Session Manager for Safari? Glims pathetic?

Similar Messages

• Re: (forte-users) Session management for page builder(fwd)

  Jaco,
  Hope this helps,
  John
  John Soper, Information Systems Development, ITS, The University of Melbourne
  email: j.soperits.unimelb.edu.au >>>> Tel: 9344 5612---------- Forwarded message ----------
  Date: Mon, 10 Jan 2000 16:34:31 +1100
  From: Lyle Winton <L.Wintonits.unimelb.edu.au>
  To: John Soper <j.soperits.unimelb.edu.au>
  Subject: Re: (forte-users) Session management for page builder (fwd)
  Why not construct an intermediate page after the
  login page that has SESSION_UNSPECIFIED and
  a refresh META tag. The page can then refresh
  to either the login failed or login succeeded pages
  depending on how the login went! Looks like...
  1) Login page (SESSION_UNSPECIFIED)
  2A) Refresh page (SESSION_UNSPECIFIED)
  < HTML >
  < HEAD >
  < META http-equiv="refresh"
  content="0;URL=<a href=
  "http://www.blah.com/forte.cgi?PageName=3">http://www.blah.com/forte.cgi?PageName=3</a>" >
  < /HEAD >
  < BODY >
  Login succeeded. Please wait...
  < /BODY >
  < /HTML >
  2B) Refresh page (SESSION_UNSPECIFIED)
  < HTML >
  < BODY >
  Login failed.
  < /BODY >
  < /HTML >
  3) We're finally in. (SESSION_REQUIRED)
  I'm not sure if this works on internet exploder.
  Lyle.
  John Soper wrote:
  Lyle,
  (Post from forte mailing group)
  Does this make sense to you?
  John
  John Soper, Information Systems Development, ITS, The University of Melbourne
  email: j.soperits.unimelb.edu.au >>>> Tel: 9344 5612---------- Forwarded message ----------
  Date: Thu, 30 Dec 1999 07:54:24 +0200
  From: "Jaco Erasmus (home)" <jacoerasmweb.co.za>
  To: kamranaminyahoo.com
  Subject: (forte-users) Session management for page builder
  Hi everybody,
  We have a lot of legacy code making use of the page builder service to
  produce web pages. These pages were originally written without session
  management. I'm now busy adding session management to them, but there is
  one problem with this approach and I will appreciate if someone can shed
  some light on it. Here it is:
  Page one is submitted.
  Some validation (authentication) takes place and depending on the outcome,
  either page 2A (SESSION_REQUIRED) or 2B (error page with
  SESSION_UNSPECIFIED) must be displayed. In order to implement this, I
  needed a place to make a decision. The way I've done it, is to pass a
  'virtual page' (SESSION_UNSPECIFIED) to the page builder service. The
  validation is done here and request.PageName is then replaced with the
  PageName of pages 2A or 2B. The HandleRequest() method is then called
  again. The problem is that the ValidateSession() method does not get
  invoked again, thus allowing 2A through without a session. How do I make
  sure that the ValidateSession() method get invoked again?
  The approach making use of templates look to me as if it has all the means
  to do this (redirect tag), but I don't want to rewrite everything if I
  don't have to. Is there a way that a pagebuilder page can be specified by
  the redirect tag? This will definitely help, but so far I've only managed
  to call templates from the redirect tag.
  Is the template approach better suited for session management? It is
  definetely better documented...
  Regards.
  Jaco
  For the archives, go to: http://lists.sageit.com/forte-users and use
  the login: forte and the password: archive. To unsubscribe, send in a new
  email the word: 'Unsubscribe' to: forte-users-requestlists.sageit.com

  Hi,
  i hope this helps
  http://help.sap.com/saphelp_nw70/helpdata/EN/7e/aa610cc1dd8f4388b1df02fc362f0f/frameset.htm
  http://help.sap.com/saphelp_nw70/helpdata/EN/69/c250754ba111d189750000e8322d00/frameset.htm
  regards,
  Anil.

• Session management for a web service

  I am building a web service where the user will need to login and the application will need to maintain a persistent session. I am using Apache Axis2 for client/server communication via SOAP/XML. What would the simplest and most common way of doing this? I know I could implement session management from scratch similarly to how a browser does it, using cookies, but I'd rather use standard Java libraries for this. Am I correct in assuming that even though I'm using Axis2, the solution doesn't really have anything to do with Axis2 since Axis2 is basically just a way for the client/server to send messages to each other?
  I've read a lot of information online about this, but there's so much information that it's hard to know where to start. Basically I'm just looking for someone to point me in the right direction on what classes to use and so on. I just need a simple username password authentication and session management system for a web service.

  Container Managed Authentication. Does everything you need.

• Session Management in Safari Browser

  Hi guys, is there a way to conserve the session of the Safari browser. I hate to keep logging in to the websites. Please help. Thanks.

  Hi guys, is there a way to conserve the session of the Safari browser. I hate to keep logging in to the websites. Please help. Thanks.

• ATG Session Management for multiple instance

  Hello,
  I have a topology for ATG applicaiton on my local as one web server with two instances of ATG running. I am storing the cart details in a cookie however, the issue I am facing is that when I restart the browser [close and open again] sometimes I see the items in my cart and at times my cart is empty [Depending on what instance the request was served from]. The req I am working towards is to have items every time I do the routine mentioned above.
  Also, When I changed the architecture to one web server and one instance, my cart populates just fine.
  This is for anonymous user; no I am not persisting anonymous user profile/order details. Cart Info is stored in a secure cookie.
  ATG9_1 Jboss4

  tnx Ram..
  but problem tht i mentioned is happening at my client site. In my office i dont get that problem. Why such discrepancy dint know......
  Infact it want my application in such a way that when i logged in to my application using seperate set of user id and password from two new
  instance of IE 6.0 browser (Not through CTRL+N), logging out my
  application from one IE browser by clicking Log Out button should not logged me out from othe instance.
  When i printed session value when logged from two new instance, i found that both are taking same value at client site where as in my office set-up they both take different values (which is wht i wanted). Set-up and everything are same at both the end. So why such different behaviour at both end. Iplanrt versions are same at both place.
  As mentioned by you i have not incorporated session.setMaxInactiveInterval(-1); in my code. Infact the sesson time out is default to webserver (ie 30 mins).
  Tnx,
  Sachin

• Web service authentication/session management using Axis2

  I'm creating a web service using Axis2 where the client will need to login to the service and maintain a session. I'm trying to figure out a good way to do this. I've read the article on the following link:
  http://www.developer.com/services/article.php/3620661/Axis2-Session-Management.htm
  and it describes 4 main ways of doing this: Request Session Scope, Soap session scope, Transport session scope, and Application scope. However, it doesn't give much detail in actually implementing this. It says to add a parameter to services.xml like this:
  <service name="foo" scope=" transportsession">
  </service>
  but what about the actual code that goes in the server and client to actually handle the login process and verify the username/password in an SQL database on the server? I'm having a lot of trouble finding a good tuturial on this. Can anyone point me in the right direction? I'm also open to other ideas that don't necessarily directly involve Axis2.

  Session management for a web service and already answered. Locking.

• Cfdiv and session managment

  I am working on a website that uses session managment for
  security login.
  The site was developed with CF6, and we are now trying
  migrating it to CF8.
  Currently, forms are submitted passing the session token in
  the URL like this:
  <form
  action="Assignments.cfm?<cfoutput>#session.URLToken#</cfoutput>"
  method="post">
  </form>
  I'm trying to integrate CFDIV into the code, so I have
  <cfform>
  </cfform>
  <CFDIV bind="url:AnotherForm.cfm ...>
  When I run this, Instead of including "AnotherForm.cfm" the
  session is not getting passed and the system logs me out.
  I've tried
  bind="url:AnotherForm.cfm?<cfoutput>#session.URLToken#</cfoutput>
  (also logs me out)
  and putting the code in a
  <cfdiv>
  <cfform
  action="AnotherForm.cfm?<cfoutput>#session.URLToken#</cfoutput>">
  </cfform>
  <cfdiv>
  Doesn't abend, but doesn't do anything either.
  So, does anybody know how to incorporate cfdiv into session
  management?
  thank you,
  Steve Shapiro
  University of Oregon

  Yes, entity managers are allowed to have one transaction active at any given time.
  Assuming that you have a resource-local entity manager (from your comment about JDBC and non-JTA data sources) then any container-managed transaction associated with a session bean is going to be a JTA transaction and be completely independent of the entity manager transaction (as long as the non-JTA-data source is properly set to a data source that is not a JTA data source).
  If you are using a non-JTA data source element to configure your database then the entity manager will simply do a getConnection() on the data source. If you are using the JDBC persistence properties in persistence.xml then the connection will be obtained directly from the JDBC driver.

• " plug-in name does not support the highest level of security for Safari plug-ins" appear for some plugins in Safari Security "Manage Website Settings"?

  Hi,
  Wondering why "<plug-in name> does not support the highest level of security for Safari plug-ins" appear for some plugins in Safari > Security > "Manage Website Settings"?
  Have been trying to get to the root cause of the problem but did not find much on this. I am trying to figure out what can get the warning to go away completely than using the Allow/Always Allow options for the plug-in
  Thanks,
  Shyam

  Hi Linc,
  Thank you for your response. Here is the screenshot of the warning that I am talking about.
  Here is what I do:
  1. Launch Safari and open its Preferences. I have Safari 7.1 installed on my machine.
  2. Click Security Tab and click Manage WebSite Settings
  3. A window opens showing me all the Plug-ins that I have (listed on the left hand side).
  4. One of them is the Adobe Reader plug-in. When I click Adobe Reader, the following details about the plug-in show up on the right
  I was referring to the highlighted section that warns me about this plug-in not using the highest level of security for Safari Plug-ins.
  Note: I do not see this for all my plug-ins (QuickTime, Adobe Flash Player don't give me this warning) which tells me that there is a way to make the warning go away.
  Thanks again,
  Shyam

• Coherence integration with oracle weblogic portal for Session management

  Could you please let me know how to configure coherence integration with oracle weblogic portal for Session management. Its very urgent. please help.

  Please take a look at the following web page -
  http://coherence.oracle.com/display/COH35UG/Coherence*Web+Session+Management+Module
  -Luk

• Bug in session manager. If you work for Sun, please take a look.

  While evaluating what it would take to transition from Iplanet 6 to Sun Webserver 6.1, I found a problem with the Sun Webserver's s1ws60 session managers. If the page is not explicitly flushed before ending, the session cookie JSESSIONID is never sent. So as long as the user continues to visit small pages, they keep getting new sessions (because they are never sent a session id, so the session manager creates a new one every time they visit). The session cookie is sent if larger pages are visited (the buffer is automatically flushes). The session cookie is also sent if out.flushBuffer() is explicitly called within the JSP. This problem was not present in IWS6.0.
  The problem has been tracked down to a combination of the code in com.iplanet.server.http.session.IWSSessionManager (found in the "plugins" directory) and the JSP's Java code generated by a component of the webserver (Catalina?). Under Iplanet, the code generated in the finally{} section of the JSP first flushed the buffer, then called releasePageContext. Under Sun Webserver, the code generated just calls releasePageContext without explicitly flushing the buffer before the call. When flushing the buffer for a non-committed response, the headers are first generated and sent, along with any cookies, including the session cookie. The server only sends the session cookie if, among other things, the session satisfies "_session.isNew()". The order of events in releasePageContext ensures that this is never true when used in combination with IWSSessionManager. I don't have the source code to verify this, but from experimentation I think this is the reason: Before the buffer is flushed, the session is saved by IWSSessionManager.update(session), which at line 498 calls "sn.unsetNew()". So the session is never isNew() when it gets around to sending the session cookie. This can be resolved by either adding an explicit buffer flush to the finally{} section of the JSP, or removing the unsetNew() call from IWSSessionManager. Since I don't know where the code that generates the JSP is (or if I can even change it), I ended up removing the sn.unsetNew() call from the update() function.
  Here's the code generated in the finally{} section using IWS6 and Sun Webserver:
  Iplanet 6
          } finally {
              if (out != null && (out instanceof org.apache.jasper.runtime.JspWriterImpl)) {
                  ((org.apache.jasper.runtime.JspWriterImpl) out).flushBuffer();
              if (_jspxFactory != null) _jspxFactory.releasePageContext(pageContext);
          }Sun Webserver
          } finally {
              _jspx_releaseTags(_jspx_curTag, null);
              if (_jspxFactory != null) _jspxFactory.releasePageContext(pageContext);
          }

  I posted a bug report on this.

• Workgroup Manager - Set default home page for Safari

  Hello
  is it possible to set a default homepage for the a suite of macs using Workgroup manager, for some reason the mac suite are not picking up the homepage set via the proxy, so if it could be changed it would be a great help.
  thanks

  Then just add it yourself. Do this:
  Select any other value available in the com.apple.Safari manifest and then edit the raw xml. This can be done by doing the normal process described above but choosing something other than Home Page. I choose Download location. Then, click back on Accounts and go to the Inspector tab. If you do not have it enable, go WGM's preferences and enable the "show all records tab."
  Once that is visible, select the account that you modified and then click the Inspector tab. From the list, find MCXSettings and turn the reveal arrow down. Select the MCX entry and press the edit pencil. You will see something like this:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
  <dict>
  <key>mcxapplicationdata</key>
  <dict>
  <key>com.apple.Safari</key>
  <dict>
  <key>Forced</key>
  <array>
  <dict>
  <key>mcxpreferencesettings</key>
  <dict>
  <key>DownloadsPath</key>
  <string>~/NEW_Download/</string>
  </dict>
  </dict>
  </array>
  <key>mcx_targets</key>
  <array>
  <string>user-managed</string>
  </array>
  </dict>
  </dict>
  </dict>
  </plist>
  Simply hand enter the value you want so it looks like this:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
  <dict>
  <key>mcxapplicationdata</key>
  <dict>
  <key>com.apple.Safari</key>
  <dict>
  <key>Forced</key>
  <array>
  <dict>
  <key>mcxpreferencesettings</key>
  <dict>
  <key>DownloadsPath</key>
  <string>~/HERE/</string>
  <key>HomePage</key>
  <string>http://www.happy.com/</string>
  </dict>
  </dict>
  </array>
  <key>mcx_targets</key>
  <array>
  <string>user-managed</string>
  </array>
  </dict>
  </dict>
  </dict>
  </plist>
  THen optionally, remove the DownloadPath key and value.
  That should do it for you.

• JMStudio Error  "Can not create session manager"

  Hi,
  I'm trying to transmit an mpg file through a simple pc to pc network, using the transmission wizard in the JMStudio, and everytime it causes a "can not create session manager" error, even when I try to transmit .mp3 file
  I'm using an ip like 100.100.0.1 for the sender machine, and 100.100.0.2 for the receiver machine, and I don't know where is the problem
  thanks in advance

  Um,maybe the port that you use for transmission is already occupied.
  Make sure that you are not using JMStudio to transmit streams while trying to receive streams from the same port.

• What is new with MAX 2.0 and is it compatible with Session Manager?

  We added non-IVI instrument information in, basically the same structure as for IVI instruments,
  into the ivi.ini file to keep all instrument information in the same place. Using MAX Version 1.1 caused no problems whatsoever and the system worked fine. With the advent of MAX 2.0 you seem to use ivi.ini as well as config.mxs to store instrument information. What we have found now is that given a working ivi.ini file from MAX 1.1, we end up with 2 or 3 copies of all the devices in the IVI Instruments->Devices section! When the duplicate entries are deleted and the application exited, the
  ivi.ini file is updated minus the [Hardware->] sections which contain the resource descriptors that our appl
  ications look for. As an added complication, under MAX 2.1 (From an evaluation of the Switch Executive) It behaves the same, except that it almost always crashes with one of the following errors. 'OLEChannelWnd Fatal Error', or 'Error#26 window.cpp line 10028 Labview Version 6.0.2' Once opened and closed MAX 2.1 will not open again! (Note we do not have LabVIEW on the system.) What is the relationship between the config.mxs and ivi.ini now? Also, your Session Manager application (for use with TestStand) extracts information from ivi.ini and may expect entries to be manually entered into ivi.ini (e.g. NISessionManager_Reset = True) i.e. Is the TestStand Session Manager compatible with MAX 2.0?

  Brian,
  The primary difference between MAX 1.1 and 2.x is that there is a new internal architecture. MAX 2.x synchronizes data between the config.mxs and the ivi.ini. The reason you're having trouble is that user-editing of the ivi.ini file is not supported with MAX 2.x.
  Some better solutions to accomplish what you want:
  1. Do as Mark Ireton suggested in his answer
  2. Use the IVI Run-Time Configuration functions. They will allow you to dynamically configure your Logical Names, Virtual Instruments, Instrument Drivers, and Devices. You can then use your own format for storing and retrieving that information, and use the relevant pieces for each execution. You can find information on these functions in the IVI CVI Help file located in Start >> National I
  nstruments >> IVI Driver Toolset folder. Go to the chapter on Run-time Initialization Configuration.
  I strongly suggest #2, because those functions will continue to be supported in the future, while other mechanisms may not be.
  --Bankim
  Bankim Tejani
  National Instruments

• Session management problems with SSO

  Hi all-
  I've been getting an Apex app tied to SSO as a partner app (per http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html). So far, it sort of works. If I go to my apex app, it redirects me to SSO, where I authenticate and end up back in the apex app. Great. Here are two problems I've run into:
  1. If I am already authenticated to SSO, and I go to my apex app (url like: http://host/pls/apex/f?p=101:1), my browser goes into an infinite redirect (url like: http://host/pls/apex/f?p=101:1:::::FSP_AFTER_LOGIN_URL:\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|\\\\\\\\\\\\\\\\\\\). To resolve, I have to clear cookies.
  2. If I am using my apex app, then log out of SSO (in another browser window), I can still click around in my apex app (i.e., apex thinks I'm still authenticated).
  Anyone have any thoughts? I'm wondering if I need to do something in page session management (under authentication schemes) to fix #2, but I have no clue about #1.
  Thanks
  Rob

  Hi Scott-
  Thanks for the info on #2 - I'll work on that after I get #1 sorted out, since it's the more dire problem. Here's some more info:
  Apex version = 3.0.1.00.08
  SSO SDK = ssosdk902.zip
  I set it up as "My Application as Partner App." I used "MY_PARTNER_NAME" as SSO Partner Application Name. In the list of SSO Partner Apps on the SSO Admin page, my partner app name is also MY_PARTNER_NAME. It gives the following info:
  Login URL:      https://sso_host/pls/orasso/orasso.wwsso_app_admin.ls_login
  Single Sign-Off URL:      https://sso_host/pls/orasso/orasso.wwsso_app_admin.ls_logout
  Home URL: http://apex_host/pls/apex
  Success URL: http://apex_host/pls/apex/RBLICK.YOUR_PACKAGE.PROCESS_SUCCESS
  Logout URL: http://apex_host/pls/apex
  RBLICK is the schema owning the apex app. In there, I created a package called YOUR_PACKAGE:
  create package YOUR_PACKAGE as
  procedure process_success(urlc in varchar2);
  end YOUR_PACKAGE;
  CREATE PACKAGE BODY YOUR_PACKAGE AS
  procedure process_success(urlc in varchar2) as
  begin
  wwv_flow_custom_auth_sso.process_success(
  urlc=>urlc,
  p_partner_app_name=>'MY_PARTNER_NAME');
  end process_success;
  END YOUR_PACKAGE;
  Anything look obviously wrong to you?
  Thanks!
  Rob

• Using Session Variables for User Login - sometimes they don't persist... what am I doing wrong?

  Hi all,
  I'm running a site that requires user login.  I approached the building of this site as almost a complete newb to CF (and dynamic coding in general), and it's been a great learing experience (with lots of help from you guys).
  However, I guess I never learned the correct way to handle a user login.  It seemed to me that I could just test the user-entered credentials against those stored in a database, then set a session variable containg that user's record number.  Then, not only would I have an easy way of knowing who this user was and therefore what info to serve him, but I could test for the existence of a valid login on every page in the protected folder, by adding this code to my application.cfc in that folder:
  <cfset This.Sessionmanagement=true>
  <cfset This.Sessiontimeout="#createtimespan(0,8,0,0)#">
     <cfif NOT isDefined ("session.username") or NOT isDefined ("session.password") or NOT isDefined ("session.storeID")>
       <cflocation url="../index.cfm" addtoken="no">
     </cfif>
  ...and it goes on to run a query and verify that the session.username and session.password match for the store defined by session.storeID.  If not, all session variables are cleared and it bounces you back to the login page.  When the user clicks Logout, all I do is delete all the session variables.
  This seemed to work great for like a year, but lately I've been getting reports that the login doesn't seem to persist for longer than approx. 20 minutes of inactivity.  You can see I specified session variables to remain active for 8 hours (I know that seems like a drastically long login, but it's what's necessary for this application).  I've only gotten this report from a few people, and I myself can't seem to duplicate it... I've tested an inactive login for 45 minutes now and it held.
  SO:  any reason you can think of why session variables would be spontaneously clearing for some people?  Would having your router reset its IP address invalidate the session or something?  Also, the problem seemed to begin appearing after my host upgraded all their servers to CF9... could there be any relation?
  And on a more general note... did I go about this completely the wrong way to begin with?  If so, what's the standard way to manage a login?
  Lots of questions, I know... thanks very much for any answers or suggestions!
  Joe

  Ian,
  Thanks very much - very helpful information.
  Sounds like passing the tokens in every request is probably the way to go for this.  I don't think it's likely that any users will be sharing links, unless they actually intend for the recipient to see their info anyway.
  Is that all I would have to do, is add the tokens to every path?  Would that guarantee that all the session variables would remain valid until timeout or being cleared?
  Again, thanks, you've been really helpful.
  Joe
  On Jun 23, 2010 4:37 PM, Ian Skinner &lt;[email protected]&gt; wrote:
  Unfortunately this is the nature of HTTP web applications.  There is NO state maintained from HTTP request to request.  This is by design in the HTTP protocol specifications.
  ColdFusion provides two methods to circumvent this limitation.  Each method has limitations and caveats.  They both rely on the passing of tokens between the client and the server with every request.  These tokens can be passed as cookies OR URL (GET) variables.  You are using the cookie method, which is the simpler and most common. You may be experiencing the limitation of this method.  If something happens to the cookies the session can be lost.
  You could pass the (CFID &amp; CFTOKEN) OR JESSIONID tokens through the URL query string with every request.  This requires one to add these values to every link, form action, cflocation or other request path in our application.  ColdFusion provides the session.urltoken variable to make this easier to do.  The tokens will be visible to the user.  Also if the links with an individual token is share with other users, via e-mail, chat, social networks, etc and one of these users utilize the link during the life of a session (8 hours apparently in your case).  Then that user will access the session of the original user.
  Cookie session management is by far the most common choice by CF developers.  If these methods do not meet your needs you would need to go beyond the HTTP limitations of web applications.  One might be able to accomplish this with a Flex|Air|Flash applications that can be configured to use a continuous connection to the server.  Thus not suffer the stateless nature of the normal HTTP request-response cycle.
  I do not know if a router resetting would cause cookies to be discarded or otherwise invalidated.  But I would not think it is beyond the relm of possibilities.