Session var question
never mind...got it
Edited by: mbowles on Aug 27, 2009 6:03 AM
To answer your question no. For security reasons, you cannot retrieve a sessoin using its ID.
Is it an extremely secure piece of information?
If the servlet and applet are talking to the same web application, you could possibly pass the data via the application scope (have a map in application scope, keyed by the session ID, and put the value to pass in that)
Its not completely secure, because any servlet/jsp in the application can view that data, but it is a sidestep hack to accomplish what you wish :-)
Similar Messages
-
ok, I set a session var to about 2K of text
I have an iframe which is part of a menu navigation system.
The content of that iframe is slow to get from the DB so I
cache the HTML for it into a session var.
If a user clicks a link, the iframe submits to itself, does
a few things, and then cflocation's out to the chosen page.
The next time this iframe is loaded( almost immediately) it
reads the session var and it is EMPTY!
I'm not overwriting it, not structDelete'ing it, Any time I
set it outside of this page, it's done with a check to see
if it isDefined first, and if so, does nothing.
Are there known issues with CFParam? large text session vars?
WTF?
D.dnagel wrote:
> ok, I set a session var to about 2K of text
>
> I have an iframe which is part of a menu navigation
system.
> The content of that iframe is slow to get from the DB so
I
> cache the HTML for it into a session var.
>
> If a user clicks a link, the iframe submits to itself,
does
> a few things, and then cflocation's out to the chosen
page.
>
> The next time this iframe is loaded( almost immediately)
it
> reads the session var and it is EMPTY!
>
> I'm not overwriting it, not structDelete'ing it, Any
time I
> set it outside of this page, it's done with a check to
see
> if it isDefined first, and if so, does nothing.
>
> Are there known issues with CFParam? large text session
vars?
>
> WTF?
>
>
> D.
So, I pulled out Fiddler, and lo and behold I was
making a call to my page with no params at one part
of the load and then later on, calling it again
properly with the correct params. I'm checking
for an empty URL param set now and all is well...
Thanks for your time on this folks!
D. -
Hi all, I have small js that is being called when a radio button is clicked. I need that to set a cf session var which will have the radio value so that when the page refresh it will remember what is selected...
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<cfif cgi.PATH_TRANSLATED CONTAINS 'index.cfm'>
<cfoutput>
<META HTTP-EQUIV="refresh" content="60;URL=http://#HTTP_HOST#/NEA/index.cfm?location=ALL">
</cfoutput>
</cfif>
<script type="text/javascript">
function select_location(select_me){
window.location ="index.cfm?location=" + select_me.value;
</script>
<input <cfif url.location eq "NM">checked="checked"</cfif> type="radio" name="location" id="NM" value="NM" onClick="select_location(this);"><label for="NM">NM</label>
<input <cfif url.location eq "SM">checked="checked"</cfif> type="radio" name="location" id="SM" value="SM" onClick="select_location(this);"><label for="SM">SM</label>
<input <cfif url.location eq "BQ">checked="checked"</cfif> type="radio" name="location" id="BQ" value="BQ" onClick="select_location(this);"><label for="BQ">BQ</label>
<input <cfif url.location eq "MV">checked="checked"</cfif> type="radio" name="location" id="MV" value="MV" onClick="select_location(this);"><label for="MV">MV</label>
<input <cfif url.location eq "SI">checked="checked"</cfif> type="radio" name="location" id="SI" value="SI" onClick="select_location(this);"><label for="SI">SI</label>
<input <cfif url.location eq "BR">checked="checked"</cfif> type="radio" name="location" id="BR" value="BR" onClick="select_location(this);"><label for="BR">BR</label>
<input <cfif url.location eq "HV">checked="checked"</cfif> type="radio" name="location" id="HV" value="HV" onClick="select_location(this);"><label for="HV">HV</label>
<input <cfif url.location eq "ALL">checked="checked"</cfif> type="radio" name="location" id="ALL" value="ALL" onClick="select_location(this);"><label for="ALL">ALL</label><br>JavaScript runs on the Client. ColdFusion runs on the server. They do not talk to each other or share memory.
The only way to get data from the client to the server is to make a request. The only way to get data from the server to the client is to respond to a request.
You can make that request by submitting a form either in the get or post scope.
You can make that request by sumitting a request with the xmlHTTPrequest() function, commonly called AJAX.
But somehow or the other you have to make a request. -
Session Vars and Local Firewalls
I've been getting more complaints lately that session vars
are getting lost and normally I walk them through making sure
cookies are enabled, but now that doesn't seem to be always the
case anymore and have finally isolated it to when they install a
firewall. If they disable it works, but when on it doesn't. Is
there anything I can do besides telling them not to use their
firewall?
Server specs:
ColdFusion MX 6.1 on a non-clustered environment.
User:
Using IE and using "e-trust EZ Armor"I assume then, you are storing variables in cookies, rather
than registry or database then, correct?
Are these local firewalls? (on the actual PC) or H/W on a
network?
If they are local, the firewall itself may be eliminating the
cookie storage, not the browser ... if it is, it likely has a way
to change the settings.
There's not much you can do if you are forced to use cookies
for sessions (which is very common) other than altering your coding
or having the user change their settings.
If you have access to the CF admin, you may try setting up a
DB service for variable storage, which is an option. -
Delete a session var(struct)
Is there a way to delete a session var(struct) rather then
just clear it?
Thanks in advance!I'm hoping to struct completely. Is that possible?
I am presuming that you meant to say something like "to
destroy the
struct completely". If so, just set the variable to something
else.
I.E.
<cfset aStruct = structNew()>
<cfset aStruct.aKey = "foobar">
<cfdump var="#aStruct#">
<cfset aStruct = ""><!--- Some sort of NULL would
probably be nice here
but CF does not do really NULLS --->
<cfdump var="--->#aStruct#<---"> -
I'm trying to assign session. var to domain names. E.G
(mydomainname.com) and (somthingdiff.com)
so if user went to mydomainname.com then went to
somthingdiff.com this would contain the same session.var.I don't think you can do that. You are ending a session on
mydominname.com and starting a new one on somthingdiff.com. Pass
your variable in the URL. -
Session vars, CFCs and CFHTTP
Hi guys
I'm using session vars to maintain whether or not a user is
logged in on our site. The only problem is is that the session vars
seem to be lost after I call a CFC that then does a CFHTTP post.
Does anyone know how I maintain the session vars?
I'm using CF MX 7
All the best
Wezwezcornell2008 wrote:
> Hi guys
>
> I'm using session vars to maintain whether or not a user
is logged in on our
> site. The only problem is is that the session vars seem
to be lost after I call
> a CFC that then does a CFHTTP post.
>
> Does anyone know how I maintain the session vars?
>
> All the best
>
> Wez
>
Why do you say they are lost? Are you sure you did not just
misplace them?
In other words nothing about CFC's or CFHTTP would
intrinsically destroy
session variables in memory. But they could easily not have
access to
the scope as you desire if you do not understand how
templates and cfml
code are associated with a given session scope when it is
running in memory. -
Null value in Session vars and request.getParameter
We're migrating our application from iPlanet.
Under iPlanet, when we looped through a resultset and set the values to
session variables - it worked fine, even when a resultset value was null,
but in WebLogic, I get the following error:
java.lang.IllegalArgumentException: key/value is null
Is there anyway to "turn this off" so it behaves like iPlanet?
My second question is that we have many JSP's that check to see if a
parameter is null in javascript:
Here's the code:
function onLoad() {
document.form.elements[0].focus();
// Check to see if the user is coming from a shortcut
var imageName = "<%=request.getParameter("imageName")%>";
if (imageName == "null") {
selectTop("<%=select_image%>");
} else {
selectTop(imageName);
<% if (tableIndex == 2) { %>
loadShortcutIcon(13,100);
<% } %>
in iPlanet, when the parameter "imageName" is not in the URL, the javascript
variable gets set to "null" - but in WebLogic, it is set to a blank string -
"". Is there anyway to make this return null like iPlanet?
Thanks,
Matt
Hi,
the URL parameter is added just for the request to the page. When you press the command button then you issue a new request that does not have a URL parameter added. To work around this, you can use a PhaseListener that stores the URL request parameter in the session for later use
Frank -
Session Timeout Question in EME
If I login to eManager Web and instead of logging out I just close the browser will I be logged out? Will the license be released? What is the session timeout for this and is it possible to set this value?
If you close the browser in e-Manager Enterprise Web instead of logging out there is a TimeOut that will release your license. This can be seen and is reported on in the e-Manager logs. By default the session TimeOut value is 30 minutes. You can find this and/or change this value by opening "<installdir>\Empirix\EmpAppServer\server\default\deploy\jbossweb-tomcat55.sar\conf\web.xml" in a notepad. Once the file is open, go the the ?Default Session Configuration? Section. Here you can change the TimeOut value. You will then need to save the file and restart the Empirix Application Service. The idle sessions are retired after the specified timeout is reached and the licenses are also checked upon this value. I hope this answers your questions.
-
Session Var set onSessionStart is Undefined
Hello,
I am having an issue with a session variable becoming undefined. The var is set (cfparam) on the Application.cfc page in the onSessionStart function. How is it possible for the variable to be undefined if it is set when the session starts? If the session has expired, wouldn't the onSessionStart function run, thus creating the var again? I have this problem on a couple of different applications and I am not sure why it is happing. Any ideas?
CF9
Thanks,
JoshJavaScript runs on the Client. ColdFusion runs on the server. They do not talk to each other or share memory.
The only way to get data from the client to the server is to make a request. The only way to get data from the server to the client is to respond to a request.
You can make that request by submitting a form either in the get or post scope.
You can make that request by sumitting a request with the xmlHTTPrequest() function, commonly called AJAX.
But somehow or the other you have to make a request. -
General Design With Database and Session Bean Question
I have an application I am developing where users connect to individual databases located on a server. When they login an admin table is accessed which shows what databases they have permissions to. I am then storing the connection to the database in a backing bean. Hoping to use this connection throughout the session. Is this a good practice to have a users connection left open over the session? I can't create a database pool for each individual database and each user for that database.
If I can store that database connection in a session bean. How do I access that connection from another bean. Or from another java class? I am using Glassfish for my application server with JSF1.2. I have looked at resource injection but have not had any luck with sharing the session bean information.
Sorry if this is a trivial question. I have been a Java developer for years. But just starting developing webapps using JSF.
ThanksJuCobb2 wrote:
I am then storing the connection to the database in a backing bean. Hoping to use this connection throughout the session. Is this a good practice to have a users connection left open over the session? No it is not. Why should you do so? Always keep the lifetime of connection, statement and resultset as short as possible. -
Hello...I have two questions re: substitution variables.<BR><BR>1. I believe Essbase evaluates sub vars "bottom-up"--that is, if you have the same variable name at multiple levels (database, application, server), Essbase uses the value from the lowest level. This is the case regardless of whether you're using the variable in a calc, report script, spreadsheet retrieval, etc. Is this correct?<BR><BR>2. What in the world does the "Set Substitution Variable Scope" command in the calc script editor do? It doesn't effect syntax checking, or the way the calc runs. I've also noticed this command doesn't exist in EAS...<BR><BR>Thanks,<BR>Jared<BR><BR>
You already have a spry horizonal menu that you appear to be using as a vertical. You might be able to insert another <ul> within the <li>, like so
<ul id="MenuBar1" class="MenuBarHorizonal">
<li><a class="MenuBarItemSubmenu" href="#">Item 1</a>
<ul>
<li><a href="#">Item 1.1</a></li>
<li><a href="#">Item 1.2</a></li>
<li><a href="#">Item 1.3</a></li>
</ul>
</li>
If that does not work, perhaps you might just want to delete what you have and insert a vertical spry menu.
I also notice all of your html files start with caps, looks like you have an Index html and a index.html. I'm guessing that gave you a few headaches.
Gary -
V$SESSION columns question
Hi Gurus
I have a question regarding of the meaning of some columns in the V$SESSION table. I wonder what does the values in the following columns means?
ROW_WAIT_O
ROW_WAIT_F
ROW_WAIT_B
TADDR
LOCKWAIT
I find out that these columns always have some values when my users unable to log into the application. Even I kill the session that have lockwait, other users are still unable to connect and it happens around once every 2 months.
Thanks for the answer in advanced
OuiV$SESSION
This view lists session information for each current session.
Column Datatype Description
SADDR
RAW(4 | 8)
Session address
SID
NUMBER
Session identifier
SERIAL#
NUMBER
Session serial number. Used to identify uniquely a session's objects. Guarantees that session-level commands are applied to the correct session objects if the session ends and another session begins with the same session ID.
AUDSID
NUMBER
Auditing session ID
PADDR
RAW(4 | 8)
Address of the process that owns this session
USER#
NUMBER
Oracle user identifier
USERNAME
VARCHAR2(30)
Oracle username
COMMAND
NUMBER
Command in progress (last statement parsed); for a list of values, see Table 3-3. These values also appear in the AUDIT_ACTIONS table.
OWNERID
NUMBER
The column contents are invalid if the value is 2147483644. Otherwise, this column contains the identifier of the user who owns the migratable session.
For operations using Parallel Slaves, interpret this value as a 4-byte value. The low-order 2 bytes of which represent the session number, and the high-order bytes the instance ID of the query coordinator.
TADDR
VARCHAR2(8)
Address of transaction state object
LOCKWAIT
VARCHAR2(8)
Address of lock waiting for; NULL if none
STATUS
VARCHAR2(8)
Status of the session: ACTIVE (currently executing SQL), INACTIVE, KILLED (marked to be killed), CACHED (temporarily cached for use by Oracle*XA), SNIPED (session inactive, waiting on the client)
SERVER
VARCHAR2(9)
Server type (DEDICATED| SHARED| PSEUDO| NONE)
SCHEMA#
NUMBER
Schema user identifier
SCHEMANAME
VARCHAR2(30)
Schema user name
OSUSER
VARCHAR2(30)
Operating system client user name
PROCESS
VARCHAR2(9)
Operating system client process ID
MACHINE
VARCHAR2(64)
Operating system machine name
TERMINAL
VARCHAR2(30)
Operating system terminal name
PROGRAM
VARCHAR2(48)
Operating system program name
TYPE
VARCHAR2(10)
Session type
SQL_ADDRESS
RAW(4)
Used with SQL_HASH_VALUE to identify the SQL statement that is currently being executed
SQL_HASH_VALUE
NUMBER
Used with SQL_ADDRESS to identify the SQL statement that is currently being executed
PREV_SQL_ADDR
RAW(4)
Used with PREV_HASH_VALUE to identify the last SQL statement executed
PREV_HASH_VALUE
NUMBER
Used with SQL_HASH_VALUE to identify the last SQL statement executed
MODULE
VARCHAR2(48)
Contains the name of the currently executing module as set by calling the DBMS_APPLICATION_INFO.SET_MODULE procedure
MODULE_HASH
NUMBER
The hash value of the above MODULE
ACTION
VARCHAR2(32)
Contains the name of the currently executing action as set by calling the DBMS_APPLICATION_INFO.SET_ACTION procedure
ACTION_HASH
NUMBER
The hash value of the above action name
CLIENT_INFO
VARCHAR2(64)
Information set by the DBMS_APPLICATION_INFO.SET_CLIENT_INFO procedure
FIXED_TABLE_SEQUENCE
NUMBER
This contains a number that increases every time the session completes a call to the database and there has been an intervening select from a dynamic performance table. This column can be used by performance monitors to monitor statistics in the database. Each time the performance monitor looks at the database, it only needs to look at sessions that are currently active or have a higher value in this column than the highest value that the performance monitor saw the last time. All the other sessions have been idle since the last time the performance monitor looked at the database.
ROW_WAIT_OBJ#
NUMBER
Object ID for the table containing the ROWID specified in ROW_WAIT_ROW#
ROW_WAIT_FILE#
NUMBER
Identifier for the datafile containing the ROWID specified in ROW_WAIT_ROW#. This column is valid only if the session is currently waiting for another transaction to commit and the value of ROW_WAIT_OBJ# is not -1.
ROW_WAIT_BLOCK#
NUMBER
Identifier for the block containing the ROWID specified in ROW_WAIT_ROW#. This column is valid only if the session is currently waiting for another transaction to commit and the value of ROW_WAIT_OBJ# is not -1.
ROW_WAIT_ROW#
NUMBER
The current ROWID being locked. This column is valid only if the session is currently waiting for another transaction to commit and the value of ROW_WAIT_OBJ# is not -1.
LOGON_TIME
DATE
Time of logon
LAST_CALL_ET
NUMBER
The last call
PDML_ENABLED
VARCHAR2(3)
This column has been replaced by column PDML_STATUS
FAILOVER_TYPE
VARCHAR2(13)
Indicates whether and to what extent transparent application failover (TAF) is enabled for the session:
NONE - failover is disabled for this session
SESSION - the client is able to fail over its session following a disconnect
SELECT - the client is able to fail over queries in progress as well
See Also:
Oracle9i Database Concepts for more information on TAF
Oracle9i Net Services Administrator's Guide for information on configuring TAF
FAILOVER_METHOD
VARCHAR2(10)
Indicates the transparent application failover method for the session:
NONE - failover is disabled for this session
BASIC - the client itself reconnects following a disconnect
PRECONNECT - the backup instance can support all connections from every instance for which it is backup
FAILED_OVER
VARCHAR2(3)
Indicates (YES|NO) whether the session is running in failover mode and failover has occurred
RESOURCE_CONSUMER_GROUP
VARCHAR2(32)
Name of the session's current resource consumer group
PDML_STATUS
VARCHAR2(8)
If ENABLED, the session is in a PARALLEL DML enabled mode. If DISABLED, PARALLEL DML enabled mode is not supported for the session. If FORCED, the session has been altered to force PARALLEL DML.
PDDL_STATUS
VARCHAR2(8)
If ENABLED, the session is in a PARALLEL DDL enabled mode. If DISABLED, PARALLEL DDL enabled mode is not supported for the session. If FORCED, the session has been altered to force PARALLEL DDL.
PQ_STATUS
VARCHAR2(8)
If ENABLED, the session is in a PARALLEL QUERY enabled mode. If DISABLED, PARALLEL QUERY enabled mode is not supported for the session. If FORCED, the session has been altered to force PARALLEL QUERY.
CURRENT_QUEUE_DURATION
NUMBER
If queued (1), the current amount of time the session has been queued. If not currently queued, value is 0.
CLIENT_IDENTIFIER
VARCHAR2(64)
http://download-west.oracle.com/docs/cd/B10501_01/server.920/a96536/ch3171.htm#1122127
Joel P�rez -
I use NI session manager to control instrument,when I get the instrumenthandle and can testing .but my question is :
if I close instrument power and not close NI teststand,but the teststand can run sucess ,my dll document run in demo.
but I think there must be a error ,and the dll return value is 0. in fact ,if the instrument closed, the return value maybe a negative.
how can I deal with it ?Hello Sean,
I want to make sure I fully understand your question. Do you have a DLL that you are calling in your TestStand sequence as a code module? If so, does a function within the DLL return a negative number if the instrument is not powered? Is your overall question how can you determine whether the return value from the DLL is negative and make a decision based on this result? Thanks in advance for these answers!
Matt G.
National Instruments
Applications Engineering -
Session object question put vs. putValue vs. setAttribute?
I have the following code:
<%@ page import="java.util.*" %>
<jsp:useBean id="EducationBean" class="java.util.Hashtable" scope="session" />
<%
String swCurrFileName = "swcontrol.jsp";
Enumeration params = request.getParameterNames();
while (params.hasMoreElements()) {
String name = (String)params.nextElement();
EducationBean.put(name, request.getParameter(name));
%>
My question is I can't find any documentation on the put command, whats the difference between 'put', and 'putValue', and 'setAttribute'? When I try using the 'putValue' or 'setAttribute' command I get errors.
What I'm trying to do is store form values in a session object across several pages, and on the last page display all the form values from the previous pages.the object you are calling put on is a java.util.Hashtable. put places an object into the table to be keyed off of another object. In your case, your key is the variable name and the object to be stored is your parameter from that name.
the putValue and setAttribute are methods on the session object. They both do the same action as above, but are for HttpSession objects. putValue is deprecated and you should be using setAttribute, but most WebServers have putValue() pointing to the setAttribute() method. hope this helps.
Maybe you are looking for
-
When signing in for updates on my Iphone, a different email address comes up than my Apple ID. Is there a way to change this on my phone? The Apple ID I use to sign in to Apple is the correct email address.
-
I'm trying to update my 2nd generation ipod touch to ios 4.2.1 so I can get some games and stuff for my daughter. I saw on apple suppport that it was available in the itunes store, but cannot find it. Any ideas or help?
-
Is there an easy way to create an portfoliopage on my site?
I like to know how i can do this the best? Im not so good in Dreamweaver. this is my page where i like to put the portfolio in. Ive got a almost 10 documents wich i want to put on my page. i can make thumbnails from the documents for on the page. Loo
-
BPM - Application Acknowledge.
Hi guys, Im using a SOAP sync scenario to call a sync/async bridge. Under BPM the process asynchronous can waste much time until finish. So, the web service need to maintain the connection established to waiting a response that can have a big delay
-
Error: Select directory for export- ERP integrator
Hi, I try to export member mappings from ERP integrator 11.1.2.1.501. It Showing the error, "Error: Select directory for export". Which directory should be selected here. Pls anyone give me a solution to solve this issue. Thanks Edited by: 3088 on Ju