Session Persistence JDBC
Hi
I have read about the scope of session only for one web application.
When I need to share the session between more than one web application, I
think about use JDBC session persistence.
Do you know if is it possible ?
Thanks
It's possible, please refer to
http://www.weblogic.com/docs51/admindocs/http.html#sessionjdbc for details.
Alex Rojkov
http://www.ObjectReflection.com
[email protected]
We are coming soon...
"Jin Group" <[email protected]> wrote in message
news:[email protected]..
> Hi
> I have read about the scope of session only for one web application.
> When I need to share the session between more than one web application, I
> think about use JDBC session persistence.
> Do you know if is it possible ?
>
> Thanks
>
>
>
>
Similar Messages
-
Fatal bug with shared JDBC Session Persistence
We are attempting to launch a three-tier site with two clusters, one at the
web layer (JSP/servlet/images) and a separate cluster at the app server
layer (EJBs). We are running WebLogic server 4.5.1 Service Pack 8 on Solaris
2.7. In production we use Solaris JDK 1.2.1.04, and in development we use
JavaSoft JDK 1.2.2. We are able to duplicate this problem with both JDKs. We
are using the WebLogic kona/oracle driver for session persistence because
the Oracle JDBC driver would not work for this purpose - we are using the
Oracle OCI driver for our EJB persistence in a separate pool in the app
server cluster.
We attempted to configure our web cluster to work with in-memory session
replication. We found the performance of the WebLogic proxy to be abysmal -
causing a 5x to 10x performance degredation over shared JDBC persistence. We
were running the proxy on WebLogic, which we were advised would be slow. Its
performance is beyond slow, it is completely unusable and should NEVER be a
recommended or even supported configuration. We do not wish to purchase
separate licenses for iPlanet, refuse to run IIS in a production setting,
and cannot use Apache until WebLogic 5.1, so we are stuck with shared JDBC
persistence until we can upgrade to 5.1.
Using JDBC session persistence with a shared persistent store amongst all
the clustered web servers results in our users getting brand-new sessions
populated with data from OTHER USERS' SESSIONS. This is very easy to
replicate using the provided test JSP and java class. This behavior results
in new users coming to the site and finding themselves logged in as other
users.
The test.jsp file simply accesses the session, prints out some information,
and then adds a few values to the session. The JSP prints out the value of
session.isNew(), the session's ID, and the number of values in the session
space. If you hit this jsp with a new browser window, the session should be
new, and the number of values should be zero.
The test Java class hits a URL with this test.jsp file repeatedly, and
checks to make sure that the session is empty. It keeps a counter of the
number of hits which resulted in non-empty sessions and the total number of
hits. Because this java class does not maintain cookie data of any kind and
merely opens new HTTP connections, it should always receive a brand-new,
non-empty session.
When we set the JDBC session persistence property
weblogic.httpd.session.persistentStoreShared=true and run the test, we see
periodically see the test.jsp file receiving a brand-new (session.isNew() =
true), yet non-empty (session.getValueNames().length != 0) session. This is
extremely bad behavior and makes the shared JDBC session persistence setting
worthless. We were able to duplicate this behavior with both a single server
and multiple servers in a cluster.
If we set weblogic.httpd.session.persistentStoreShared=false, then this test
works fine. This also means that we cannot cluster web servers.
To run the test, simply start a WebLogic instance using the provided
properties file, put the jsp in the document-root somewhere, and then run
SessionTest.java, providing the URL of the test JSP as the only command-line
argument. You will need to modify the properties file to have the proper
database settings and document-root. The java class will display a running
tally of the number of hits, and the number of hits that result in
non-empty, illegal sessions, with a total at the end.
So, we are now in a position where we are completely unable to launch our
site in a clustered, no-single-point-of-failure configuration. Obviously,
clustering was one of the main reasons to choose WebLogic, and we are
extremely distressed that we are unable to get this configuration to work.
Any help would be appreciated.
[web.standalone.properties]
[SessionTest.java]
[test.jsp]
I hope this is not too far fetched, but we are expieriencing a similar
problem with jms (messages are mixed up between queues). This happens only
if we are using message persistence in an oracle db (everything works ok
when we are not using persistent messages). Could it be that there is a
serious bug in the jdbc code/oracle driver code or connection handling
(regarding multi threading)? This would explain that, whenever you use
persistence with oracle databases, messages/sessions (or other) are mixed
up.
- Falk
"Grant Kushida" <[email protected]> wrote in message
news:[email protected]...
> We are attempting to launch a three-tier site with two clusters, one at
the
> web layer (JSP/servlet/images) and a separate cluster at the app server
> layer (EJBs). We are running WebLogic server 4.5.1 Service Pack 8 on
Solaris
> 2.7. In production we use Solaris JDK 1.2.1.04, and in development we use
> JavaSoft JDK 1.2.2. We are able to duplicate this problem with both JDKs.
We
> are using the WebLogic kona/oracle driver for session persistence because
> the Oracle JDBC driver would not work for this purpose - we are using the
> Oracle OCI driver for our EJB persistence in a separate pool in the app
> server cluster.
>
> We attempted to configure our web cluster to work with in-memory session
> replication. We found the performance of the WebLogic proxy to be
abysmal -
> causing a 5x to 10x performance degredation over shared JDBC persistence.
We
> were running the proxy on WebLogic, which we were advised would be slow.
Its
> performance is beyond slow, it is completely unusable and should NEVER be
a
> recommended or even supported configuration. We do not wish to purchase
> separate licenses for iPlanet, refuse to run IIS in a production setting,
> and cannot use Apache until WebLogic 5.1, so we are stuck with shared JDBC
> persistence until we can upgrade to 5.1.
>
> Using JDBC session persistence with a shared persistent store amongst all
> the clustered web servers results in our users getting brand-new sessions
> populated with data from OTHER USERS' SESSIONS. This is very easy to
> replicate using the provided test JSP and java class. This behavior
results
> in new users coming to the site and finding themselves logged in as other
> users.
>
> The test.jsp file simply accesses the session, prints out some
information,
> and then adds a few values to the session. The JSP prints out the value of
> session.isNew(), the session's ID, and the number of values in the session
> space. If you hit this jsp with a new browser window, the session should
be
> new, and the number of values should be zero.
>
> The test Java class hits a URL with this test.jsp file repeatedly, and
> checks to make sure that the session is empty. It keeps a counter of the
> number of hits which resulted in non-empty sessions and the total number
of
> hits. Because this java class does not maintain cookie data of any kind
and
> merely opens new HTTP connections, it should always receive a brand-new,
> non-empty session.
>
> When we set the JDBC session persistence property
> weblogic.httpd.session.persistentStoreShared=true and run the test, we see
> periodically see the test.jsp file receiving a brand-new (session.isNew()
=
> true), yet non-empty (session.getValueNames().length != 0) session. This
is
> extremely bad behavior and makes the shared JDBC session persistence
setting
> worthless. We were able to duplicate this behavior with both a single
server
> and multiple servers in a cluster.
>
> If we set weblogic.httpd.session.persistentStoreShared=false, then this
test
> works fine. This also means that we cannot cluster web servers.
>
> To run the test, simply start a WebLogic instance using the provided
> properties file, put the jsp in the document-root somewhere, and then run
> SessionTest.java, providing the URL of the test JSP as the only
command-line
> argument. You will need to modify the properties file to have the proper
> database settings and document-root. The java class will display a running
> tally of the number of hits, and the number of hits that result in
> non-empty, illegal sessions, with a total at the end.
>
> So, we are now in a position where we are completely unable to launch our
> site in a clustered, no-single-point-of-failure configuration. Obviously,
> clustering was one of the main reasons to choose WebLogic, and we are
> extremely distressed that we are unable to get this configuration to work.
> Any help would be appreciated.
>
>
>
>
-
Are Session Persistence And Clustering Inter-related?
Hi,
I'm attempting to set up session persistence (via jdbc) on WL 4.03. I have
configured weblogic.properties according to the admin guide, and I've
written a very simple test servlet. However, whenever I attempt to save a
value with session.putValue(), the following exception is thrown:
"java.rmi.RemoteException: javax.ejb.FinderException: Refresh:
ClusteredSession:
308978692445-1/-1094565652488309727/-1062731518/4/7011/7011/7012/7012 not
found"
The WL instance I am using is not part of a cluster. Is clustering
required for session persistence? If not, should I be using something other
than the normal HttpSession class?
Thanks,
John
Please disregard. The problem was due to an error in the definition of the
WL_SERVLET_SESSIONS table.
-
Types of session persistence in clustering
does anybody know what are the types of session persistence in clustering(In-memory replication,Database persistence etc..)
what is the advantages and disadvantages of each type?
we r using oracle appserver 10.1.2.Hi,
HttpSession replication is little different from JNDI replication. In JNDI replication the JNDI objects are binded(Replicated) to all the members JNDI tree. But in case of Http Session Replication the HttpSession Object gets binded only to the Primary and Secondary JVM (WebLogic Instances). So if both Promary and Secondary WebLogic Server Goes Down then it is *"DISASTER"* and you cannot prevent the Disasters when it happens.
But you can minimize the Disaster effects by chosing *"Using Replication Groups"*...It means you can decide in which all nodes of the cluster you want your Secondary HttpSession should be replicated.... Please refer to : http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/failover.html
By default, WebLogic Server attempts to create session state replicas on a different machine than the one that hosts the primary session state. You can further control where secondary states are placed using replication groups. A replication group is a preferred list of clustered servers to be used for storing session state replicas. Using the WebLogic Server Console, you can define unique machine names that will host individual server instances. These machine names can be associated with new WebLogic Server instances to identify where the servers reside in your system..
Thanks
Jay SenSharma
http://middlewaremagic.com/weblogic/?p=2649 (Middleware Magic Is Here) -
Problems disabling restart session persistence in Tomcat
I'm running Tomcat 5.5.17. I've been working on an application for quite some time when the tomcat logs suddenly started to fill up with the following errors each time I restart Tomcat:
2006-09-29 21:15:10,539 | WARN | StandardSession.java | writeObject() | 1468 | Cannot serialize session attribute publicPictures for session 9184A48FEFC99FAA3573A4DE1F75CCD5
I've searched the web, and found out that the reason for this is that Tomcats "Restart Session Persistence" is turned on. So how do I turn that off?
According to a few sites in the web there should be a file called application.xml, in which I can put the line <Manager pathname=""/> to disable the Session Persistence manager. The problem is that on my Tomcat installation there's no such file.
So I tried to create the file $CATALINA_HOME/conf/application.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE application PUBLIC '-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN'
'http://java.sun.com/dtd/application_1_3.dtd'>
<application>
<Manager pathname=""/>
</application>But this had no effect at all. So can someone please explain to me how I can disable the Session Persistence manager?I had a similar problem in that during restarts sometimes I would get messages about null pointer exceptions which seemed to be related to attempted session persistence. I never paid a lot of attention but eventually decided to do something about it, i.e disable session persistence, since the errors seemed to slowdown restarts.
Based on this:
http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html
I added a Manager element to my main Context element, using the standard manager class and setting the pathname attribute to an empty string:
<Context path="/" debug="1" reloadable="true" crossContext="true">
<Manager class="org.apache.catalina.session.StandardManager" pathname="" />
</Context>
Since the errors I was getting were sporadic anyway I cannot definitively say this fixed it but I have not seen any errors since making the change and shutdowns seem to go faster now. -
Revision: 939
Author: [email protected]
Date: 2008-03-26 13:35:44 -0700 (Wed, 26 Mar 2008)
Log Message:
Bug: BLZ-67 - Should turn off session persistence in the Tomcat server we ship.
QA: No
Doc: No
Checkintests: Pass
Details - Turning off session persistence in the version of Tomcat that ships with BlazeDS. We don't store much in the session so session persistence doesn't make much sense for us. Users should feel free to turn this back on if they feel they need it.
Ticket Links:
http://bugs.adobe.com/jira/browse/BLZ-67
Modified Paths:
blazeds/branches/3.0.x/servers/apache-tomcat-6.0.14/conf/context.xmlHi, thank you for your replies, I found out few things about my servlet, and its portability
and i have few questions, although i marked this topic as answered i guess its ok to post
I am using javax.servlet.context.tempdir to store my files in that servletcontext temporary directory. But i dont know how to give hyperlink
of the modified files to the user for them to download the modified files.
What i am using to get the tempdir i will paste
File baseurl = (File)this.getServletContext().getAttribute("javax.servlet.context.tempdir");
System.out.println(baseurl);
baseurl = new File(baseurl.getAbsolutePath()+File.separator+"temp"+File.separator+"files");
baseurl.mkdirs();so i am storing my files in that temp/files folder and the servlet processes them and modifies them, then how to present them as
links to the user for download ?
and as the servlet is multithreaded by nature, if my servlet gets 2 different requests with same file names, i guess one of them will be overwritten
And i want to create unique directory for each request made to the servlet , so file names dont clash.
one another thing is that i want my servlet to be executed by my <form action> only, I dont want the user to simply type url and trigger the servlet
Reply A.S.A.P. please..
Thanks and regards,
Mihir Pandya -
Outlook credentials enterprise persistence vs logon session persistence - hosted Exchange
We moved from an internal AD integrated Exchange 2010 environment to an external hosted Exchange 2010. Prior to the move credentials were passed through and never needed. Since the move a large number of Outlook clients have not been storing
credentials correctly. The credentials show up in the windows credential manager with "Logon Session" persistence which means they disappear after the next logoff or restart. The option to remember credentials is checked when Outlook
prompts the user. Client machines are Windows 7 SP1 x64. For Outlook 2010 14.0.7015.1000 I did not find a fix. A workaround I've come up with on Outlook 2013 15.0.4569.1506 is to manually recreate each of the credential manager entries created
by Outlook via "add a generic credential", which then stores them with "Enterprise" persistence which keeps the info across logoffs/restarts. This solves the problem until the password expiration hits in 90 days at which point the
new info has to be reentered into the credential manager. These are the three generic credentials entries I am manually typing into the credential manager including the parentheses character for character, with the user's full email address as username
in each case to gain enterprise persistence:
Internet or network address: MS.Outlook.15:[email protected]:PUT
Internet or network address: [email protected] (Windows Identity)
Internet or network address: external.exchange.server.net
local autodiscover override in use -
[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\AutoDiscover]
"domain.com"="\\\\domain.com\\sysvol\\domain.com\\scripts\\autodiscover.xml"
"PreferLocalXML"=dword:00000001
"ExcludeHttpsAutodiscoverDomain"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000001
"ExcludeScpLookup"=dword:00000001
"ExcludeSrvRecord"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\AutoDiscover\RedirectServers]
"external.exchange.server.net"=hex(0):
Why is enterprise persistence not happening automatically when the user checks the option to remember the credentials at an Outlook prompt?Solved, it was a MS patch. After removing the KB2956087
the problem disappeared. -
Cisco ace Load balancer not maintaining session persistence
Hi All,
We have observed from the IIS logs on the internal webservers that loadbalancer is not maintaining session persistence for two specific request for the internal servers.
https://123.xyz.com/Webresource.axd
https://123.xyz.com/ScriptResource.axd
Error
Webresource.axd : 500
Scriptresource.axd: 404
Session persistence is maintained for all other requests hitting loadbalancer.
Issue is observerd on hits for these two specified components. WebResource.axd and ScriptResource.axd are Http Handlers used by ASP.NET and Ajax to add client-side scripting to the outgoing web page.
For e.g /WebResource.axd d=t2GXfySdqWmJ-lZSI0KVbw2&t=634868473645172160 is valid for server 1 and return 200 response but the same request is seen on few other servers where the response is 404 even though load balancer cookie is same. This means that if the request for the both the axd contains a valid decrypter and it connects to the right server then the response seen is 200.
The url passed by the user contains d and t parameters when are unique for each user session.
Solution tried:
Accessed website via another VIP without http redirect rule but could not see difference.
Tried to match machine key across all servers : Failed . Could see the ‘d’ value different for each server.
Load balancer VIP :
x.x.x.x
redirect: http > https
SSL Offload : ON
Poool:
WEB1
WEB2
WEB3
WEB4
WEB5
All servers listening on port 80
sticky config:
sticky ihttp-cookie cookie1 vip-1.1.1.1-80-stickyfarm
cookie insert browser-expire
replicate sticky
serverfarm vip-1.1.1.1_80
sticky http-cookie cookie1 vip-farm:1.1.1.1:443
cookie insert browser-expire
replicate sticky
serverfarm farm:1.1.1.1:443
Has anyone else come across similar issue?
Can you plese check if there is any config on cisco ace that will ensure that session persistence is maintained for these 2 requests.
Thank you for all the help.
regards,
SangramHello Sangram,
We would need simultanous packet traces before and after the ACE to get to the root cause of this issue so I would recommend that you open a cisco tac case for more in depth troubleshooing of this issue.
Joel Lamousnery
CCIE R&S - 36768
Engineer, Customer Support
Technical Services -
Hello,
We use javax.persistence_1.0.0.0_1-0-2.jar and org.eclipse.persistence_1.0.0.0_1-2-0.jar. We have org.eclipselink.persistence.jdbc.user/url/driver/password in persistence.xml with "org.eclipse.persistence.jpa.PersistenceProvider" being the provider. But we started to see WARNING complain about org.eclipselink.persistence.jdbc... being deprecated and suggested using javax.persistence.jdbc...
Could someone confirm that javax.persistence.jdbc... should replace org.eclipselink.persistence.jdbc... in persistence.xml file? Thanks.All parameters needed to make connection are going to be standardized in incoming JPA 2.0.
If you take a look at chapter "8.2.1.9 properties" of "[Java Persistence 2.0, Proposed Final Draft 2|http://jcp.org/aboutJava/communityprocess/pfd/jsr317/index2.html]" you will find them there. And since EclipseLink is being referential implementation for JPA 2.0 its not surprise that old ones are being deprecated. -
Declarative Transactions, Session Beans & JDBC
Hi (this is really a newbie question),
If I executed an SQL Update statement in a Stateless Session Bean via JDBC,
is my call to the database enlisted in the container transaction
automatically? (Of course, I am assuming the correct TxRequired settings
are set on the deployment descriptors for the Session Bean.)
Asked in another way, how does JDBC "talk" to the EJB container to let it
know that it is being called within a Transactional Context and that all
activities with the database should then be enlisted in a transaction
automatically? Where does this "smartness" come in? Or does this not happen
at all - do I have to "obtain" the JDBC connection object from the EJB
container instead of writing directly to JDBC?
Thanks in advance,
Abdullah KauchaliCorrect.
I'd also recommend (where possible), doing the DataSource JNDI lookup in
your setSessionContext method and storing it away in a member variable.
There's usually no reason to do it on every method call.
-- Rob
Abdullah Kauchali wrote:
Okay,
After some investigations, this is what I've learned:
1. To get automatic transactional enlistment (in a distributed tx), you
have to make your EJB container aware of the JDBC datasource (viz. you have
to create a Transactional DataSource). This is done by creating necessary
entries in a configuration XML file so that the container can connect to the
JDBC datasource when fired-up;
2. You then only create your Connection object via a reference (JNDI to be
exact) to the connection object and NOT directly with JDBC (this was my
confusion in fact). Something like this:
//obtain the conduit to the JNDI resource manager factory
javax.sql.DataSource objDS = (javax.sql.DataSource)
context.lookup("~some jndi
reference~");
//now get the connection object - notice no "javax" but "java"
java.sql.Connection objCon = objDS.getConnection();
3. By doing 2. above you are actually using a "Resource Manager Connection
Factory" to get your Connection object for subsequent SQL Updates;
4. As long as your JDBC driver supports the javax.sql.DataSource interface
and provided Transactional Context is propagated from any root call to your
worker Session Bean, you get automatic transaction enlistment of the SQL
Updates with your EJB container;
Please correct me if I have concluded wrongly,
Regards
Abdullah
"Abdullah Kauchali" <ak@ak> wrote in message
news:[email protected]...
Hi (this is really a newbie question),
If I executed an SQL Update statement in a Stateless Session Bean viaJDBC,
is my call to the database enlisted in the container transaction
automatically? (Of course, I am assuming the correct TxRequired settings
are set on the deployment descriptors for the Session Bean.)
Asked in another way, how does JDBC "talk" to the EJB container to let it
know that it is being called within a Transactional Context and that all
activities with the database should then be enlisted in a transaction
automatically? Where does this "smartness" come in? Or does this nothappen
at all - do I have to "obtain" the JDBC connection object from the EJB
container instead of writing directly to JDBC?
Thanks in advance,
Abdullah Kauchali -
Session persistence across web apps
Hi,
I am working on a project where we have two web applications deployed in single enterprise application. I want the session object to be shared across the web applications.
Does weblogic had any mechanism to allow for the session object to be shared across the multiple Servlet contexts inside a single enterprise application?
I am using Weblogic 8.1
Thanks,
AnilSession data is not shared between web applications. User data is definantly important to share between applications. The single-sign-on security option is an example of this. But that's kindof a black box. If you use single-sign-on, then simply getting the remote user from the request in your servlet can be used as a key to get user data from your persistance layer (ejb's or jdbc or even jms).
If you don't want to use single-sign-on, you can use a filter. There's some url prestidigitation, also, but otherwise this approach is pretty simple:
1. Protect access to all of your web-app's urls with some naming convention /webappname/secure*. However, don't use these urls in any web page. All servlets and jsps you use should map names beginning with "secure".
2. Filter all access to your webapp (this is a new feature in servlet spec 2.3). Within the filter, use the session id as a key to find out if the user is already login to any other web application. You will need a stateless session bean to do this. The doFilter would be something like this:
SecurityBean securitybean = Utilities.getSecurityBean();
HttpSession session = request.getSession(true);
if (session.getAttribute("myuserdata") == null){
UserData userdata = securitybean.getUserdata(sessionid);
if(userdata != null)
session.setAttribute("myuserdata",userdata);
... now forward the request to the "secure*" url in the filter. If the user was logged in with the slsb securitybean, then your web app will have all of your user data. If the user is not logged in by the securitybean, then the login prompt established in your web.xml will pop-up.
The only extra work is to have a slsb securitybean. This can use the RoleManager in oc4j or it can use the jaas implementation in oc4j to log the user in, using the sessionid to get the username.
The shared="true" attribute should be used for all application in the *-web-site.xml, so that the sessionid's are the same.
regards,
the elephantwalker
www.elephantwalker.com -
Hello everyone,
I'm currently working with WL 6.1 and I'm having trouble with the
persistence of some session variables which are initially created
correctly on the server side, and they get lost (null) once the Web
clients need to access its value.
This is the error which is being written on a log file:
<May 13, 2003 3:05:09 PM EDT> <Error> <HTTP Session> <Could not
deserialize session data
java.io.NotSerializableException:
Things were woriking perfectly, but suddenly after bouncing the server
instance several times, in order to pick up the latest changes in my
classes, I started to get this error once the server tries to load the
jsp.
JSP Code:
<%
Integer businessID = (Integer) session.getAttribute("business_id" );
Util.isCapitolBusiness(businessID.intValue())
%>
I appreciate your help.
Regards.
g.
is the object being put in session context serializable.. Also in
other to avoid any generated classes issues delete all the classes
whcih weblogic generates as part of deploying the application. That
should atleast mitigate one explanation for your problem.
Hope this helps
~a
[email protected] (Gabriel Ornelas De Luna) wrote in message news:<[email protected]>...
> Hello everyone,
> I'm currently working with WL 6.1 and I'm having trouble with the
> persistence of some session variables which are initially created
> correctly on the server side, and they get lost (null) once the Web
> clients need to access its value.
> This is the error which is being written on a log file:
>
> <May 13, 2003 3:05:09 PM EDT> <Error> <HTTP Session> <Could not
> deserialize session data
> java.io.NotSerializableException:
>
> Things were woriking perfectly, but suddenly after bouncing the server
> instance several times, in order to pick up the latest changes in my
> classes, I started to get this error once the server tries to load the
> jsp.
>
> JSP Code:
> <%
> Integer businessID = (Integer) session.getAttribute("business_id" );
> Util.isCapitolBusiness(businessID.intValue())
> %>
>
> I appreciate your help.
> Regards.
> g.
-
Help with JSP, session, login, JDBC.
This is the template login.jsp file I have at the moment.
<%@ page errorPage="errorPage.jsp" %>
<%
String login = (String)request.getParameter("loginname");
if (login == null || login.equals("")) {
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Final//EN">
<HEAD>
<TITLE>Login Page</TITLE>
<STYLE>
<!--
font.loginhead {
font-family: Arial,Helvetica,sans-serif;
font-size:12pt; font-weight: 600; color: #000000;
font.loginform {
font-family: Arial,Helvetica,sans-serif;
font-size:10pt; font-weight: 600; color: #ffffff;
-->
</STYLE>
</HEAD>
<BODY>
<jsp:include page="debug.jsp" flush="true" />
<CENTER>
<FONT CLASS="loginhead">
LOGIN REQUIRED:
</FONT>
<BR>
<FORM NAME="loginform" METHOD=post>
<TABLE BGCOLOR=#990022 BORDER=0 CELLPADDING=5 CELLSPACING=0>
<TR><TD ALIGN=right>
<FONT CLASS="loginform">
Login Name:
</FONT>
</TD><TD ALIGN=left>
<FONT CLASS="loginform">
<INPUT TYPE=text NAME="loginname" SIZE=10>
</FONT>
</TD></TR>
<TR><TD ALIGN=right>
<FONT CLASS="loginform">
Password:
</FONT>
</TD><TD ALIGN=left>
<FONT CLASS="loginform">
<INPUT TYPE=password NAME="loginpassword" SIZE=10>
</FONT>
</TD></TR>
<TR><TD COLSPAN=2 ALIGN=center>
<FONT CLASS="loginform">
<INPUT TYPE=SUBMIT VALUE="Login">
</FONT>
</TD></TR>
</TABLE>
</FORM>
</CENTER>
</BODY>
</HTML>
<%
} else {
Checking against database that username and password are correct.
session.putValue("login", login);
session.setMaxInactiveInterval(600);
String loginpoint
= (String)session.getValue("loginpoint");
if (loginpoint == null) {
StringBuffer defaultpoint = new StringBuffer();
defaultpoint.append(request.getScheme())
.append("://")
.append(request.getServerName())
.append("/");
loginpoint = defaultpoint.toString();
} else {
session.removeValue("loginpoint");
response.sendRedirect(loginpoint);
}I know as much as how connect to the database, create a statement and check to see if the username and password are correct, I dont know how to actually take what the user has typed in and put it in an mysql query. I have an idea that maybe I can convert Login and Loginpassword to Strings but I don't know how to do this.
This is how I plan to connect to the database above
//here I need to have login and loginpasword in separate Strings so I can use them in a query.
Connection connection;
Class.forName("com.mysql.jdbc.Driver").newInstance();
connection = DriverManager.getConnection("jdbc:mysql://localhost/Users");
Statement statement=connection.createStatement();
String qry="select PassWord from customers where UserName='"+stringLogin+"'";
ResultSet rs= statement.executeQuery(qry);In my login.jsp file above I don't understand the following code, and why it is needed. Can someone explain please.
session.putValue("login", login);
session.setMaxInactiveInterval(600);
String loginpoint
= (String)session.getValue("loginpoint");
if (loginpoint == null) {
StringBuffer defaultpoint = new StringBuffer();
defaultpoint.append(request.getScheme())
.append("://")
.append(request.getServerName())
.append("/");
loginpoint = defaultpoint.toString();
} else {
session.removeValue("loginpoint");
response.sendRedirect(loginpoint);
}Hope you can understand what I'm trying to explain what my problems are.Im not sure what your exact question is. However, I can
throw a few things out there.
1) You need an action to handle the form request
<FORM NAME="loginform" METHOD=post ACTION="login.jsp">2) Then get the username and password from the request
String uname = (String)request.getParameter("loginname");
String pass = (String)request.getParameter("loginpassword");3)Then you can just add them to the query string
String qry="select PassWord from customers where UserName='"+uname+"'";4) Also check for valid password
ResultSet rs= statement.executeQuery(qry);
if(rs.next()) {
String p = res.getString("PassWord");
if (p.equals(pass)) {
//valid user
session.setAttribute("valid_user", "true");
// now you can get valid_user from session at top of login.jsp
}5) I cant find where loginpoint is set in the session, but the idea
of the code below appears to be the logic of where to direct the user
which I think would be dependent upon the validation of the user.
session.putValue("login", login);
session.setMaxInactiveInterval(600);
String loginpoint
= (String)session.getValue("loginpoint");
if (loginpoint == null) {
StringBuffer defaultpoint = new StringBuffer();
defaultpoint.append(request.getScheme())
.append("://")
.append(request.getServerName())
.append("/");
loginpoint = defaultpoint.toString();
} else {
session.removeValue("loginpoint");
response.sendRedirect(loginpoint);
}You might try splitting the login into two pages to start out if you are having
some difficulty. -
How can I get the same session with jdbc?
HI
After I create or use a JDBC connection,
i do a query.
How can I get the same session next time?
thanks a lot!Hi qin,
Unless I have misunderstood your question, a 'connection' and a 'session' are the same thing. When you obtain a database connection, you have created a database session. Once you close that connection, the session dies -- it no longer exists. You cannot obtain the same 'session' when you get another database 'connection' (after you closed the first one).
Hope this answers your question.
Good Luck,
Avi. -
Please, Help me with keeping SESSION persistence
Hi guys,
I run into the problem when I can't pass a Java Bean because session is lost.
What am I doing: First, I start my webserver - tomcat, but DON'T open a browser. Then I start some Agent program in Java which sends a request to Tomcat - URL to JSP page(setAgent.jsp), passing all the parameters (with url.openStream())
This setAgent.jsp creates Java Bean with <jsp:useBean id="sdbean" class=...scope="session"/>, sets all the parameters into the bean.
Then I open my Netscape browser calling another JSP(getAgent.jsp) which wants to access this bean (also with <jsp:useBean.../>, sdbean.getName()) and this bean is empty - no data like brand new bean.
But when I call setAgent.jsp?... directly in the browser and then getAgent.jsp - then that Java Bean is populated.
So I figured that the session is not the same.
How to preserve the session or what is the other approach to pass the data through the web server without opening browser? Or how to retrieve that previous Session? If I simply get Session_ID what can I do with it?
Thanks a lot.
GeneIsn't this the same thing you asked here?
http://forum.java.sun.com/thread.jsp?forum=45&thread=469430
Maybe you are looking for
-
Multiselect list in APEX 3.2.1.00.12
Hello, I'm having troubles with a multiselect list that could potentially return a very large result set. I have a function called 'GET_LIST' that basically calls the apex_util.STRING_TO_TABLE(p_string,p_delimiter); function since the multiselect lis
-
I purchased a new Macbook Pro on Friday and i'm very pleased with it. I do have some issues, however, and I hope you can help me please... MPEG: I had alot of these on my PC, and whilst I got told these formats were not Windows-only, Quicktime and iT
-
Iphoto book flagged photos not showing and cannot be added to my book
.
-
ITunes starts up as 'Not Responding'
iTunes was working fine a few minutes ago, but now when I try and start it up it is not responding. When I click the icon to startup, my screen just goes white. When I go into Task Manager iTunes is not responding. I cannot minimize it, but I can use
-
Hi guys, I'm in a situation where my Apple HDD Toshiba MK5065GSXF Media has completely given up on me. I cannot understand why Toshiba is being used anyhow, together with SeaGate these were assured failures back when I did IT. My question however is: