Tomcat Session Management

Similar Messages

• Tomcat session management (serverid) in loadrunner - thick client application (single signon)

  Hi,
  We have a system that is currently undergoing scalability and performance tuning and we are having a problem with sessions randomly expiring.
  Here is our setup:
  Tomcat
  LoadRunner launching 20, 50, 100, 150, 200 users against the server
  (within a few mins of eachother)
  Thick client application (signle signon)
  As per the business requirement created the scripts with single sign on, however in vugen
  the scripts works fine. During the load test noticed that after few mins approx 7 mins started
  getting the error.
  Recording captured: Xml request and response
  Correlation: serverid (ex. 2142) login transaction
  Script details:
                               Login (serverid)
                               Action repeat iteration till the execution (replacing the serverid throught the script)
                               Logout (replacing the serverid throught the script)
  But manually looks all fine the user can use the same one login throught the day without any expiration.
  Note: while the user gets login a jsessionid 12BDE39384940483HDFFKDH.1 created but the loadrunner unable to record anywhere in the script.
  Quick response will be appreciated.
  If you need any additional information please let me know.
  Regards,
  Suresh.

  I'm having the same problem, did you get any luck with this ?
  Thanks

• Session management in URL reporting

  Hi,
  I have problems with the session management while calling reports from our own web-app.
  We host our reports (.rpt) on a CrystalReportsServer 2008 running on a Tomcat. This CRS is configured with 20 CAL (ConcurrentAccess Licences).
  On the other side, our Intranet, running on another Tomcat.
  Our Intranet provides UI allowing users to determine the parameters that will be passed to reports. For some reasons we do not want to use InfoView now but keep using our own UI to call reports. The idea was then to call them through OpenDocument (or viewrpt.cwr) passing parameters in the URL.
  In our Web-app, I authenticate the user to the CRS, retrieving an IEnterpriseSession. I then get a token for my calls to OpenDoc. But then, each time I call OpenDoc, a new CAL is picked out. Even if I logoff, only one CAL (the one belonging to my IEnterpriseSession) is given back.
  As our users often open and close lots of reports, we run very quickly out of CAL, although the reports are now closed and the user gone.
  I thought using a token would have allowed us to consume only 1 CAL per user, using the same CAL for the different calls.
  Is my reasoning wrong or is it my code..?

  When creating the token , use  "CreateWCAtoken" function this will not increse the session count in CRS.
  You might be using CreateLogonToken function
  Arguments passed to these two functions are same.

• Session management in JAX-RCP with JWSDP 1.0_01

  Hi all,
  How can I access to the HTTP Session of the TOMCAT which run the Web Services engine?
  Browsing by the API I've found the method getHttpSession() in the interface javax.xmlrpc.server.ServletEndpointContext.
  How can get an instance which implements this interface?
  Regards,
  C�sar.

  An old thread but I have a question re session management and web services.
  The documentation for ServletEndpointContext says getHttpSession returns null if there is no HTTP session currently active and associated with the service endpoint. It further says the endpoint class should not rely on the HTTP session always being there.
  I need to ensure a session is active after a user successfully logs in. Other than spending alot of time implementing session management myself its the only way to tell whether the service requestor is allowed to use the service. Is the session not guaranteed to be active to take account of things like session timeout? Under normal circumstances where the user is sufficiently active to prevent timeout is it reasonable to assume the session will be there?

• Web Services and session management

  Hello,
  I am building an application using tomcat and axis2 for ws support. Is there any (standard, preferably) way to maintain session information accross multiple soap invocations? Or maybe even manage the sessions by myself "logically" and send something like a header identifying the session key with each request?
  Any comments would be appreciated,
  Thx

  Hi
  Axis2 offers two ways of doing session management. The first way uses a cookie. You need to specify scope="transportsession" in your services.xml, and ensure that cookies are enabled.
  The second way is not dependent on HTTP cookies, but uses WS-Addressing headers instead. It is scope="soapsession". If you use the Axis2 client then you can do this very simply use setManageSession(true) on your ServiceClient.
  e.g. stub._getServiceClient.setManageSession(true);
  If you use another client, you will need to get the header from the response message and add it to future requests yourself.
  Can I suggest you move this discussion to [email protected] where all the axis2 experts hang out?
  Paul

• JMStudio Error  "Can not create session manager"

  Hi,
  I'm trying to transmit an mpg file through a simple pc to pc network, using the transmission wizard in the JMStudio, and everytime it causes a "can not create session manager" error, even when I try to transmit .mp3 file
  I'm using an ip like 100.100.0.1 for the sender machine, and 100.100.0.2 for the receiver machine, and I don't know where is the problem
  thanks in advance

  Um,maybe the port that you use for transmission is already occupied.
  Make sure that you are not using JMStudio to transmit streams while trying to receive streams from the same port.

• What is new with MAX 2.0 and is it compatible with Session Manager?

  We added non-IVI instrument information in, basically the same structure as for IVI instruments,
  into the ivi.ini file to keep all instrument information in the same place. Using MAX Version 1.1 caused no problems whatsoever and the system worked fine. With the advent of MAX 2.0 you seem to use ivi.ini as well as config.mxs to store instrument information. What we have found now is that given a working ivi.ini file from MAX 1.1, we end up with 2 or 3 copies of all the devices in the IVI Instruments->Devices section! When the duplicate entries are deleted and the application exited, the
  ivi.ini file is updated minus the [Hardware->] sections which contain the resource descriptors that our appl
  ications look for. As an added complication, under MAX 2.1 (From an evaluation of the Switch Executive) It behaves the same, except that it almost always crashes with one of the following errors. 'OLEChannelWnd Fatal Error', or 'Error#26 window.cpp line 10028 Labview Version 6.0.2' Once opened and closed MAX 2.1 will not open again! (Note we do not have LabVIEW on the system.) What is the relationship between the config.mxs and ivi.ini now? Also, your Session Manager application (for use with TestStand) extracts information from ivi.ini and may expect entries to be manually entered into ivi.ini (e.g. NISessionManager_Reset = True) i.e. Is the TestStand Session Manager compatible with MAX 2.0?

  Brian,
  The primary difference between MAX 1.1 and 2.x is that there is a new internal architecture. MAX 2.x synchronizes data between the config.mxs and the ivi.ini. The reason you're having trouble is that user-editing of the ivi.ini file is not supported with MAX 2.x.
  Some better solutions to accomplish what you want:
  1. Do as Mark Ireton suggested in his answer
  2. Use the IVI Run-Time Configuration functions. They will allow you to dynamically configure your Logical Names, Virtual Instruments, Instrument Drivers, and Devices. You can then use your own format for storing and retrieving that information, and use the relevant pieces for each execution. You can find information on these functions in the IVI CVI Help file located in Start >> National I
  nstruments >> IVI Driver Toolset folder. Go to the chapter on Run-time Initialization Configuration.
  I strongly suggest #2, because those functions will continue to be supported in the future, while other mechanisms may not be.
  --Bankim
  Bankim Tejani
  National Instruments

• Session management problems with SSO

  Hi all-
  I've been getting an Apex app tied to SSO as a partner app (per http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html). So far, it sort of works. If I go to my apex app, it redirects me to SSO, where I authenticate and end up back in the apex app. Great. Here are two problems I've run into:
  1. If I am already authenticated to SSO, and I go to my apex app (url like: http://host/pls/apex/f?p=101:1), my browser goes into an infinite redirect (url like: http://host/pls/apex/f?p=101:1:::::FSP_AFTER_LOGIN_URL:\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|||||FSP_AFTER_LOGIN_URL|\f?p=101|1|||||FSP_AFTER_LOGIN_URL|\f? p=101|1|\\\\\\\\\\\\\\\\\\\). To resolve, I have to clear cookies.
  2. If I am using my apex app, then log out of SSO (in another browser window), I can still click around in my apex app (i.e., apex thinks I'm still authenticated).
  Anyone have any thoughts? I'm wondering if I need to do something in page session management (under authentication schemes) to fix #2, but I have no clue about #1.
  Thanks
  Rob

  Hi Scott-
  Thanks for the info on #2 - I'll work on that after I get #1 sorted out, since it's the more dire problem. Here's some more info:
  Apex version = 3.0.1.00.08
  SSO SDK = ssosdk902.zip
  I set it up as "My Application as Partner App." I used "MY_PARTNER_NAME" as SSO Partner Application Name. In the list of SSO Partner Apps on the SSO Admin page, my partner app name is also MY_PARTNER_NAME. It gives the following info:
  Login URL:      https://sso_host/pls/orasso/orasso.wwsso_app_admin.ls_login
  Single Sign-Off URL:      https://sso_host/pls/orasso/orasso.wwsso_app_admin.ls_logout
  Home URL: http://apex_host/pls/apex
  Success URL: http://apex_host/pls/apex/RBLICK.YOUR_PACKAGE.PROCESS_SUCCESS
  Logout URL: http://apex_host/pls/apex
  RBLICK is the schema owning the apex app. In there, I created a package called YOUR_PACKAGE:
  create package YOUR_PACKAGE as
  procedure process_success(urlc in varchar2);
  end YOUR_PACKAGE;
  CREATE PACKAGE BODY YOUR_PACKAGE AS
  procedure process_success(urlc in varchar2) as
  begin
  wwv_flow_custom_auth_sso.process_success(
  urlc=>urlc,
  p_partner_app_name=>'MY_PARTNER_NAME');
  end process_success;
  END YOUR_PACKAGE;
  Anything look obviously wrong to you?
  Thanks!
  Rob

• What is the difference between Session timeout and Short Session timeout Under Excel Service Application -- session management?

  Under Excel Service Application --> session management; what is the difference between Session timeout and Short Session timeout?

  Any call made from the API will automatically be set to the “Session Timeout” period, no matter
  what. Calls made from EWA (Excel Web Access) will get the “Short Session Timeout” period assigned to it initially.
  Short Session Timeout and Session Timeout in Excel Services
  Short Session Timeout and Session Timeout in Excel Services - Part 2
  Sessions and session time-outs in Excel Services
  above links are from old version but still applies to all.
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Session management and java Web Service

  Hi ,
  Can I have two web services one based on Session bean and other on Simple java class, packaged into single ear file? Does NetWeaver supports web service session management/tracking? How can I get an handle to HttpRequest in my Web Service?
  Any help will be appreciated.
  Thanks in advance
  regards,
  rajinder

  Container Managed Authentication. Does everything you need.

• Hello, I have a big problem with Firefox: Session Manager & Undo Closed Tab addons are not working, Sync Is not working. History is working. How to fix this?

  Firefox remembers history but doesn't remember closed tabs, sessions.
  It happened after updating Fox to v. 19.0.2 on one computer.
  In Firefox Options is set Use Custom Settings For History, everything is checked except Always Use Private Browsing Mode. So I am not in private browsing.
  When I press on Undo Closed Button nothing happens & in session manager Save Session Button is greyed out. I've tried installing other add-ons that can remember tabs. tried to disable/reinstall these 2 add-ons. Did't help. On my 2nd computer I have same add-ons, same settings and they are working normally. on 3rd computer undo closed tabs works also. How to fix this? I decided to ask before doing Firefox Reset...
  Sync is a separate problem. It works, but quite often it logs me out of Sync account. Then I can log in only using long recovery key and password (choosing option I don't have device with me because it does not accept keys for pairing device.)
  Thanks for reading.

  I have exactly the same settings in Options (in both computers)
  for history, these 2 add-ons and all other stuff in Options. The only difference is that on 1 pc sessions can be saved and closed tabs can be reopened, on other main pc they stopped to work. + no any other add-on that does similar things works on this pc.
  It is also interesting that I can reopen closed visited sites from History Panel, but not by pressing the Button. For now I only manually bookmark links to a temporary folder.
  Recently (some 2 month ago) I pressed x and Firefox closed all tabs without saving them without displaying save & quit pop up.
  so I changed 4 settings in about.config
  browser.tabs.warn on close true
  browser.warn on quit true
  browser.warn on restart true
  browser.show.quit warning true
  but the problem with sessions appeared only 1 week ago.
  So I guess the problem is not with the History settings or other settings. Seems that something responsible for button or for storing info about tabs/sessions got corrupted. :(

• Session management in Info View with two different logins using single sign

  There is a form with 2 user logins UserA and User B to redirect to infoview with sso in my application. I am able to go to each of the Infoview pages successfully but have the following problem.
  User A logs in and infoview opens in a new IE window and sees his/her folders based on permissions and is able to do his/her work for the first time.
  User B logs in andand infoview opens in a new IE window sees his/her folders based on permissions and is able to do his/her work for the first time.
  <b>After a while when User A tries to access the InfoView in the previously opened IE Window, he/she gets an error message. An error has occurred: The object with ID 2519 does not exist in the CMS or you don't have the right to access it.
  User B is able to continue his/her work. Who ever logs in the last, he/she is able to continue his/her work but the other one gets an error.</b>
  <b>Please let me know on how to address this issue . I added logonToken and tried everything at my hand but no success. Is this session controlled by business objects or by the jsp page. What more changes are required for my jsp page to fix the error. Attached below are the form and the applogon.jsp snippets.</b>
  <B> applogon.jsp</B>
      IEnterpriseSession enterpriseSession = null;
      Exception failure = null;
      boolean loggedIn = true;
       String redirectURL = null;
       // If no session already exists, logon using the specified parameters.
      if (enterpriseSession == null){
          try{
              // Attempt logon. Create an Enterprise session manager object.
              ISessionMgr sm = CrystalEnterprise.getSessionMgr();
              // Log on to BusinessObjects Enterprise
              enterpriseSession = sm.logon(username, password, "cms", "secEnterprise");
          }catch (Exception error){
              loggedIn = false;
              failure = error;
          if (!loggedIn){
              // If the login failed, redirect the user to the start page.
              return;
          }else{
              // Store the IEnterpriseSession object in the session.
              session.setAttribute("EnterpriseSession", enterpriseSession);
              // Create the IInfoStore object.
              IInfoStore iStore = (IInfoStore) enterpriseSession.getService("InfoStore");
              // Store the IInfoStore object in the session using the helper functions.
              session.setAttribute("InfoStore", iStore);
              // Store the CMS name for later use.
              session.setAttribute("CMS", "CMS");
                 // Create the IReportSourceFactory object.
                 IReportAppFactory reportAppFactory =(IReportAppFactory)enterpriseSession.getService("RASReportService");
                 // Store the IReportSourceFactory object in the session using the helper functions.
                 session.setAttribute("ReportAppFactory", reportAppFactory);
              // Retrieve the logon token manager.
              ILogonTokenMgr logonTokenMgr = enterpriseSession.getLogonTokenMgr();
                 String logonToken = logonTokenMgr.createLogonToken("", 60, 100);
                 String infoViewURL = null;
                 String tokenParam = null;
                 infoViewURL = "/businessobjects/enterprise115/desktoplaunch/InfoView/logon/logon.do";
                 tokenParam = "token=" + logonToken;
                 redirectURL = infoViewURL + "?" + tokenParam;
              // Retrieve a logon token and store it in the user's cookie
              // file for use later.
              Cookie cookie = new Cookie("LogonToken", logonTokenMgr.createLogonToken("", 60, 100));
              response.addCookie(cookie);
              // Store the logon token for later use.
              session.setAttribute("token", enterpriseSession.getLogonTokenMgr().getDefaultToken());
       // Redirect the user to the relevant tutorial page.
       out.println("You have been logged on to Enterprise.");
       response.sendRedirect (redirectURL);
  Thank You for your help

  // Retrieve the parameters that the user entered into the logon fields.
  <b> user name and password come from here from the above html form into the jsp here. Ted Is this what you are asking for where does the username and password come from
      String username = request.getParameter("user");
      String password = request.getParameter("pass");
  </b>
      IEnterpriseSession enterpriseSession = null;
      Exception failure = null;
      boolean loggedIn = true;
       String redirectURL = null;
       ISessionMgr sessionMgr = null;
       // If no session already exists, logon using the specified parameters.
      if (enterpriseSession == null){
          try{
              // Attempt logon. Create an Enterprise session manager object.
              sessionMgr = CrystalEnterprise.getSessionMgr();
              // Log on to BusinessObjects Enterprise
              enterpriseSession = sessionMgr.logon(username, password, "appserver.abc.com", "secEnterprise");
                 System.out.println("line61");
          }catch (Exception error){
              loggedIn = false;
              failure = error;
          if (!loggedIn){
              // If the login failed, redirect the user to the start page.
              return;
          }else{ this code is in my first post

• Issue in session management

  Hi All,
  I have a problem regarding java session management.
  i have created one web application in which i want if user login from one browser instance and opens another instance of same browser and logs in from that then user should be logged out from previous instance. I am using Mozzila 5.0.
  Here is what i am doing while creating session in LoginServlet.java
  session = request.getSession(false); //return session if already exists
  System.out.println("Session object: "+session);
  if(session != null)
  System.out.println("Session ID Old: "+session.getId());
  session.invalidate(); //invalidate the session if already exists
  session = request.getSession(true); //Create new session
  System.out.println("Session ID New: "+session.getId());
  Second and third System.out.println() statements giving the same session id.
  This way only the information stored in session when user was logged in from first instance of browser is replaced with the new information stored when the user logged in from second instance of browser, but the user is not logged out from the first browser instance.
  Please help me out how i can log the user out from first instance if he logs in from second instance.
  Thanks in advance...

  Since user in logging again from the same machine so i think invalidating the previous session won't work.
  Suppose user opens first instance of the mozilla browser and login as say 'ashok' whose role is normal user now he opens another instance of mozilla by clicking on executable and login as 'mitch' whose role is admin then after successful login of 'mitch' on first window mitch's menus items are getting displayed instead of ashok's.
  What i am doing is,
  While creating new session on login i first check is any existing session available in above case its true
  session = request.getSession(false); //return session if already exists
  System.out.println("Session object: "+session);
  if(session != null)
  System.out.println("Session ID Old: "+session.getId());
  session.invalidate(); //invalidate the session if already exists
  session = request.getSession(true); //Create new session
  System.out.println("Session ID New: "+session.getId());
  so control will go inside the if block, here i first invalidate the existing session (this is not destroying the session but only unbinding the information that was stored in the session) and create new session (this is returning the same session which was already exists) and save mitch's information. Since the previous instance was using the same session that will now get the mitch's information so now both instances will show the mitch's information.
  I am not getting any way to destroy the existing session so next time new session id will get generated.

• Coherence integration with oracle weblogic portal for Session management

  Could you please let me know how to configure coherence integration with oracle weblogic portal for Session management. Its very urgent. please help.

  Please take a look at the following web page -
  http://coherence.oracle.com/display/COH35UG/Coherence*Web+Session+Management+Module
  -Luk

• Firefox 5 on Win7: All my plugin buttons have gone from the toolbar. They are not in the customise pane. Session manager offers the correct sessions but opens with last session instead. I've re-installed % and reset toolbars. Help!

  Win 7
  Firefox 5
  Problem with high memory use.
  restarted
  Plugin buttons gone from toolbar/
  Missing plugins still show in plugin manager but buttons missing from toolbar add buttons pane.
  Tried reset toolbars - no difference.
  Tried re-instal of Firefox 5 - no difference except:
  Session manager offers correct session on startup but starts with last session

  In case you are using "Clear history when Firefox closes":
  *do not clear the Browsing History
  *Firefox > Preferences > Privacy > Firefox will: "Use custom settings for history": [X] "Clear history when Firefox closes" > Settings
  *https://support.mozilla.org/kb/remove-browsing-search-and-download-history
  Note that clearing "Site Preferences" clears all exceptions for cookies, images, pop-up windows, software installation, passwords, and other website specific data.
  You can check for problems with the sessionstore.js and sessionstore.bak files in the Firefox profile folder that store session data.
  *Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
  *http://kb.mozillazine.org/Profile_folder_-_Firefox
  *http://kb.mozillazine.org/Multiple_profile_files_created
  Deleting sessionstore.js will cause App Tabs and Tab Groups and open and closed (undo) tabs to get lost and you will have to recreate them (make a note or bookmark them if possible).