Setting identical cookie names on a response

Similar Messages

• Setting identical cookies on a response

            WebLogic Server 6.1 SP2 running on NT 4.0 SP6
            We need to use a non-persistent cookie as a persistence mechanism to store session
            information when a user browser on multiple pages. The cookie may be set multiple
            times on the same page using the same response (since the request can be shared
            by multiple jsp's included in the page).
            I am noticing that when we set multiple cookies with identical name on the same
            response - the most recent cookie which stores the most updated information ISN'T
            necessarily the one which get is get set.
            This functionality is critical for our application's session management and because
            of that problem we can't have a reliable way to set a cookie multiple times within
            the same page (again - essential in our case)
            Here is a simple test case that contains 2 jsp's that demonstrate the problem.
            You can place them in the web root and invoke the first one - set_cookie.jsp.
            Subsequently invoke second jsp get_cookie.jsp and you will see that the most recent
            set value ISN'T the one that is read from the cookie.
            Thanks in advance
            Ari Senator
            [email protected]
            203-614-3209
            The get cookie code jsp follows (apparently can attach only one file)
            yields the first cookie set and not the last one.
            <%
            String cookieValue ="";
            Cookie[] cookies = null;
            cookies = request.getCookies();
            if (cookies != null && cookies.length > 0) {
                           System.out.println("cookies.length: " + cookies.length);               
                 for (int i = 0; i < cookies.length; i++) {
                      if (cookies .getName ().equals ("data")) {
                                cookieValue = cookies[i].getValue();
            %>     
            <html>
            <body>
            <%="cookie value " + cookieValue %>
            </body>
            </html>
            [set_cookie.jsp]

  This issue has been resolved. Please log a support case if you need a fix
            for this issue.
            thanks,
            Patrick
            "Ari" <[email protected]> wrote in message
            news:[email protected]...
            >
            > I did.
            > Last Tuesday (03/26 )
            > Here is the case number
            > CASE_ID_NUM: 315955 CR072557
            >
            > Hopefully they will respond quickly ...
            >
            > Rajesh Mirchandani <[email protected]> wrote:
            > >
            > >This looks like a bug. Contact [email protected].
            > >
            > >[email protected] wrote:
            > >
            > >> Ah - you are right. It looks like response.addCookie() doesn't check
            > >the
            > >> cookie name etc at all and sends back all cookies added:
            > >>
            > >> <%
            > >> response.addCookie(new Cookie("foo", "123"));
            > >> response.addCookie(new Cookie("foo", "345"));
            > >> %>
            > >>
            > >> produces:
            > >>
            > >> HTTP/1.0 200 OK
            > >> Date: Tue, 26 Mar 2002 22:40:21 GMT
            > >> Server: WebLogic WebLogic Server 6.1 SP2 12/18/2001 11:13:46 #154529
            > >> Content-Length: 0
            > >> Content-Type: text/html
            > >> Set-Cookie: foo=345
            > >> Set-Cookie: foo=123
            > >> Set-Cookie:
            JSESSIONID=8g4bo2abPrRKsrQjVoNJNIcQ36lnsZgIDVPdg92qzY5EI3Bs52za!1900939556!-
            1062731153!7001!7002;
            > >path=/
            > >> Connection: Close
            > >>
            > >> and I guess that browser uses the last "foo" cookie value - 123.
            > >>
            > >> Resin does the same thing, but sends cookies back in the order they
            > >were
            > >> added:
            > >>
            > >> HTTP/1.0 200 OK
            > >> Server: Resin/2.0.5
            > >> Set-Cookie: foo=123
            > >> Set-Cookie: foo=345
            > >> ...
            > >>
            > >> Ari <[email protected]> wrote:
            > >>
            > >> > The buffer size isn't the issue (it's set by us to 64K)
            > >> > I also know (checked) that the response wasn't committed at any
            stage.
            > >> > <[email protected]> wrote:
            > >> >>Did you try increasing jsp buffer size? When your page(pages) write
            > >> >>> 8k (default buffer size), response is being committed (send to
            > >the
            > >> >>client) and cookies are send at this point.
            > >> >>
            > >> >>Ari <[email protected]> wrote:
            > >> >>> This is a multi-part message in MIME format.
            > >> >>
            > >> >>> ---=_newsgroups3ca0dfba
            > >> >>> Content-Type: text/plain
            > >> >>> Content-Transfer-Encoding: 7bit
            > >> >>
            > >> >>
            > >> >>> WebLogic Server 6.1 SP2 running on NT 4.0 SP6
            > >> >>> We need to use a non-persistent cookie as a persistence mechanism
            > >to
            > >> >>store session
            > >> >>> information when a user browser on multiple pages. The cookie may
            > >be
            > >> >>set multiple
            > >> >>> times on the same page using the same response (since the request
            > >can
            > >> >>be shared
            > >> >>
            > >> >>> by multiple jsp's included in the page).
            > >> >>
            > >> >>> I am noticing that when we set multiple cookies with identical
            > >name
            > >> >>on the same
            > >> >>> response - the most recent cookie which stores the most updated
            > >information
            > >> >>ISN'T
            > >> >>> necessarily the one which get is get set.
            > >> >>> This functionality is critical for our application's session
            management
            > >> >>and because
            > >> >>> of that problem we can't have a reliable way to set a cookie
            multiple
            > >> >>times within
            > >> >>> the same page (again - essential in our case)
            > >> >>
            > >> >>> Here is a simple test case that contains 2 jsp's that demonstrate
            > >the
            > >> >>problem.
            > >> >>> You can place them in the web root and invoke the first one -
            set_cookie.jsp.
            > >> >>> Subsequently invoke second jsp get_cookie.jsp and you will see
            > >that
            > >> >>the most recent
            > >> >>> set value ISN'T the one that is read from the cookie.
            > >> >>
            > >> >>> Thanks in advance
            > >> >>> Ari Senator
            > >> >>
            > >> >>> [email protected]
            > >> >>> 203-614-3209
            > >> >>
            > >> >>> The get cookie code jsp follows (apparently can attach only one
            > >file)
            > >> >>> yields the first cookie set and not the last one.
            > >> >>
            > >> >>> <%
            > >> >>> String cookieValue ="";
            > >> >>> Cookie[] cookies = null;
            > >> >>> cookies = request.getCookies();
            > >> >>> if (cookies != null && cookies.length > 0) {
            > >> >>> System.out.println("cookies.length: " +
            cookies.length);
            > >> >>
            > >> >>> for (int i = 0; i < cookies.length; i++) {
            > >> >>> if (cookies .getName ().equals ("data")) {
            > >> >>> cookieValue = cookies[i].getValue();
            > >> >>> }
            > >> >>> }
            > >> >>> }
            > >> >>
            > >> >>> %>
            > >> >>
            > >> >>> <html>
            > >> >>> <body>
            > >> >>> <%="cookie value " + cookieValue %>
            > >> >>> </body>
            > >> >>> </html>
            > >> >>> ---=_newsgroups3ca0dfba
            > >> >>> Content-Type: application/octet-stream;
            name="D:\dev\xp3\src\webroot\set_cookie.jsp"
            > >> >>> Content-Transfer-Encoding: base64
            > >> >>> Content-Disposition: attachment; filename="set_cookie.jsp"
            > >> >>
            > >> >>> DQo8JQ0KQ29va2llIG15Q29va2llOw0KbXlDb29raWUgPSBuZXcgQ29va2ll
            > >> >>> KCJkYXRhIiwiZmlyc3QiKTsNCm15Q29va2llLnNldFZlcnNpb24oMSk7DQpy
            > >> >>> ZXNwb25zZS5hZGRDb29raWUobXlDb29raWUpOw0KDQovLyAuLi4gcHJvY2Vz
            > >> >>> c2luZw0KDQoNCm15Q29va2llID0gbmV3IENvb2tpZSgiZGF0YSIsInNlY29u
            > >> >>> ZCIpOw0KbXlDb29raWUuc2V0VmVyc2lvbigxKTsNCnJlc3BvbnNlLmFkZENv
            > >> >>> b2tpZShteUNvb2tpZSk7DQoNCi8vIC4uLiBwcm9jZXNzaW5nDQoNCm15Q29v
            > >> >>> a2llID0gbmV3IENvb2tpZSgiZGF0YSIsInRoaXJkIik7DQpteUNvb2tpZS5z
            > >> >>> ZXRWZXJzaW9uKDEpOw0KcmVzcG9uc2UuYWRkQ29va2llKG15Q29va2llKTsN
            > >> >>> Cg0KDQolPg0KDQoJDQo8aHRtbD4NCg0KPGJvZHk+DQpzZXR0aW5nLi4NCjwv
            > >> >>> Ym9keT4NCjwvaHRtbD4=
            > >> >>
            > >> >>> ---=_newsgroups3ca0dfba--
            > >> >>
            > >
            > >--
            > >Rajesh Mirchandani
            > >Developer Relations Engineer
            > >BEA Support
            > >
            > >
            >

• Obiee 11g and custom j2ee app using the same cookie name

  Hi,
  I wrote a same j2ee web application. i'am using authentification through a realm configured in the web.xml.
  This web app is deployed in the same weblogic than obiee 11g. What i want to do is to embed my application in a dashboard using an iframe tag, and use the same login from analytics to my custom web app.
  In this article http://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1039551, it is said that by default, all web apps in the sames weblogic server are using the same cookie name so that they share authentification between them. However, i have read in the web that analytics in obiee 11g is using a cookie with the name "ORA_BIPS_NQID".
  In the weblogic.xml of my custom application, i set the cookie-name parameter to ORA_BIPS_NQID. However, in the dashbord, it still prompt for authentification to my custom web app.
  How can we share authentification between analytics and a custom web app in the same weblogic ?
  NB : I dont want to pass the username et password through the url.
  Thanks.

  By default, if you don't specify a cookie-name in the weblogic.xml configuration file, the weblogic server create a cookie named JSESSIONID for your application. For exemple, if two applications use the default configuration, both of them will use the same cookie name which is JSESSIONID. In this case, when you log in the first application, your are automaticaly logged in the second application with the same credentials. I have already test this kind of integration and it works perfectly. You only need that the two applications are deployed in the same weblogic server.
  Now, i want to have the same behaviour between obiee 11g and my custom application deployed in the same weblogic server. I read somewhere in the web that obiee 11g presentation service (analytics) is configured with a cookie-name value = "ORA_BIPS_NQID". So in the weblogic.xml configuration file of my web app, i specify a cookie-name value = "ORA_BIPS_NQID" to have the same cookie-name between the two application. But, it still not work. It prompt for authentification in the dashboards.
  I now, that such an integration is possible, because the other bi applications (mapviewer, bipublisher,...) are actually other web applications. However when using, for exemple, maps in dashbords, the mapviwer application automaticaly user the credentials of the user connected in analytics.

• Set cookie name

  I need to share some pages between 2 applications in the same workspace. Where should I set the same cookie name for each of these 2 applications? I couldn't find the place in Apex 3.2.0.00.27.
  Thanks.
  Andy

  Hi,
  Go edit your Authentication scheme:
  Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Edit Authentication Scheme
  There you can set cookie name attribute
  Br,Jari

• Changing cookie name in Identity Server hangs login

  I changed the cookie name under AMConfig.properties to something other than iPlanetDirectoryPro. After restarting Portal 6.0, the login just loops. It seems to be hung -- but don't know the reason.
  Has anyone experienced this -- or could someone try this out real quick and see if they have the same problem?
  The file I changed was /opt/SUNWam/lib/AMConfig.properties. The line is com.iplanet.am.cookie.name=iPlanetDirectoryPro
  Just change it to com.iplanet.am.cookie.name=iPlanetDirectoryPro1
  Do I need to change anything else for the login to work? Any insight would help.
  John

  You also need to change the comment name in the tooll and then 'use as
  default' option ....
  Jon

• Setting Language cookie in set_external_cookies

  We have a setup Login Server to authenticate against Netegrity - Siteminder. After external authentication and before the portal page is brought up we want to set the language cookie based on a custom query we have. This will help us display the Portal content based on the language in user preferences.
  1. What is the cookie name for the Language setting ?
  2. Do we use the standard owa_util package or is there any other recommended usage.

  hii, i'm bulding a portlet for a Web that can display many languages depend on client's choices. I've add some strings in some languages ex:America. French, german v..v...in database. Now.for displaying the language client want to showed on portlets, i design a tab which changes the Default Language for a Portal, this tab execute the ORASSO.WWCTX_APP_LANGUAGE.set_language procedure, and my code is follow:
  url:=p_portlet_record.page_url;
  ORASSO.WWCTX_APP_LANGUAGE.set_language
  p_http_language =>'fr',
  p_nls_language =>'f',
  p_nls_territory =>'FRANCE',
  p_requested_url =>url
  ..but when i show the date by calling:
  htp.prn(to_char(sysdate+30, 'FMYYYY-MONTH-DD - DAY - HH24:MI'));
  it's nothing showed.Please, help me to solves this problem.
  my mail: [email protected]
  Thank you very much!!
  hope your response!

• Configuring Session Cookie Name in Portal DAD

  I have some questions about the proper way to specify the Session Cookie Name (PlsqlSessionCookieName) in the Portal DAD.
  Here's a description of the environment: There are 2 portal servers (portal1, portal2) and 2 infrastructure servers (infra1, infra2). portal1 is tied directly to infra1, and portal2 is tied to infra2. A hardware load-balancer directs traffic from a URL "www.companyname.com" to either portal1 or portal2. The infrastructure databases are kept in synch via a nightly export/import. There is no clustering.
  What should I set the Session Cookie Names to in the Portal DADs? Should they be left blank and thus default to the DAD name? If not, should they be set to identical (both to "portal") or unique values ("portal1" and "portal2")?
  I have read the dads.README file, the notes in the Edit DAD page in Enterprise Manager, and some other documentation and I am confused as to the proper settings.
  Thanks!
  Brian

  It looks like distinct session cookie names are needed.
  Please refer to Oracle HTTP Server Administrator's Guide 10g Release 2 (10.1.2), Section 8 Understanding Modules. Seach for PlsqlSessionCookieName.

• Change JSESSIONID Cookie Name

  Can anyone provide a means for changing the JSESSIONID cookie name in IWS 6 to something else?
  I can not locate a mechanism for doing this anywhere.

  Thankyou Sultal for the response.
  Actually we are migrating the application server from Weblogic5.1 to Sun application server 8.2. The client is a mobile client and it sends the Cookie as 'JSESSIONID=session_id_val&WeblogicSession=session_id_val' as parameters, not as request header.It worked fine for Weblogic5.1 but not in Sun Application Server.
  To make it clear :
  Weblogic           :     request.getsession(false) = sessionObj@value
  Sun Application Server      :     request.getsession(false) = null
  Sun Application Server      :     request.getParameter("JSESSIONID") = session_id_val
  In the Weblogic5.1 we have set the cookie & session parameters in the weblogic.properties file as:
  weblogic.httpd.session.cookies.enable=true
  weblogic.httpd.session.cookie.name=WebLogicSession
  weblogic.httpd.session.neverReadPostData=false
  weblogic.httpd.session.timeoutSecs=120
  In case of Sun application server , JSESSIONID is not coming as a cookie , request.getsession(false) is returning null value.Is there a way to initialize the session with JSESSIONID request parameter?

• How to set a cookie in the browser from an html page called via an Iview

  How to set a cookie in the browser from an html page called via an Iview
  Hello all,
  I have an issue which is causing problems. I have a snap survey (html form with submit and cookie setting) which is embedded in a url iview.
  Although the submit and the form work fine, the portal will not allow the cookie to be set it seems.
  Is there a way to allow cookies to be set from an embedded page in a url iview??
  You will make my day if you know!
  System: EP7 SP13
  Kind regards
  Alex

  Hi,
  Check this:
  http://www.oracle.com/technology/products/ias/portal/html/same_cookie_domain_with_pdkv2.html
  Cookie Basics
  Web browsers have built in rules for receiving and sending cookies. When a browser makes a request to a web server and the web server returns cookies with the response, the browser will only accept a cookie if the domain associated with the cookie matches that of the original request. Similarly, when a browser makes a subsequent request, it will only send those cookies whose domain matches that of the target web server.
  These rules are designed to ensure that information encoded in cookies is only "seen" by the web server(s) that the originator of the cookie intended. These rules also ensure that the cookie cannot be corrupted or imitated by another server. By default, the domain associated with a cookie exactly matches that of the server that created it. However, it is possible to modify the domain at the time the cookie is created. Relaxing the cookie domain increases the scope of the cookie's visibility making it available to a wider "audience" of web servers.
  For example, if a cookie is created by a.us.oracle.com, it's domain will usually be set to a.us.oracle.com. This means that the browser will only send the cookie to a.us.oracle.com. It will never send it to any other servers. However, if at the time of creation, the domain of the cookie is set to .us.oracle.com, the browser will send the cookie to any server whose domain falls within .us.oracle.com. such as portal.us.oracle.com, provider.us.oracle.com, app.us.oracle.com etc
  Regards,
  Praveen Gudapati

• No mapping for Identity User Name in WS Security X.509 token profile

  Hi,
  I am trying to do interoperability tests with Apache WSS4J and Aqualogic ESB for X509 certificates.
  I wrote the client and server in the Axis and WSS4J framework. It is worknig fine.
  When I developed the proxy servcies in Aqualogic ESB with the configuration like Proxy Service Provider, Adding WS Policy statements in WSDL, keystore configuration, Credential mapping providers etc.., I am gettnig the following error always.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soa
  penv:Header/><soapenv:Body><soapenv:Fault xmlns:wsse="http://docs.oasis-open.org
  /wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>wsse:FailedA
  uthentication</faultcode><faultstring>Failed to derive subject from token.javax.
  security.auth.login.LoginException: [Security:090377]Identity Assertion Failed,
  weblogic.security.spi.IdentityAssertionException: [Security:090377]Identity Asse
  rtion Failed, weblogic.security.spi.IdentityAssertionException: [Security:090245
  ]No mapping for Identity User Name</faultstring></soapenv:Fault></soapenv:Body><
  /soapenv:Envelope>
  weblogic.xml.crypto.wss.WSSecurityException: Failed to derive subject from token.javax.security.auth.login.LoginException: [Security:090377]Identity Assertion F
  ailed, weblogic.security.spi.IdentityAssertionException: [Security:090377]Identi
  ty Assertion Failed, weblogic.security.spi.IdentityAssertionException: [Security
  :090245]No mapping for Identity User Name
  I am using X509 certificates for the digital singature only. I am not using SSL in the demo..
  Could anyone help me in this regard since i am structup here for the last one week?
  Regards,
  Pandu

  Hi,
  i have a question about setting up the OC4J server to
  check against a cert revocation list (CRL) when:
  1. SSL in standalone OC4J (no oracle http server)Probably not supported.
  2. ws-security x.509 token profile (authenticate user by cert)OC4J + WS_SECURITY doesn't support CRL-s, sorry.
  Hubert M.

• Setting the id names in a datatable

  is there a way to control the names of the id fields of individual elements in a datatable?
  I need to call a website I have no control over. This website is expecting variable to be in the http request using 'POST'. The variables names are VARCNT0,VARCNT1,....,VARCNTn -VARFLE0,VARFLE1,.....,VARFLEn. where n is variable depending on a previous choice.
  Is there a way to force Java Studio or JSF to set the variable names as such instead of form1:dataTable1 :1:VARCNT, form1:dataTable1 :2:VARCNT, .... ,form1:dataTable1 :n:VARCNT
  Thanks,
  Kevin

  Giri,
  I need to call a url that is outside my server. This url expects the input to be a part of the post request. I want to capture the data that I post to this site in my database. I will show the response in an iframe within my site. The input variables for the site I am calling need to be VARCNT0 ... VARCNTN , VARFLE0...VARFLEN and VARTTL0...VARTTLN. Can this be done or am I going to have to add some sort of filter ? How can I after processing the event pass the post request to a url outside of my website. Does this make sense?
  Kevin

• Stickiness based on cookie name

  on ace how do i configure cookie if i want it based on cookie name or set-cookie value. The server is generating cookie and I want to stick the server based on cookie value generated by server not ace
  can someone give me an example?

  http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA4_1_0/command/reference/sticky.html#wp1069181
  You first need to know the name of the cookie used by the server.
  You then create a sticky group to match that cookie name.
  You associate your serverfarm to that group.
  You link that group to your policymap.
  Done.
  Gilles.

• Survey limits, how do I set up cookies in APEX

  I have a survey on apex 3.1 and need to know if there is a easy way to keep the survey people from filling out the survey just one time from just one pc. I thank that their is the use of cookies but I don't know how to set it up.

  Hi,
  The standard login page contains an example of how to set up cookie during the page submit process:
  begin
  owa_util.mime_header('text/html', FALSE);
  owa_cookie.send(
      name=>'LOGIN_USERNAME_COOKIE',
      value=>lower(:P101_USERNAME));
  exception when others then null;
  end;If you set a "Before Header" process to something like:
  declare
  my_cookie OWA_COOKIE.cookie := OWA_COOKIE.get ('MYCOOKIE');
  begin
  return my_cookie.vals(1);
  end;this will return the value of the MYCOOKIE cookie.
  However, as the user can delete their cookies, this may, in fact, not be entirely what you need?
  One thing could look into would be the owa_util.get_cgi_env() function as this will allow you to retrieve some information about the end-user.
  Andy

• How to set the snc name to abap server with IDM?

  HI all:
       I want to set the snc name from IDM , but I didn't konw  which attribute that I would be set.
  I there anyone konw this?
  thanks!

  Hi Shi,
  I'm guessing you don't know which attribute in the MX_PERSON class contains it?
  If this is what you meant, then there isn't a default attribute for that, you can either create one manually or let the synch process create it by enabling "automatic attribute creation" setting for the Identity Store.
  Eric

• How to set httponly cookies in J2EE 5

  Hi folks,
  I ma using Tomcat 6 which implements Servlet API 2.5 (part of the J2EE 5). I know I could set the usehttponly="true" in the context.xml to turn on all cookies to httponly. However, if I only need to set certain cookies to be httponly, how to do it in J2EE 5? I do not find Cookie.setHttponly() method in J2EE 5.
  Thanks in advance!
  Billy

  Either the support document cited above is in error or (more likely) has just not been updated for IOS 8.
  It states that:
  AirPrint printers connected to the USB port of an Apple AirPort Base Station or AirPort Time Capsule are not supported with AirPrint. Connect your AirPrint printer to your network using Wi-Fi, or connect it to a LAN port on your AirPort device using Ethernet.
  I have an early HP LaserJet P1102w and found that it can be set up to work wirelessly even if it is connected by USB to either a MAC or Airport/Time Capsule.
  The trick is to install it each way and label each in the system preferences accordingly,  (a separate icon for each version)
  Examples: the wireless  HP P1102 - Air Print, the USB cabled HP P1102w - USB, and the Airport/TC HP P1102w - Airport (or TC or LAN name)
  My iPhone 5s also found the HP1102w using AirPrint.
  Additionally the wireless printer connection will display the printer Options and Supplies just like the USB wired connection -- the Airport/TC connection will not.
  So even if you use the USB/Airport/TC route, you can still quickly switch to the wireless or USB to check the toner (or ink)
  Hope some find this useful.
  Equip:
  HP P1102w (with latest firmware update from HP)
  MacbookPro & Macbook Pro Retina (both running OSX 10.9.5 - Mavericks)
  TimeCapsule (latest Airport Utility & Firmware)
  iPhone 5s ( iOS 8.0.2)