Use of invalidate ?

Hi,
What is the use of Invalidate method of the context nodes...
thanks,
Arjun.G

Hi Arjun,
If you know the reason why clear and refresh are used in normal abap (for internal table and variables) and in which scenarios you require to use them .Then you can easily relate those cases with webdynpro abap.
Now take an example that you have a acreen where you are entering some data to input fields .In some case you want that after navigation is performed from this page or to this page what ever the data user entered previously should get erased.(as almost the similar concept for clear and refresh).So in this case use can use invalidate method for the correspondin node whose attributes are bound with the input fields.
Hope this will help you understand the concept.
If any query feel free to ask
regards
PG

Similar Messages

Urgent!! Problem in using session invalidate()

Dear all,
I think may be the problem has been posted here before, but i can't find the solution yet. I hope you can help me about this.
My case is that i wrote a logout servlet for my web site. So i use session.invalidate() in the servlet. After that it will redirect to the home page again. At this time, NullPointerException is thrown. I have tried many ways to solve this problem, but still failed.
Can anyone help me? Thanks for advanced.
Priscilla

here is the error printed out:
java.lang.NullPointerException
     at com.sssw.srv.http.CommonLogger.log(CommonLogger.java:217)
     at com.sssw.srv.http.httpd.log(httpd.java:4229)
     at com.sssw.srv.http.Client.log(Client.java:254)
     at com.sssw.srv.http.Client.loop(Client.java:1300)
     at com.sssw.srv.http.Client.runConnection(Client.java:1495)
     at com.sssw.srv.http.Client.run(Client.java:1442)
     at java.lang.Thread.run(Thread.java:479)

I am using session.invalidate() to clear session and

sendRedirect to login page but .. when i am click back button again it going my home page....
how to avoid this problem....

The browser stores the page in the cache and renders the cached page when you press the back button. You can use headers to stop the browser from caching the pages that you don't want to be cached. Like in your example you can apply the headers to the home page. Look here for more info...

Is it possible to invalidate session when I click my browsers back button

Hai
I have a question.
I am building a jsp page with multiple forms.As of now,
no login system has been implemented.
I need my session to time out when the client click on the back
button on the browser to prevent data corruption.
Is there a possible way to do this in Java/ Script
I know the use of session.invalidate() but how to tie it up to the
browser's back button
A second problem
If I use session.invalidate() on Tomcat 3.2
I find that it is not invalidated.But this same function on tomcat 4
doesn't have any problem
Could anyone help on these issues
Thanks

You don't mean you want to invalidate session every time you move to a new page, do you? If you do, after implementation of login system the users will be asked for passwords at each page. If you don't, it's better to use headers for your response.
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Expires", "-1");

[Bug ?] ADFC-00008 again, after session.invalidate() in ADF BC application

Hi all,
We would like to know wheter session.invalidate() is supposed to be a valid operation in one Action JSF method, within one ADF BC Fusion Web application ?
When our jsf page uses data controls based od ADF BC, and one of our action method uses
   session.invalidate();then action method executes as expeced, but any following action produces following problem (JDev 11 final):
oracle.adf.controller.ControllerException: ADFC-00008: Failed to find DataControlFrame for a task flow.
     at oracle.adfinternal.controller.util.Utils.createAndLogControllerException(Utils.java:201)
     at oracle.adfinternal.controller.util.model.DCFrameImpl.makeCurrent(DCFrameImpl.java:126)
     at oracle.adfinternal.controller.state.ViewPortContextImpl.makeCurrent(ViewPortContextImpl.java:924)
     at oracle.adfinternal.controller.state.RequestState.setCurrentViewPortContext(RequestState.java:134)
     at oracle.adfinternal.controller.state.ControllerState.setRequestState(ControllerState.java:832)
     at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart1(ControllerState.java:361)
     at oracle.adfinternal.controller.application.SyncNavigationStateListener.beforePhase(SyncNavigationStateListener.java:89)
     at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:549)
     at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:98)
     at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:145)
     at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:110)
     at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:57)
     at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:42)
     at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:228)
     at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:175)
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:278)
     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
     at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:102)
     at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:65)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(Unknown Source)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)- anyone wants test case which illustrates problem ? We have one based on Oracle fod/fusion demo schema...

Cvele wrote:
is this mean that session.invalidate() is not a valid operation in this situation ?
Note that problem does not occur if application does not use ADF Business Components ...
- so, can we forget about session.invalidate() when using ADF BC ?
In this case, what is alternative; how, for example, notify application module instances that application should be connected to the another one dataSource ?
Invalidating session solves this problem ....

IllegalStateException : sesssion.invalidate() with sp9

 I am using Weblogic 5.1 with sp9. I was told this has been fixed in sp12 but I need
 to fix this with sp9 for now. Just wondering if anyone found an easy fix for sp9.
 When I use session.invalidate()in JSP page, it throws IllegalStateException if it
 is first JSP page or servlet (i.e. first session) in that browser. <%session.invalidate();%>
 is the last line of this JSP.
 java.lang.IllegalStateException: HttpSession is invalid
 at weblogic.servlet.internal.session.SessionData.getAttribute(SessionDat
 a.java:159)
 at weblogic.servlet.internal.session.SessionData.getValue(SessionData.ja
 va:131)
 at weblogic.servlet.internal.ServletRequestImpl.getRemoteUser(ServletReq
 uestImpl.java:668)
 at weblogic.t3.srvr.httplog.CLFLogger.log(CLFLogger.java:46)
 at weblogic.t3.srvr.httplog.LogManagerHttp.log(LogManagerHttp.java:421)
 at weblogic.t3.srvr.HttpServer.log(HttpServer.java:882)
 at weblogic.servlet.internal.ServletContextManager.invokeServlet(Servlet
 ContextManager.java:309)
 at weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.jav
 a:365)
 at weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:253)
 at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:129)
 I guess the following is the reason. When this JSP gets compiled, try catch finally
 block is generated surrounding session.invalidate(). After current session gets invalidated,
 finally block is executed and it seems that's where the exception gets thrown.
 // this is generated by compiler
 finally{
 while (_activeTag != null) {
 // release() all active tags...
 Tag tmpTag = activeTag;
 activeTag = activeTag.getParent();
 try { _tmpTag.release(); } catch (Exception __ignore) {}
 I can't think clean simple fix for this. Either change this compiled java code manually
 (put another try catch inside finally) or use server side redirection and put session.invalidate
 in second page. Both workarounds are pretty ugly.


Hi
This works, here is a sample I've run on OC4J
public class SessionTestServlet extends HttpServlet
private static final String CONTENT_TYPE = "text/html";
HttpSession sess = null;
private static boolean login_page = true;
public void init(ServletConfig config) throws ServletException
super.init(config);
public void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException,
IOException
sess = request.getSession(true);
try
if (login_page)
if(sess != null)
sess.invalidate();
sess = request.getSession(true);
sess.setAttribute("name","kalle");
catch(Exception e)
e.printStackTrace();
response.setContentType(CONTENT_TYPE);
PrintWriter out = response.getWriter();
out.println("<html>");
out.println
("<head><title>SessionTestServlet</title></head>");
out.println("<body>");
out.println("Session: "+ sess+"Name: "+
sess.getAttribute("name"));
out.println("</body></html>");
out.close();
Regards
//Mike

Please help me-it's urgent,maintaining session and security using cookies.

hi folks,
i presently developing a web site for an engineering colleege ,i am facing prob in maintaining the session using cookies,and destroying a cookie and keeping security to the user,There are four links on my webpage ,including a logout link,when i click the other links other than the logout,it works perfectly,and when i click the logout link,i am not able to disable the cookie and still able to visit previous pages by clicking the back button.please give a suggestion as such to disable the cokie and maintain the security for my web site.
Thank u....

Try out this login if it helps you.
Create a bean that stores some String value. Then make a object of this bean using the useBean tag with session scope when a user logs in. Store the name of the user in the bean and also set the same name value in the Session object. Then on every JSP page compare the value set in the session object with the bean variable (which will be having a session scope). If the value match, then the JSP page output must be displayed to the user. Then on the logout link, invalidate the session object using the invalidate() method of the session class. As a result now when you will try to navigate back to the old JSP page, null will be returned to you when you will try to retrive the name value from the session object. And since this null will not match with the value in the bean, you should not proceed further with generating the output. Hope this help
Nirav ([email protected])

Invalidate on output node

Hi guys,
I try to delete all data from my table using the method invalidate on the output node.
Nothing happens. If I do the same for the root node then all data get deleted as expected.
My question: why does output node stay the same after applying invalide()?
What is the source code for invalidate()?
What does 'validate()' do?
By the way, to clean my table I just used 'removeElement()' on the root node.
and then initialized my Bapi object
thank you for your help, as always.
Regards
yuval

Hi Yuval,
Invalidate works in two different ways:
1) In case of Model Node: It will reinitialize it to the initial data of the modeled node. It will not delete the data instead it will take it back to the initial state in whichmodel was execuated and it has some values.
2) In case of Value Node. It will again reinitialize the data. However there was no data in the value node initially therefore it behaves as the delete functionality for the value node.
Have a llok to the Java Doc as well:
 * With this method the node will be invalidated. It clears its element list
 * and calls the supply function again when asked for an element. A mapped
 * node passes this request to its origin and thus invalidates this one.
 * 
 * Warning: This method is not allowed within a supply function.
 * @throws WDRuntimeException when called from within a supply function.
You can directly use node.invalidate() to remove the elements of the table if the node binded to the table is the value node. Reason is explained above.
I hope this cleas the issue. If you have any further issues kindly revert back.
Thanks nad Regards,
Pravesh

How to invalidate

hi all,
i have written a basic authentication code it works with a bug,
my bug is if i copy my url( when in login) and paste it after i logout , iam able to see my session page,my session has already expired but how do iam able to see that.
i invalidated my session using session.invalidate() in my servlet.
how could i solve this problem

I've seen containers where session.invalidate() is broken and you're SOL... I saw one app running with this limitation, it told you to close your browser when you went to logout.
Otherwise, your problem could be that your browser is caching the page.. Set some response headers and that won't happen anymore. Search the forums to see which ones to set.

UIX Failed to invalidate session / logout

Hi,
I have an application, using Oracle UIX. I use Basic Login Authentication. when the user hits the datapage, the browser display a browser logon, user and password. However, after this step, user is logged on, even if you close and reopen the browser, still you can access and query the page without logon. I tried to use session.invalidate, but still didn't work (although I can see a println message that confirms that this part has been run. I can send the user back to a jsp page, but I want to make sure that all the user id and password are deleted, so the browser will be forced to pop up the login dialogue again on next request to open. I would appreciate your help and assistance.
Using OC4J 10g 10.1.2.0.0 with JDeveloper 10g 10.1.2
Tha

Hi,
what you describe is impossible. Make sure that the browser process is killed and doesn't remain in the background. Sometimes it takes a few seconds for the process to be killed. BASIC authentication is nothing that UIX has a control of and instead is a contract between teh Browser and the HTTP server.
Frank

HttpSession's invalidate

Hi everyone,
I have a problem with the HttpSession's invalidate.
I'm trying to use the invalidate method when the user logout from my application.
But "sometimes" (don't know why) i get the following error.
==============================================================
[#|2005-03-14T11:26:28.265+0900|SEVERE|sun-appserver-pe8.0.0_01|javax.enterprise.system.container.web|_ThreadID=14;|StandardWrapperValve[jsp]:
java.util.NoSuchElementException
at java.util.HashMap$HashIterator.nextEntry(HashMap.java:785)
at java.util.HashMap$KeyIterator.next(HashMap.java:818)
at java.util.AbstractCollection.toArray(AbstractCollection.java:174)
at org.apache.catalina.session.StandardSession.keys(StandardSession.java:1570)
at org.apache.catalina.session.StandardSession.expire(StandardSession.java:705)
at org.apache.catalina.session.StandardSession.expire(StandardSession.java:630)
at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1061)
at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:164)
at org.apache.jsp.logout_jsp._jspService(logout_jsp.java:108)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:102)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:282)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:263)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:210)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
at sun.reflect.GeneratedMethodAccessor68.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:236)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:141)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:109)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:522)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:168)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:109)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:536)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:522)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:144)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:109)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:133)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:539)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at com.sun.enterprise.webservice.EjbWebServiceValve.invoke(EjbWebServiceValve.java:134)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at com.sun.enterprise.security.web.SingleSignOn.invoke(SingleSignOn.java:305)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at com.sun.enterprise.web.VirtualServerValve.invoke(VirtualServerValve.java:209)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:522)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:114)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:109)
at com.sun.enterprise.web.VirtualServerMappingValve.invoke(VirtualServerMappingValve.java:166)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:107)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:522)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:936)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:165)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:683)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:604)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:542)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:647)
at java.lang.Thread.run(Thread.java:534)
|#]
==============================================================
I'm using Sun Java System Application Server 8 on Windows2003.
And the code of JSP that logs out is the following
<%
 HttpSession so = null;
 so = request.getSession(false);
 if ( so != null ) {
 so.setAttribute("USER_ID","");
 so.invalidate();
%>
<jsp:forward page="login.jsp"/>I think the reason of the error is that HashMap is not thread-safe,
but not sure.
Any help will be greatly appreciated!!

Thank you for the reply again!
is there any code after the forward line in
logout.jsp? It will still run after the forward
happens.No, there isn't any code after the forward.
But in login.jsp i'm doing checking for the USER_ID and doing invalidate again.
Is there any problem with that?
<%
 if(request.getRemoteUser() != null){
%>
 <% session.invalidate(); %>
 <% response.sendRedirect("main.jsp"); %>
<%

ANN: Learn how to invalidate cache and handle exceptions

http://otn.oracle.com/sample_code/tech/java/codesnippet/webcache/index.html
These set of New OracleAS Web Cache How-to's illustrates how to invalidate cached content using esi:invalidate and PL/SQL invalidation tags. Also, learn how to esi exceptions using esi:try, esi:accept, and esi:except tags.
Cheers,
-Srikanth

You may use any of the two ways:
1. Use the interface. Go to Navigator, and go to that particular page where that portlet is, and then edit it. Go to Properties/Cache. See at the very bottom of the page for how to clear cache for that page.
2. See details of the api function for cache invalidation.
wwpro_api_invalidation.execute_cache_invalidation;

ORA-01031: insufficient privileges in PL/SQL but not in SQL

I have problem with following situation.
I switched current schema to another one "ban", and selected 4 rows from "ed"
alter session set current_schema=ban;
SELECT * FROM ed.PS WHERE ROWNUM < 5;
the output is OK, and I get 4 rows like
ID_S ID_Z
1000152 1
1000153 1
1000154 1
1000155 1
but following procedure is compiled with warning
create or replace
procedure proc1
as
rowcnt int;
begin
select count(*) into rowcnt from ed.PS where rownum < 5;
end;
"Create procedure, executed in 0.031 sec."
5,29,PL/SQL: ORA-01031: insufficient privileges
5,2,PL/SQL: SQL Statement ignored
,,Total execution time 0.047 sec.
Could you help me why SELECT does work in SQL but not in PL/SQL procedure?
Thanks.
Message was edited by:
MattSk

Privs granted via a role are only valid from SQL - and not from/within stored PL/SQL code.
Quoting Tom's (from http://asktom.oracle.com) response to this:I did address this role thing in my book Expert one on one Oracle:
<quote>
What happens when we compile a Definer rights procedure
When we compile the procedure into the database, a couple of things happen with regards to
privileges. We will list them here briefly and then go into more detail:
q All of the objects the procedure statically accesses (anything not accessed via dynamic SQL)
are verified for existence. Names are resolved via the standard scoping rules as they apply to the
definer of the procedure.
q All of the objects it accesses are verified to ensure that the required access mode will be
available. That is, if an attempt to UPDATE T is made - Oracle will verify the definer or PUBLIC
has the ability to UPDATE T without use of any ROLES.
q A dependency between this procedure and the referenced objects is setup and maintained. If
this procedure SELECTS FROM T, then a dependency between T and this procedure is recorded
If, for example, I have a procedure P that attempted to 'SELECT * FROM T', the compiler will first
resolve T into a fully qualified referenced. T is an ambiguous name in the database - there may be
many T's to choose from. Oracle will follow its scoping rules to figure out what T really is, any
synonyms will be resolved to their base objects and the schema name will be associated with the
object as well. It does this name resolution using the rules for the currently logged in user (the
definer). That is, it will look for an object owned by this user called T and use that first (this
includes private synonyms), then it will look at public synonyms and try to find T and so on.
Once it determines exactly what T refers to - Oracle will determine if the mode in which we are
attempting to access T is permitted. In this case, if we as the definer of the procedure either
owns the object T or has been granted SELECT on T directly or PUBLIC was granted SELECT, the
procedure will compile. If we do not have access to an object called T by a direct grant - the
procedure P will fail compilation. So, when the object (the stored procedure that references T) is
compiled into the database, Oracle will do these checks - and if they "pass", Oracle will compile
the procedure, store the binary code for the procedure and set up a dependency between this
procedure and this object T. This dependency is used to invalidate the procedure later - in the
event something happens to T that necessitates the stored procedures recompilation. For example,
if at a later date - we REVOKE SELECT ON T from the owner of this stored procedure - Oracle will
mark all stored procedures this user has that are dependent on T, that refer to T, as INVALID. If
we ALTER T ADD some column, Oracle can invalidate all of the dependent procedures. This will cause
them to be recompiled automatically upon their next execution.
What is interesting to note is not only what is stored but what is not stored when we compile the
object. Oracle does not store the exact privilege that was used to get access to T. We only know
that procedure P is dependent on T. We do not know if the reason we were allowed to see T was due
to:
q A grant given to the definer of the procedure (grant select on T to user)
q A grant to public on T (grant select on T to public)
q The user having the SELECT ANY TABLE privilege
The reason it is interesting to note what is not stored is that a REVOKE of any of the above will
cause the procedure P to become invalid. If all three privileges were in place when the procedure
was compiled, a revoke of ANY of them will invalidate the procedure - forcing it to be recompiled
before it is executed again. Since all three privileges were in place when we created the procedure
- it will compile successfully (until we revoke all three that is). This recompilation will happen
automatically the next time that the procedure is executed.
Now that the procedure is compiled into the database and the dependencies are all setup, we can
execute the procedure and be assured that it knows what T is and that T is accessible. If something
happens to either the table T or to the set of base privileges available to the definer of this
procedure that might affect our ability to access T -- our procedure will become invalid and will
need to be recompiled.
This leads into why ROLES are not enabled during the compilation and execution of a stored
procedure in Definer rights mode. Oracle is not storing exactly WHY you are allowed to access T -
only that you are. Any change to your privileges that might cause access to T to go away will cause
the procedure to become invalid and necessitate its recompilation. Without roles - that means only
'REVOKE SELECT ANY TABLE' or 'REVOKE SELECT ON T' from the Definer account or from PUBLIC. With
roles - it greatly expands the number of times we would invalidate this procedure. If some role
that was granted to some role that was granted to this user was modified, this procedure might go
invalid, even if we did not rely on that privilege from that role. ROLES are designed to be very
fluid when compared to GRANTS given to users as far as privilege sets go. For a minute, let's say
that roles did give us privileges in stored objects. Now, most any time anything was revoked from
ANY ROLE we had, or any role any role we have has (and so on -- roles can and are granted to roles)
-- many of our objects would become invalid. Think about that, REVOKE some privilege from a ROLE
and suddenly your entire database must be recompiled! Consider the impact of revoking some system
privilege from a ROLE, it would be like doing that to PUBLIC is now, don't do it, just think about
it (if you do revoke some powerful system privilege from PUBLIC, do it on a test database). If
PUBLIC had been granted SELECT ANY TABLE, revoking that privilege would cause virtually every
procedure in the database to go invalid. If procedures relied on roles, virtually every procedure
in the database would constantly become invalid due to small changes in permissions. Since one of
the major benefits of procedures is the 'compile once, run many' model - this would be disastrous
for performance.
Also consider that roles may be
q Non-default: If I have a non-default role and I enable it and I compile a procedure that
relies on those privileges, when I log out I no longer have that role -- should my procedure become
invalid -- why? Why not? I could easily argue both sides.
q Password Protected: if someone changes the password on a ROLE, should everything that might
need that role be recompiled? I might be granted that role but not knowing the new password - I
can no longer enable it. Should the privileges still be available? Why or Why not? Again, arguing
either side of this is easy. There are cases for and against each.
The bottom line with respect to roles in procedures with Definer rights are:
q You have thousands or tens of thousands of end users. They don't create stored objects (they
should not). We need roles to manage these people. Roles are designed for these people (end users).
q You have far fewer application schema's (things that hold stored objects). For these we want
to be explicit as to exactly what privileges we need and why. In security terms this is called the
concept of 'least privileges', you want to specifically say what privilege you need and why you
need it. If you inherit lots of privileges from roles you cannot do that effectively. We can manage
to be explicit since the number of development schemas is SMALL (but the number of end users is
large)...
q Having the direct relationship between the definer and the procedure makes for a much more
efficient database. We recompile objects only when we need to, not when we might need to. It is a
large efficiency enhancement.
</quote>

Help neede very very urgently ... to clear the report from Cache.....

Hello all,,,
In my project iam using crystsal report for eclipse to generate reports.
Iam using a .jsp page to call my report.(which i got it from the examples of CRE).
The name of my jsp page is poi.jsp
The name of my Crystal report is CrystalReport2.rpt
My problem is this....
when i run the report first time i can see my poi.jsp page and user can submit
the parameter and based on the users parameter the report is generated..(ITs working absoultely fine)
but when the user runs the report again, its not showing the parameter page (i.e user cannot see poi.jsp)
rather its showing the old generated report.
When i tried using session.invalidate and session.removeAttribute it was showing me the poi.jsp page
but the problem is when the user clicks on the print icon or any icon on the report its just
showing the poi.jsp page...
When the user closes the report or when the clicks on the button to generate the report it should
show the parameter page (poi.jsp).how can i solve this problem???
the code what iam using is as follows..( got it from the examples of CRE - database login )
Object reportSource = session.getAttribute("reportSource");
if (reportSource == null)
String report = "CrystalReport2.rpt";
ReportClientDocument reportClientDoc = new ReportClientDocument();
reportClientDoc.open(report, 0);
reportSource = reportClientDoc.getReportSource();
session.setAttribute("reportSource", reportSource);
ConnectionInfos connInfos = new ConnectionInfos();
IConnectionInfo connInfo1 = new ConnectionInfo();
connInfo1.setUserName("USER");
connInfo1.setPassword("USER");
connInfos.add(connInfo1);
CrystalReportViewer viewer = new CrystalReportViewer();
viewer.setReportSource(reportSource);
viewer.setEnableLogonPrompt(false);
viewer.setDatabaseLogonInfos(connInfos);
if (session.getAttribute("refreshed") == null)
viewer.refresh();
session.setAttribute("refreshed", "true");
viewer.setOwnPage(true);
viewer.processHttpRequest(request, response, getServletConfig().getServletContext(), null);
//session.removeAttribute("refreshed");
//session.invalidate();
thanks in advance
regards
jack

As far as parameter refresh is concerned add in your code
viewer.setHasRefreshButton(true)
refresh button is appeared on crystal report toolbar and you can use this button instead of explorer refrsh button and every time you can add new parameters values.
Also, if you want to update reportsource in session object. means if user wants to view more than one different reports and want to invalidate reportsource form session.
add in jsp.
session.removeAttribute("reportSource");
Happy programming
Uzma

How to clear the report from Cache.

Hello all,,,
In my project iam using crystsal report for eclipse to generate reports.
Iam using a .jsp page to call my report.(which i got it from the examples of CRE).
The name of my jsp page is poi.jsp
The name of my Crystal report is Department.rpt
My problem is this....
when i run the report first time i can see my poi.jsp page and user can submit
the parameter and based on the users parameter the report is generated..(ITs working absoultely fine)
but when the user runs the report again, its not showing the parameter page (i.e user cannot see poi.jsp)
rather its showing the old generated report.
When i tried using session.invalidate and session.removeAttribute it was showing me the poi.jsp page
but the problem is when the user clicks on the print icon or any icon on the report its just
showing the poi.jsp page...
When the user closes the report or when the clicks on the button to generate the report it should
show the parameter page (poi.jsp).how can i solve this problem???
the code what i am using is as follows
try {
          String reportName = "C:/workspace/Reports/WebContent/Department.rpt";
          ReportClientDocument clientDoc = (ReportClientDocument) session.getAttribute(reportName);
          if (clientDoc == null) {
               // Report can be opened from the relative location specified in the CRConfig.xml, or the report location
               // tag can be removed to open the reports as Java resources or using an absolute path
               // (absolute path not recommended for Web applications).
               clientDoc = new ReportClientDocument();
               clientDoc.setReportAppServer(ReportClientDocument.inprocConnectionString);
               // Open report
               clientDoc.open(reportName, OpenReportOptions._openAsReadOnly);
               // ****** BEGIN SET RUNTIME DATABASE CREDENTIALS ****************
                    String connectString = "jdbc:oracle:thin:@192.168.1.4:1521:orcl";
                    String driverName = "oracle.jdbc.driver.OracleDriver";
                    String JNDIName = "orcl";
                    String userName = "act_db";               // TODO: Fill in database user
                    String password = "act_db";          // TODO: Fill in password
                    // Switch all tables on the main report and sub reports
                    CRJavaHelper.changeDataSource(clientDoc, userName, password, connectString, driverName, JNDIName);
                    // logon to database
                    CRJavaHelper.logonDataSource(clientDoc, userName, password);
               // ****** END SET RUNTIME DATABASE CREDENTIALS ****************
               // ****** BEGIN CONNECT PARAMETERS SNIPPET ****************
                    // STRING VALUE PARAMETER.
                    String stringValue = request.getParameter("DeptId");;     // TODO: Fill in value
                    CRJavaHelper.addDiscreteParameterValue(clientDoc, "", "DeptId", stringValue);
               // ****** END CONNECT PARAMETERS SNIPPET ****************
               // Store the report document in session
               session.setAttribute(reportName, clientDoc);
          // ****** BEGIN CONNECT CRYSTALREPORTPAGEVIEWER SNIPPET ****************
               // Create the CrystalReportViewer object
               CrystalReportViewer crystalReportPageViewer = new CrystalReportViewer();
               String reportSourceSessionKey = reportName+"ReportSource";
               session.removeAttribute("reportSource");
               Object reportSource = session.getAttribute(reportSourceSessionKey);
               if (reportSource == null)
                    reportSource = clientDoc.getReportSource();
                    session.setAttribute(reportSourceSessionKey, reportSource);
               //     set the reportsource property of the viewer
               crystalReportPageViewer.setReportSource(reportSource);
               crystalReportPageViewer.setDisplayGroupTree(false);
             session.removeValue("reportSource");
               crystalReportPageViewer.setHasRefreshButton(true);
               // Apply the viewer preference attributes
               // Process the report
               crystalReportPageViewer.processHttpRequest(request, response, application, null);
          // ****** END CONNECT CRYSTALREPORTPAGEVIEWER SNIPPET ****************
     } catch (ReportSDKExceptionBase e) {
         out.println(e);
Thanks In advance
Regards,
Amol Patil

CrystalReportViewer viewer = new CrystalReportViewer();
viewer.setReportSource(reportSource);
     viewer.setReportSource(reportSource);
     viewer.setHasRefreshButton(true);
     viewer.setOwnPage(true);
     viewer.setOwnForm(true);
     viewer.setHasExportButton(true);
     viewer.setZoomFactor(100);
     viewer.setPrintMode(CrPrintMode.ACTIVEX);
    viewer.setParameterFields(fields);
viewer.setEnableParameterPrompt(true); --this line will prompt

Use of invalidate ?

Similar Messages

Maybe you are looking for