["PictureLocation"]["type"] == "image/jpeg") &&
($_FILES["PictureLocation"]["size"] < 350000))
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname))
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['PictureLocation']['tmp_name'],$newname)))
// echo "It's done! The file has been saved as: ".$newname;
else
// echo "Error: A problem occurred during file upload!";
else
// echo "Error: File ".$_FILES["PictureLocation"]["name"]." already exists";
else
// echo "Error: Only .jpg images under 350Kb are accepted for upload";
else
// echo "Error: No file uploaded";
$filename=$row_Advert['PictureLocation'];
// set default opentoalloffers
if (!isset($_POST['checkopentoalloffers']))
$_POST['checkopentoalloffers'] = 'n';
$updateSQL = sprintf("UPDATE advert SET PictureLocation=%s, O_Make=%s, O_Model=%s, O_Country=%s, O_Year=%s, O_Colour=%s, O_Body=%s, O_Neck=%s, O_Fingerboard=%s, O_Pickups=%s, `value`=%s, `condition`=%s, W_Make=%s, W_Model=%s, W_Country=%s, W_Year=%s, W_Colour=%s, W_Body=%s, W_Neck=%s, W_Fingerboard=%s, W_Pickups=%s, Comments=%s, opentoalloffers=%s, ChangeFlg = %s WHERE advert_id=%s",
GetSQLValueString($filename, "text"),
GetSQLValueString($_POST['O_Make'], "text"),
GetSQLValueString($_POST['O_Model'], "text"),
GetSQLValueString($_POST['O_Country'], "text"),
GetSQLValueString($_POST['O_Year'], "date"),
GetSQLValueString($_POST['O_Colour'], "text"),
GetSQLValueString($_POST['O_Body'], "text"),
GetSQLValueString($_POST['O_Neck'], "text"),
GetSQLValueString($_POST['O_Fingerboard'], "text"),
GetSQLValueString($_POST['O_Pickups'], "text"),
GetSQLValueString($_POST['value'], "int"),
GetSQLValueString($_POST['condition'], "text"),
GetSQLValueString($_POST['W_Make'], "text"),
GetSQLValueString($_POST['W_Model'], "text"),
GetSQLValueString($_POST['W_Country'], "text"),
GetSQLValueString($_POST['W_Year'], "date"),
GetSQLValueString($_POST['W_Colour'], "text"),
GetSQLValueString($_POST['W_Body'], "text"),
GetSQLValueString($_POST['W_Neck'], "text"),
GetSQLValueString($_POST['W_Fingerboard'], "text"),
GetSQLValueString($_POST['W_Pickups'], "text"),
GetSQLValueString($_POST['Comments'], "text"),
GetSQLValueString($_POST['checkopentoalloffers'], "text"),
GetSQLValueString('y', "text"),
GetSQLValueString($_POST['advert_id'], "int"));
mysql_select_db($database_guitarswap_db, $guitarswap_db);
$Result1 = mysql_query($updateSQL, $guitarswap_db) or die(mysql_error());
$updateGoTo = "Member2.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
header(sprintf("Location: %s", $updateGoTo));
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<link href="Layout3.css" rel="stylesheet" type="text/css" /><!--[if IE 5]>
<style type="text/css">
/* place css box model fixes for IE 5* in this conditional comment */
.twoColFixLtHdr #sidebar1 { width: 230px; }
</style>
<![endif]--><!--[if IE]>
<style type="text/css">
/* place css fixes for all versions of IE in this conditional comment */
.twoColFixLtHdr #sidebar1 { padding-top: 30px; }
.twoColFixLtHdr #mainContent { zoom: 1; }
/* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */
</style>
<![endif]-->
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
background-color: #FFF;
margin-left: 20px;
.twoColFixLtHdr #container #main3 #form1 div fieldset {
border: thin ridge #CCC;
-->
</style>
<script type="text/javascript">
<!--
function MM_goToURL() { //v3.0
var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
for (i=0; i<(args.length-1); i+=2) eval(args[i]+".location='"+args[i+1]+"'");
//-->
</script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
</head>
<body class="twoColFixLtHdr">
<div id="container">
<div id="header">
<div id="Righty">
<ul id="MenuBar2" class="MenuBarHorizontal">
<li><a href="index.php">Search</a> </li>
<li><a href="Member2.php">Members</a></li>
</ul>
<p> </p>
</div>
<span id="LoginDiv">
<?php
if (isset($_SESSION['MM_Username']))
echo "hello ". $_SESSION['MM_Username']. "";
echo " <a href='Logout.php'>Log out</a> ";
else
echo "
<a href='Login.php'>Login</a> / <a href='Register.php'>Register</a>
?>
</a></span>
<div id="Middle">
<h1 align="center">GuitarSwap</h1>
</div>
</div>
<div id="sidebar1">
<h4>Members Area</h4>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="Member2.php">My Adverts</a></li>
<li><a href="NewAdvert.php">Create new Advert</a></li>
<li><a href="UpdateUserDets.php">My Account</a></li>
</ul>
<h3> </h3>
</div>
<div id="mainContent">
<h4>Update Advert</h4>
<!-- end #mainContent -->
</div>
<!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats -->
<div id="main3">
<div id="main">
<fieldset>
<legend>Please update advert details and confirm</legend>
<form action="<?php echo $editFormAction; ?>" enctype="multipart/form-data" method="post" name="form4" id="form4">
<input type="hidden" name="advert_id" value="<?php echo $row_Advert['advert_id']; ?>" />
<p></p>
<table width="650" align="center">
<tr valign="baseline">
<td width="17" rowspan="15" valign="middle" nowrap="nowrap"><?php echo "<img src='upload/" .$row_Advert['PictureLocation']."' width='64' height='180'/>" ?></td>
<td width="133" align="right" nowrap="nowrap"> </td>
<td width="240" align="center" bgcolor="#CCCCCC"><strong>Offered</strong></td>
<td width="240" align="center" bgcolor="#CCCCCC"><strong>Wanted</strong></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Make:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Make" type="text" value="<?php echo $row_Advert['O_Make']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Make" type="text" value="<?php echo $row_Advert['W_Make']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Model:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Model" type="text" value="<?php echo $row_Advert['O_Model']; ?>" size="30" maxlength="30" /></td>
<td bgcolor="#CCFFFF"><input name="W_Model" type="text" value="<?php echo $row_Advert['W_Model']; ?>" size="30" maxlength="30" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Country:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Country" type="text" value="<?php echo $row_Advert['O_Country']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Country" type="text" value="<?php echo $row_Advert['W_Country']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Year:</strong></td>
<td bgcolor="#CCFFCC"><span id="sprytextfield1">
<input name="O_Year" type="text" value="<?php echo $row_Advert['O_Year']; ?>" size="4" maxlength="4" />
<span class="textfieldInvalidFormatMsg">Invalid format.</span><span class="textfieldMinValueMsg">The entered value is less than the minimum required.</span><span class="textfieldMaxValueMsg">The entered value is greater than the maximum allowed.</span></span></td>
<td bgcolor="#CCFFFF"><span id="sprytextfield2">
<input name="W_Year" type="text" value="<?php echo $row_Advert['W_Year']; ?>" size="4" maxlength="4" />
<span class="textfieldInvalidFormatMsg">Invalid format.</span><span class="textfieldMinValueMsg">The entered value is less than the minimum required.</span><span class="textfieldMaxValueMsg">The entered value is greater than the maximum allowed.</span></span></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Colour:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Colour" type="text" value="<?php echo $row_Advert['O_Colour']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Colour" type="text" value="<?php echo $row_Advert['W_Colour']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Body:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Body" type="text" value="<?php echo $row_Advert['O_Body']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Body" type="text" value="<?php echo $row_Advert['W_Body']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Neck:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Neck" type="text" value="<?php echo $row_Advert['O_Neck']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Neck" type="text" value="<?php echo $row_Advert['W_Neck']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Fingerboard:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Fingerboard" type="text" value="<?php echo $row_Advert['O_Fingerboard']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Fingerboard" type="text" value="<?php echo $row_Advert['W_Fingerboard']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Pickups:</strong></td>
<td bgcolor="#CCFFCC"><input name="O_Pickups" type="text" value="<?php echo $row_Advert['O_Pickups']; ?>" size="30" maxlength="15" /></td>
<td bgcolor="#CCFFFF"><input name="W_Pickups" type="text" value="<?php echo $row_Advert['W_Pickups']; ?>" size="30" maxlength="15" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Condition:</strong></td>
<td bgcolor="#CCFFCC"><label for="condition">
<select name="condition" size="1" id="condition">
<option selected="selected" value="" <?php if (!(strcmp("", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>---select---</option>
<option value="immaculate" <?php if (!(strcmp("immaculate", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>immaculate</option>
<option value="excellent" <?php if (!(strcmp("excellent", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>excellent</option>
<option value="good" <?php if (!(strcmp("good", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>good</option>
<option value="well used" <?php if (!(strcmp("well used", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>well used</option>
<option value="poor" <?php if (!(strcmp("poor", $row_Advert['condition']))) {echo "selected=\"selected\"";} ?>>poor</option>
</select>
</label></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Value:</strong></td>
<td bgcolor="#CCFFCC"><span id="sprytextfield3">
<input name="value" type="text" value="<?php echo $row_Advert['value']; ?>" size="11" maxlength="11" />
<span class="textfieldInvalidFormatMsg">Invalid format.</span></span></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap="nowrap"><strong>Comments:</strong></td>
<td bgcolor="#CCFFCC"><textarea name="Comments" cols="25" rows="3"><?php echo $row_Advert['Comments']; ?></textarea></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><strong>Picture location</strong></td>
<td bgcolor="#CCFFCC"><label for="checkopentoalloffers"></label> <input type="file" name="PictureLocation" value="<?php echo $row_Advert['PictureLocation']; ?>" size="20" /></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr valign="baseline">
<td height="26" align="right" nowrap="nowrap"><strong>Open to all offers:</strong></td>
<td bgcolor="#CCFFCC"><input name="checkopentoalloffers" type="checkbox" id="checkopentoalloffers" value="y" <?php if (!(strcmp($row_Advert['opentoalloffers'],"y"))) {echo "checked=\"checked\"";} ?> /></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
</table>
<p> </p>
<div id="submitdiv">
<input type="hidden" name="MM_update" value="form4" />
<input name="submit button" type="submit" id="submit button" value="Update Advert" />
</div>
<div id="exitdiv">
<label for="button15"></label>
<input name="button" type="button" id="button15" onclick="MM_goToURL('parent','Member2.php');return document.MM_returnValue" value="Exit" />
<label for="button16"></label>
</div>
<p> </p>
</form>
</fieldset>
<script type="text/javascript">
var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextfield1", "integer", {validateOn:["blur"], minValue:1900, maxValue:2010, isRequired:false});
var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextfield1", "integer", {validateOn:["blur"], minValue:1900, maxValue:2010});
var sprytextfield2 = new Spry.Widget.ValidationTextField("sprytextfield2", "integer", {minValue:1900, maxValue:2010, validateOn:["blur"], isRequired:false});
var sprytextfield3 = new Spry.Widget.ValidationTextField("sprytextfield3", "currency", {validateOn:["blur"], isRequired:false});
</script>
<br class="clearfloat" />
<!-- end #container -->
</div></div></div>
<script type="text/javascript">
<!--
var = new Spry.Widget.MenuBar("", {imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
var MenuBar2 = new Spry.Widget.MenuBar("MenuBar2", {imgDown:"../SpryAssets/SpryMenuBarDownHover.gif", imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});
var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
//-->
</script>
</body>
</html>
<?php
mysql_free_result($Advert);
if (is_resource($Result1)) mysql_free_result($Result1);
?>Please note,
Removing I investigated spry a little more, in the end I settled for removing spry altogether,
Maybe it was because the text field in a $GET (for the default) AND a $PUT (for the update) -
Problem with sessions in Kate Editor
Hey guys!
I'm using Kate Editor to code and i'm having problems with sessions. If kate is open and I logout KDE, when I come back to KDE all my customizations in Kate's session (activated plugins, font size, etc) are lost.
If I manually close Kate before logout from KDE, all the customizations are kept when a manually start Kate. I tried a lot of workarounds, but none worked.
Is this a bug? Someone else with this issue?
Thanks in advance!The Warning errors are simply because you don't have the tablespaces, users, and roles defined in your application system under the DB Admin tab. Unless it is important to you to capture the physical implementation of your tables exactly as well as the table definitions, you can safely ignore these. If the physical implementation IS important to you, then you need to create these tablespaces, roles and users under the database that you created under the DB Admin tab before you start the capture.
The Error is because in the set of objects you are capturing there is a foreign key that references the table named "PLEASANT". This table must be among the objects that you are capturing, or must already be in a Table Definition in your application system in the repository. -
Hi,
I am working on a JSP based website, where I am facing problem with sessions. The user is asked to login by providing her id and password. If found correct, a bean is created and populated with all her details and placed in session scope. I plan to use the information stored in the bean on other related pages until she logs out.
<jsp:useBean id="validUser" scope="session" class="UserBean" >
<c:set target="${validUser}" property="userId" value="${fn:trim(dbValues.UserId)}" />
<c:set target="${validUser}" property="userName" value="${fn:trim(dbValues.UserName)}" />
</jsp:useBean>
<c:redirect url="userHome.jsp" /> The user is presented her homepage - 'userHome.jsp', where she can find various links, like 'Update Profile', 'Pay Registration Fees', 'Book Room' etc. The information stored in the bean is available on 'userHome.jsp'page.
<A HREF='userHome.jsp'>Home</A>
<A HREF='editPersonal.jsp'>Update Profile</A>
<A HREF='registrationFee.jsp'>Pay Registration Fees</A>
<A HREF='bookRoom.jsp'>Book Room</A>
<A HREF='logout.jsp'>Logout</A> The problems are:
1. Whenever user clicks on any of the above mentioned links and moves to any page, the bean comes out as null.
<%-- Verify that the user is logged in --%>
<c:if test="${validUser == null}">
<jsp:forward page="loginForm.jsp">
<jsp:param name="origURL" value="${pageContext.request.requestURL}" />
<jsp:param name="errorMsg" value="You must be logged in to access this site." />
</jsp:forward>
</c:if> 2. The URL shows an additional jsessionid, which my client doesn't want to see.
3. On every click on any link, the value of this jsessionid changes.
What I presume, when I am clicking on different links, my session changes, and so I am seeing a different jsessionid. And since session is changing, therefore the bean is not available in a different session.
All this works fine with localhost, problem comes into picture, when I upload my pages to the server.
Puzzled, can anyone help, where am I going wrong? Let me add here, I am new to JSP and hence don't have much resources with me.There are several ways sessions can be exchanged between the browser and the server in a j2ee web application.
1. The default is through cookies. However when the client does not accept cookies, the server appends the session id to the url.
2. Some servers also facilitate session information exchange using session id in the url even if the client does accept cookies. This is usually ahieved through a setting in some server configuration file.
You will have to find out why the server in your application is appending the session id to the url.
Whatever be the case, the server should be able to look up the session from the incoming request (be it from the session id in the url or a session cookie).
When session information is exchanged through the JSESSIONID in the url, you should ensure that each and every url that goes to the server has this input parameter. To do that all links and form post urls in your servlet/jsp should be treated with a call to encodeURL().
For example, in a jsp
<a href = "<%=response.encodeURL("/nextJsp.jsp")%>">Click here </a>
or
<form action = "<%=response.encodeURL("/nextJsp.jsp")%>">
</form>etc.
ram. -
Problem with ESM on some computers
We have been having a problem with ESM on some older computers. The
computers all seem to be older computers running WinXP SP2 (Dell
OptiPlex SX260). The computers have the Novell client, either 4.91 SP4
or SP5, and either have the Microsoft client for Microsoft Networks
turned off (unchecked) or uninstalled. The computer will be running
fine, we'll install ESM on them and then when the computer comes up
after that it won't login properly. It will accept the login, but then
says access denied but keeps going. All drive mappings fail with a 470
error code and the login script ends with an 8885 error. I look in the
Novell client and it says that the user is authenticated to the tree and
connected to the servers but can't access anything on them. I can try
logging in as many times as I want and it won't map the drives. If I
try to get to the NSS volumes using UNC paths, it won't work. I can try
a UNC path with the IP address instead of the name and still the same story.
We've found two ways around the problem and neither are acceptable:
1. Remove ESM
2. Go into the network control panel and uncheck the Senforce ESS
Filter Engine. After that, I can try to login and it goes right
through. I don't even have to logout, just right-click on the red N and
choose login. Everything maps just fine.
The firewall is set to all open so it isn't blocking the ports. Or at
least it isn't set to block them.
I say we've had the problems on the SX260's. We've only tried this on
SX260's and a small number of newer Dell desktops and laptops (Optiplex
740, 745, 755, Latitude D620, D630). Only the SX260's are having the
problem. They also, however, are the ones with the Microsoft client for
Microsoft Networks either turned off or uninstalled.
We're about to open another SR with Novell support but it is difficult
for us to leave a computer in a non-working state so we can work with
support on it.
Any ideas?Originally Posted by Sean Eckton
We have been having a problem with ESM on some older computers. The
computers all seem to be older computers running WinXP SP2 (Dell
OptiPlex SX260). The computers have the Novell client, either 4.91 SP4
or SP5, and either have the Microsoft client for Microsoft Networks
turned off (unchecked) or uninstalled. The computer will be running
fine, we'll install ESM on them and then when the computer comes up
after that it won't login properly. It will accept the login, but then
says access denied but keeps going. All drive mappings fail with a 470
error code and the login script ends with an 8885 error. I look in the
Novell client and it says that the user is authenticated to the tree and
connected to the servers but can't access anything on them. I can try
logging in as many times as I want and it won't map the drives. If I
try to get to the NSS volumes using UNC paths, it won't work. I can try
a UNC path with the IP address instead of the name and still the same story.
We've found two ways around the problem and neither are acceptable:
1. Remove ESM
2. Go into the network control panel and uncheck the Senforce ESS
Filter Engine. After that, I can try to login and it goes right
through. I don't even have to logout, just right-click on the red N and
choose login. Everything maps just fine.
The firewall is set to all open so it isn't blocking the ports. Or at
least it isn't set to block them.
I say we've had the problems on the SX260's. We've only tried this on
SX260's and a small number of newer Dell desktops and laptops (Optiplex
740, 745, 755, Latitude D620, D630). Only the SX260's are having the
problem. They also, however, are the ones with the Microsoft client for
Microsoft Networks either turned off or uninstalled.
We're about to open another SR with Novell support but it is difficult
for us to leave a computer in a non-working state so we can work with
support on it.
Any ideas?
Sean,
I have seen login issue with the Novell client and zesm if a firewall is enabled.
Is it possible to do the following:
Right click the ZESM client and go to About
Click Diagnostics, Logging and select all
Once you have logging enabled on the client please duplicate the issue.
Please post or attach the log so we can see it.
You will find the log in c:\documents and settings\all users\application data\senforce\logs
Maybe you are looking for
-
Nokia E75 Battery Status Indicator?
Hello, well i have a problem. on most phones, if you go in the settings, there will be a section where it says all of the phone status. and i find this really useful when it comes to the battery. But on the Nokia E75 i cant seem to find the battery s
-
Legato networker license ?!
SunFire V880 Sun StorEdge Autoloader L8 Sun StorEdge Enterprise Backup (Legato Networker 7.2) Solaris 8 Oracle 9.2 Legato is successfully using for backup local file system and backup of oracle database at the remote linux server. It is also nessesar
-
Help,BI Content install failed
Client 000, DDIC, SPAM, load package. SPAM status is red. and OCS locked by transaction SAINT. What should I do now? Thanks.
-
Someone please help I have tried to update my phone but now it wont turn on. It has the little green man and says 'installing system update' all it does is get to 100% vibrate, turn off then come back on again with 'recovery booting' in the top left
-
"This Apple ID has not purchased 'OS X Mountain Lion'"
So I recently initiated a reboot to my MacBook pro, in order to clean it and restore it to factory settings. I was asked to reinstall OS X Mountain Lion and when I attempted to do so this message appeared. Noticing this I went on ahead and purchased