Viewing active sessions (cfid/cftoken or J2EE sessionid)?

Hello... is it possible to view the active sessions, whether cfid/cftoken or the J2EE sessionid for any given site on my server? I believe you can store client variables in a datasource, but I don't believe you can do this with the cfid/cftoken or J2EE sessionid correct? I'd really like to be able to query these values. I'm using CF 7.02 now but will be moving to CF 9, so if it's a feature there that'd be great.

You can do it per application... but I'm not sure if there's a way of pulling out all the applications running on a given server.  The last time I looked for that sort of thing, I seem to recall not finding it (that's not to say it's not there: I just couldn't find it!).
But for all sessions within an application: do a google on "cf sessiontracker".  Various people have blogged about how to do what you need (if not exactly what you need, then enough to get you going in the right direction).
I thought I had some sample code that demonstrates it, but I don't :-(
Adam

Similar Messages

  • CFID & CFTOKEN added to URL by CF

    CF automatically appends CFID & CFTOKEN to the URL when
    using <div <span with id = a variable.
    They are not appended when a constant is used.
    I do not want these to be displayed unless I append them
    myself.
    Is this a CF bug, or can I change my code somehow?
    I display a variable number of rows, so using a constant is
    not a solution.
    And, I use client and session variables throughout my app.
    Please help me. Thanks a bunch.
    <cfapplication name="myApp" sessiontimeout="20"
    sessionmanagement="Yes"
    setclientcookies="Yes" clientmanagement="Yes">
    This is BAD ...
    URL with the following code:
    abc/action.cfm?CFID=1851&CFTOKEN=76141078
    <div id="#style#">
    <span id="#style#"
    onclick="location.href='abc/action.cfm'">
    <table><tr><td>info</td></tr></table>
    </span>
    </div>
    This is GOOD ...
    URL with the following code: abc/action.cfm
    <div id="1001">
    <span id="1001"
    onclick="location.href='abc/action.cfm'">
    <table><tr><td>info</td></tr></table>
    </span>
    </div>

    Greetings Steve and other URLSessionFormat fans.
    The remote file of a XMLHttp request (Spry) among other
    things is trying to set two sessions.variables.
    I have been told that if the remote file doesn't know the
    session CFID & CFTOKEN the new session variables wil not be
    recognized, and to avoid that I should use URLSessionFormat.
    Now, my original Spry request look like this:
    var request_URL
    ="/petitions/client/remote/authenticate.cfm?username="+uName+"&password="+uPass;
    Spry.Utils.loadURL("GET", request_URL, false, authBack);
    which returns values as expected but does not set the session
    variables, so I combine it with URLSessionFormat, like this:
    var request_URL =
    '#URLSessionFormat("/petitions/client/remote/authenticate.cfm?username='+uName+'&password ='+uPass+'")#';
    The variable "request_URL" will render:
    "/petitions/client/remote/authenticate.cfm;jsessionid=7e301d2f98475b4d5f10?username="+uNa me+"&password="+uPass&CFID=300&CFTOKEN=11985066"
    which causes Spry to catch an exception while loading the url
    and the request fails altogether.
    Please note the " ; " semicolumn sign between the filename
    "authenticate.cfm" and "jsessionid=" which is not like
    CF7.1 example
    "myactionpage.cfm?jsessionid=xxxx;cfid=xxxx&cftoken=xxxxxxxx"
    found in livedocs.
    Is either my code, macromedia example, or both wrong?
    Or maybe it needs some tweaking and fixing to replace the
    semicolumn and put the question mark in the right place?
    Pulling quite a few hair here. Thanks for helping.

  • CFID & CFTOKEN

    Hi there,
    I’m creating a cart & payment system using
    Coldfusion MX 6.1. I have two application servers which are load
    balanced. So I cannot use sessions to track user logins and other
    variables because if the load balancer diverts a request to the
    other server where the session does not exist then the person will
    be logged out.
    So I’m forced to use client variables. I’m
    against using cookies for better security. So the option left for
    me is store client variables in database. So I’m using the
    help of CFID & CFTOKEN to track logins and store client
    variables in database.
    Now the problem is I’m using URLSessionFormat function
    to pass CFID & CFTOKEN to all pages after login. I have
    following problems:
    1) If I copy the URL, which contains the CFID & CFTOKEN,
    close the browser and paste it in another browser window – it
    opens up the page with out any authentication.
    2) If I copy and paste the same URL on a browser window in
    another PC, it works.
    These two scenarios fail my security to the application. Can
    anyone please advice a way to kill the CFID & CFTOKEN on
    browser close or some mechanism to stop this occurring?
    Any help is greatly appreciated.
    Many thanks / Manu.

    Greetings Steve and other URLSessionFormat fans.
    The remote file of a XMLHttp request (Spry) among other
    things is trying to set two sessions.variables.
    I have been told that if the remote file doesn't know the
    session CFID & CFTOKEN the new session variables wil not be
    recognized, and to avoid that I should use URLSessionFormat.
    Now, my original Spry request look like this:
    var request_URL
    ="/petitions/client/remote/authenticate.cfm?username="+uName+"&password="+uPass;
    Spry.Utils.loadURL("GET", request_URL, false, authBack);
    which returns values as expected but does not set the session
    variables, so I combine it with URLSessionFormat, like this:
    var request_URL =
    '#URLSessionFormat("/petitions/client/remote/authenticate.cfm?username='+uName+'&password ='+uPass+'")#';
    The variable "request_URL" will render:
    "/petitions/client/remote/authenticate.cfm;jsessionid=7e301d2f98475b4d5f10?username="+uNa me+"&password="+uPass&CFID=300&CFTOKEN=11985066"
    which causes Spry to catch an exception while loading the url
    and the request fails altogether.
    Please note the " ; " semicolumn sign between the filename
    "authenticate.cfm" and "jsessionid=" which is not like
    CF7.1 example
    "myactionpage.cfm?jsessionid=xxxx;cfid=xxxx&cftoken=xxxxxxxx"
    found in livedocs.
    Is either my code, macromedia example, or both wrong?
    Or maybe it needs some tweaking and fixing to replace the
    semicolumn and put the question mark in the right place?
    Pulling quite a few hair here. Thanks for helping.

  • For active sessions error what can i do ..Install j2ee or sdm locally How ?

    Hi,
    Here many developers r working on Web DynPro Java. So when morethan one developers deploying application parallely at that time sdm gives error of active sessions, I found some threads told me that we had to install j2ee or sdm locally . But that threads could not ans satisfactory. Please any one tell me satisfactory ans what i need to install locally and how ?
    Regards,
    Gurprit Bhatia

    Hi,
      WAS Web Application Server has SAP J2EE Engine in which Web Dynpro Applications run. Software Deployment Manager(SDM) component manages deployment process.
    Once you deploy WAS locally, developer will have local server very similar to Tomcat kind... which you he/she can manage.
    Developer need to login to local server portal using http://server url:50000/irj/portal
    if u have any more doubts please let us know.

  • Missing session variables and multiple CFID/CFTOKEN

    We are using ColdFusion 9.0.1 and have recently started to experience some sporadic behavior in our applications. These applications have worked without error for over 6+ years and have not been modified during this time.
    Over the past couple of weeks, we have been receiving calls in regards to users not being able to login and receiving errors when performing various actions.  We have put troubleshooting measures in place that display values when this occurs.
    We have noticed that when the errors occur, there are multiple CFID/CFTOKEN COOKIE values. Additionally, session variables are being dropped (during simple tasks such as going from one screen to the next).  These errors do not occur for the majority of users and have primarily occurred in Internet Explorer, but we have had some instances in other browsers.  In most instances, if the user switches browsers, the same application works fine for them.
    In one particular case, we have a <cfif> tag in the application.cfm file that checks for “session.user_id”.  If it doesn’t exist, the user is directed to a login page using the <cflocation> tag. When experiencing the problem, users are continuously going back to the login screen because the system is saying that the session variable does not exist.
    When working with one user who was experiencing this problem, we were able to remedy the problem by adding “addtoken=’yes’” to the cflocation tag.  ** We do not prefer to do this for security reasons.
    Rather than go through each application and try to “band-aid” each instance that occurs, can anybody offer some suggestions on why this behavior recently began and how we may be able to globally address it?

    My immediate guess is that there is faulty logic in the code that updates the value of session.user_id. Apparently, one of the following scenarios might be happening.
    Coldfusion creates a session, X, say. Session.user_id is as yet undefined, so ColdFusion cflocates the user to the login page. The user logs in, still within session X. His session.user_id is set.
    Suppose, for whatever reason (and I know of at least two), the session drops. The user's very next request will make ColdFusion to create a new session, Y, say. Under session Y, the variable session.user_id, which corresponded to session X, will no longer exist. So ColdFusion cflocates the user to the login page. This cycle will of course repeat if left uncorrected.
    Another possible scenario is that the variable session.user_id is not set at all, or is set in the context of a new session. I am assuming that the login page is a form. Then login validation occurs at the action page of the form. Presumably the variable session.user_id is set at this action page. If so, then perhaps ColdFusion fails to set this variable, or a new session is created as the request goes from the login-form page to the action page.
    The 2 main reasons why a session drops are 1) it times out, 2) a new request starts a new session. Hence the following suggestions.
    1) Is your sessionTimeout value low, say, just a few minutes? If so, increase it to 20 minutes.
    2) Remember that the default behaviour of ColdFusion is to start a new session at every request. Use cflogin and cfloginuser together with loginStorage="session". Cflogin executes only if there is no logged in user, irrespective of the session. Therefore, getAuthUser() is a better authentication test than session.user_id.
    3) Use Application.cfc in place of Application.cfm. In particular, the CFC offers you more fine-grained control over the beginning and end of sessions.

  • Adoption of CFID/CFTOKEN from request for new session

    Hi
    We've noticed that ColdFusion automatically uses CFID/CFTOKEN
    from the request, if there's no session available for this token
    combination and ColdFusion creates a new session. Is there a way to
    tell ColdFusion that it shouldn't use the values from the request
    but generate a pair of its own?
    Regards
    Sargon

    10.12 is the latest and greatest SW version for the device (from mid-2010). 
    I'm sad to say, but this device model has been out of production already for a long while and no new SW releases can be expected. Also some of the things you listed are such, which would not even be fixable by new SW version, but would require other changes.
    you could probably try updating e.g. the browser app to a newer version via http://download.browser.ovi.com.
    http://www.microsoft.com/en/mobile/nokia-x-updates/
    http://www.microsoft.com/en/mobile/nokia-x2-update/
    http://www.microsoft.com/en/mobile/asha-software-update/
    http://www.microsoft.com/en/mobile/support/software-update/wp8-software-update/
    http://www.developer.nokia.com/Community/Wiki/Nokia_firmware_change_logs
    https://twitter.com/LumiaSWUpdates

  • JSessionID, CFId/CFToken-Which is predictable?

    I have results from our the new and improved PCI scan and it
    comes up with one Medium risk vuln.
    Description: The remote web application is using predictable
    cookie-based session IDs. Ideally, session IDs are randomly
    generated numbers that cannot be guessed by attackers. If the
    session ID is predictable, an attacker could hijack an active
    victim's session, allowing the attacker to interact with the server
    as though they were the victim. If the session ID is used to track
    the state of authentication, the session ID of an authenticated
    user could be guessed, bypassing any need for a username or
    password. In the case of this server, the session ID was found to
    have an insignificant number of changes between session IDs, which
    makes guessing very easy.
    Remediation: The software needs to be either configured or
    modified to generate random session IDs.
    I currently have enabled
    Use J2EE session variables
    Assuming I'm getting flagged because of cfid/cftoken
    predictablility I've setClientCookies = "no" and
    clientmanagement="no" and restarted the service and everything
    seems to be working with jsessionids alone... are there any
    pitfalls to watch out with not using cfid/cftoken?
    basic question before I pay for another scan is:
    I was under the impression that jsessionids were the most
    secure and a better alternative than cfid/cftoken. Is that not the
    case?
    EDIT: The scan occurred before I made the client variable
    changes to the applicaiton.cfm (so I had both jsessionid and
    cfid/cftoken being set) As of now only jsessionid is being set

    based on what OWASP has to say
    OWASP says
    "Best practice calls for J2EE session management. In the
    event that only ColdFusion session management is available, strong
    security identifiers must be used. Enable this setting to change
    the default 8-character CFToken security token string to a UUID.
    http://www.owasp.org/index.php/Configuration"
    It looks like the J2EE sessions are the way to go.
    I believe the reason for the PCI flag is that the scan (at
    least the one from the service we use) was looking at CFID alone. I
    assume this because cftoken -was- set to use uuid so it should have
    been secure. The scan probably doesn't know that cfid and cftoken
    are used in conjunction. So in a way this is a false positive.
    Based on the new standards coming in it is enough to be out of
    compliance.
    solution to be in compliance is to set clientmanagement="no"
    and setclientcookies="no" in application.cfm so that cfid and
    cftoken are not set at all By using only the jsessionid, you are
    following best practices from OWASP and also get the benefits of
    session end on browser close
    Other thoughts still welcome

  • How to view the session in the web container

    hi, Folks,
    is there any way to view the sessions in J2EE web container? I need to know how many living session currently in the web container.
    Thanks

    You did not indicate the Web Server version that you are using for web container. Assuming its Sun Java System Web Server 6.1, per Servlet 2.3 specification, you should be able to use of session creation and destruction events. This can be done using HttpSessionListener to count active sessions. Here's the docs for reference:
    http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpSessionListener.html
    Thanks
    Manish

  • How can I find out if a user has an active session

    How can I find out if a user has an active session or sessionObject in the application Server.
    When a user logs on to my web-application, I want him to be able to see a
    list of all the other users that are also loged on. To do this I need to get a
    list of all the session objects avaliable in the sever at that perticular moment?
    In J2EE 2.1 I found the class "javax.servlet.http.HttpSessionContext" with the method "getIds()"
    that returned all the session Id's. By using the method getSession(java.lang.String sessionId)
    from the same class, you could then retrieve the sessionObject.
    But these methods are depricated (and want to be able to use the
    latest version of J2EE).
    Is there any other way to do this?
    I'm using JBoss application server.

    Check out HttpSessionListener -> http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpSessionListener.html
    Essentially what you have to do is implement this interface. You also have to register the listener in your web.xml, like this:
    <listener>
        <listener-class>
            package.name.YourListener
        </listener-class>
    </listener>sessionCreated() will get called each time the app server creates a session and sessionDestroyed() will get called each time the app server invalidates a session. You could have a Map that contains all the active sessions, and a method for printing a list of all of the active sessions.

  • Problem with Sessions & CFID Changing Unexpectedly

    MY SETUP...
    ColdFusion version 8.01 Standard
    Hotfix version hf801-00002.jar 
    Java version 1.6.0_04
    server OS Windows 2008 Enterprise 32bit
    webserver IIS 7.0.6
    database MySql 5.0.67
    THE PROBLEM
    For some visitors, every page on the website gives them a new CFID/CFTOKEN. I tried to narrow it down to a particular browser, but it's happening in every browser. It's only happening for some people. It was happening to me, then it stopped. Not sure what I did to fix it, but it's still happening to others.
    I'm using CFID/CFTOKEN (or more recently, a random number stored in a session.variable) as their temporary ID when they add something to their shopping cart. Problem is, when the CFID or session value changes, the items in their cart are no longer associated with them anymore - their cart appears to be empty at that point.
    For the love of God, what is causing the CFID and Session variables to change on every page? I am storing the client global variables in a MySql table which was setup by CF Administrator and appears to be working properly.
    Lastly, this site has been working fine for years, all of the sudden after some PCI Compliance conformity and CF Patches, this problem arose, so I want to blame it on the patches, but I'm not sure.
    Has anyone else ever had this problem? How did you fix it?

    It can also be (and will always be caused) by any user who's browser (or any part of the connection) does not maintain the cookies.
    If the request does not contain a cookie with currently valid cfid|cftoken and|or cfsessionid values, ColdFusion will generate new ones.  This can be cause by security settings in the browser, OS, firewall, proxy etc.
    This has become an increasingly rare issue in modern Internet computing, but it was a fairly common back in the day when cookies where a new idea.

  • What is a "logged in user" on the "Active Sessions" report in CF8 Server Monitor?

    I was looking at the Active Sessions Report (The Chart View) and saw I have more "logged in users" than "active sessions".
    I had expected them to be nearly the same.    It's on our Intranet where I log users in (using cflogin and cfloginuser) at the begining of their session and users should be logged when the session ends.
    I couldn't find a detailed explaination of what a "logged in user" means.   There is a chance that the same user is logged into a nested application as well as the Intranet, but I don't think that is what I'm seeing.
    I also don't see a way to get a list of what CF is counting as a logged in user.  I can only see a way to get the total count.
    Any help is appreciated. 
    Thanks,
    Jeff

    Thank you Michael for the reply, but I don't think that is the issue.
    When a user opens their browser on the intranet, a session begins and they are logged in (using the cflogin and cfloginuser).    If they close their browser, the session should hang around for 20 min. (per the server setting).   I am assuming this is still considered an "Active Session" since I can see this behavior in the report.
    At first, the Active Sessions and Logged In Users are exactly the same.   When the sessions start to time out, the active sessions are reduced,  but the Logged In Users remain the same.    Then,  after a while, they start to move together.  So I have more Logged In Users than Active Sessions.
    I left the Server Monitor open last night and for most of the night, I had 0 sessions, but 57  "logged in users".   This morning, as people opened their browsers, the Active Sessions and Logged In Users moved together.   The gap of 57 looks consistent.
    It looks like people are remaining logged in after their session ended.
    I am really looking for a detailed explaination of "active session" and/or "logged in user" as used in the server monitor.  It would be really nice to find a way to list the details about each item counted in the "logged in user" and not just the total count. 
    Thanks Again for your reply.
    jsm

  • How to get active sessions in tomcat 5.0?

    Hi,
    As I am working on monitoring related requirement, I need to get no. Of active sessions,sessions created, etc.
    I found interesting code in ManagerServlet, As it has some protected methods, I cant call it from its object, I need to create servlet for my work, So I even can't extend ManagerServlet, So I've created one POJO for that, But now I need to populte the context and many other objects,
    Is there any other way out for this?,
    I really appriciate any kind of help. :-)
    -Jeff

    hi :-)
    http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets.html
    or
    http://www.google.com.ph/search?hl=en&q=java+servlet+tutorial&btnG=Google+Search&meta=
    regards,

  • Scalability Issues - Too Many Active Sessions?

    Hello,
    I'm having an issue with an application I built for one of the campuses at the college I work at. The application is a queuing system where there are stations for students to check in, admin stations where staff can see these students and "call" them, and displays outside each employees office that shows the student that was called. There are about 20 of these last type of display panels. I have the following code in my page footer to poll the DB for the most recent called student for a specific room:
    <script type="text/javascript">
    <!--
    var refresh_region = function( workstation_in, div_in ) {
        $.get(
            'wwv_flow.show',
            {"p_request"      : 'APPLICATION_PROCESS=F_NEXT_STUDENT',
             "p_flow_id"      : $v('pFlowId'),      //app id
             "p_flow_step_id" : $v('pFlowStepId'),  //page id
             "p_instance"     : $v('pInstance'),    //session id
             "x01"            : workstation_in
            function(data) {
                $(div_in).html(data);
        setTimeout(function() { refresh_region( workstation_in, div_in ) }, 5000);
    refresh_region( '&P7_WORKSTATION_IN.', '#next_student_div' );
    //-->
    </script>The OnDemand process, F_NEXT_STUDENT runs the following query and returns the result:
    select a.FIRST_NAME || ' ' || a.LAST_NAME
    into   full_name
    from   ONESTOP_QUEUE a
    where  a.WORKSTATION_ID_CALLED = in_workstation_id
    and    a.STATUS = 'CALLED'
    and    a.QUEUE_ID = (
       select min( c.QUEUE_ID )
       from   ONESTOP_QUEUE c
       where  c.WORKSTATION_ID_CALLED = in_workstation_id
    and    c.STATUS = 'CALLED');However, when all of these display panels are turned on (and I use code like this in other pages for similar purposes) the application becomes sluggish and eventually unresponsive. At first we had the application running off a box with Oracle XE. We eventually migrated to a full blown 11g install with APEX Listener and GlassFish. My DBA says everything looks ok on the DB side so I've been trying to dig in other areas to see where the bottleneck may be. After inspecting the Active Sessions report in APEX, I saw that there's a ton of connections being generated (> 30,000). This doesn't seem like a good thing to me and I'm trying to figure out what I'm doing wrong.
    At first I was using $.post() instead of $.()get. I was also using setInterval() instead of a setTimeout() loop. However, none of these changes seemed to really help the situation much. I'm at a loss for how else to improve the performance of this application. Any suggestions on what I can try?
    Most of the app's functionality is on apex.oracle.com
    WORKSPACE: SCCC_TEST
    USER/PASS: TEST/test
    Direct URL to the page (I pass in the worksation ID): http://apex.oracle.com/pls/apex/f?p=65890:7:0::::P7_WORKSTATION_IN:ADMISSIONS_1
    Thanks in advance for any help.

    Hi Patrick,
    UPDATE as of 3PM Eastern:
    This afternoon all users lost the ability to connect to the application. My DBA is still reviewing logs but it seems that the error isn't on the DB side. The application came back up after he restarted the Apex listener. We found a bunch of the following error in the Glassfish server.log file:
    [#|2013-02-25T14:34:39.021-0500|WARNING|oracle-glassfish3.1.2|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=11;_ThreadName=Thread-2;|GRIZZLY0023: Interrupting idle Thread: http-thread-pool-80(73).|#]The max threads is currently set to 100.
    After we came back up I went to page 4350:45 and cleared out all sessions. After a couple minutes I rechecked the number of sessions on this page:
    Total Sessions: 27,674
    Distinct Users over all sessions = 2
    Sessions older than 15 minute(s) = 4Seems like way too many sessions to have after just a couple minutes.
    End UPDATE
    Again, thank you for taking the time to reply. Everything seems to be working fine for the past couple days, but I figured I'd provide some current data, especially since I'm still curious about all these "sessions".
    Are we talking about page 4350:45 which shows the following information
    Total Sessions: 9
    Distinct Users over all sessions = 4
    Sessions older than 1 day(s) = 0
    Where does it show 17,400 sessions for you? It almost appears that your daily APEX jobs are not running which do normally purge old APEX sessions automatically. See http://docs.oracle.com/cd/E37097_01/doc/doc.42/e35129/dbms_jobs001.htm
    Yes, this was the page I was referring to. I just checked it now and it showed me the following:
    Total Sessions: 10,236
    Distinct Users over all sessions = 2
    Sessions older than 1 day(s) = 0And it does appear that the APEX jobs are running since there are no sessions older than 1 day... unless I'm interpreting this information incorrectly.
    Also, I was able to get some more data regarding page loading using the Debug info:
    14763     7751818952614     nobody     101     7     show     46     4 seconds ago     0.0000
    14760     7751818952614     nobody     101     7     show     46     9 seconds ago     0.5300
    14757     7751818952614     nobody     101     7     show     46     14 seconds ago     0.0150
    14754     7751818952614     nobody     101     7     show     46     19 seconds ago     0.0160
    14751     7751818952614     nobody     101     7     show     46     24 seconds ago     0.0160
    14748     7751818952614     nobody     101     7     show     46     29 seconds ago     0.0160
    14745     7751818952614     nobody     101     7     show     46     34 seconds ago     0.0160
    14742     7751818952614     nobody     101     7     show     46     39 seconds ago     0.0160
    14739     7751818952614     nobody     101     7     show     46     44 seconds ago     0.0160
    14736     7751818952614     nobody     101     7     show     46     49 seconds ago     0.0160
    14733     7751818952614     nobody     101     7     show     46     54 seconds ago     0.0160
    14730     7751818952614     nobody     101     7     show     46     59 seconds ago     0.0000
    14727     7751818952614     nobody     101     7     show     46     64 seconds ago     0.0160
    14724     7751818952614     nobody     101     7     show     46     69 seconds ago     0.0160
    14721     7751818952614     nobody     101     7     show     46     74 seconds ago     0.0160
    14718     7751818952614     nobody     101     7     show     46     79 seconds ago     0.0160
    14715     7751818952614     nobody     101     7     show     46     84 seconds ago     0.0150
    14712     7751818952614     nobody     101     7     show     46     89 seconds ago     0.5300
    14709     7751818952614     nobody     101     7     show     46     94 seconds ago     0.0000
    14706     7751818952614     nobody     101     7     show     46     99 seconds ago     0.0150
    14703     7751818952614     nobody     101     7     show     46     104 seconds ago     0.0150
    14700     7751818952614     nobody     101     7     show     46     109 seconds ago     0.0150
    14697     7751818952614     nobody     101     7     show     46     114 seconds ago     0.0150
    14694     7751818952614     nobody     101     7     show     46     119 seconds ago     0.0160
    14691     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5310
    14688     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5300
    14685     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5150
    14682     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5300
    14679     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5300
    14676     7751818952614     nobody     101     7     show     46     2 minutes ago     0.5300
    14673     7751818952614     nobody     101     7     show     46     3 minutes ago     0.0000
    14670     7751818952614     nobody     101     7     show     46     3 minutes ago     0.5930
    14667     7751818952614     nobody     101     7     show     46     3 minutes ago     0.5300
    14664     7751818952614     nobody     101     7     show     46     3 minutes ago     0.5460So I'm seeing a page load time of ~0.016 or ~0.53. When I click on the details for one of the longer page view, I get the following:
    0.00000     0.00000     S H O W: application="101" page="7" workspace="" request="APPLICATION_PROCESS=F_NEXT_STUDENT" session="7751818952614"     4
    0.00000     0.04700     Reset NLS settings     4
    0.04700     0.03100     alter session set NLS_LANGUAGE="AMERICAN"     4
    0.07800     0.03100     alter session set NLS_TERRITORY="AMERICA"     4
    0.10900     0.01600     alter session set NLS_CALENDAR="GREGORIAN"     4
    0.12500     0.03100     alter session set NLS_SORT="BINARY"     4
    0.15600     0.00000     alter session set NLS_COMP="BINARY"     4
    0.15600     0.00000     ...NLS: Set Decimal separator="."     4
    0.15600     0.00000     ...NLS: Set NLS Group separator=","     4
    0.15600     0.00000     ...NLS: Set g_nls_date_format="DD-MON-RR"     4
    0.15600     0.00000     ...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"     4
    0.15600     0.03100     ...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"     4
    0.18700     0.00000     NLS of database and client differs, characterset conversion needed     4
    0.18700     0.01600     ...Setting session time_zone to -05:00     4
    0.20300     0.03100     Reset NLS settings     4
    0.23400     0.03100     alter session set NLS_LANGUAGE="AMERICAN"     4
    0.26500     0.01600     alter session set NLS_TERRITORY="AMERICA"     4
    0.28100     0.03100     alter session set NLS_CALENDAR="GREGORIAN"     4
    0.31200     0.03100     alter session set NLS_SORT="BINARY"     4
    0.34300     0.00000     alter session set NLS_COMP="BINARY"     4
    0.34300     0.00000     ...NLS: Set Decimal separator="."     4
    0.34300     0.00000     ...NLS: Set NLS Group separator=","     4
    0.34300     0.00000     ...NLS: Set g_nls_date_format="DD-MON-RR"     4
    0.34300     0.00000     ...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"     4
    0.34300     0.01600     ...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"     4
    0.35900     0.03100     ...Setting session time_zone to -05:00     4
    0.39000     0.03100     Setting NLS_DATE_FORMAT to application date format: DD-MON-YYYY HH:MIPM     4
    0.42100     0.01600     Setting NLS_TIMESTAMP_FORMAT to application timestamp format: DD-MON-YYYY HH:MIPM     4
    0.43700     0.03100     Setting NLS_TIMESTAMP_TZ_FORMAT to application timestamp time zone format: DD-MON-YYYY HH:MIPM     4
    0.46800     0.00000     ...NLS: Set g_nls_date_format="DD-MON-YYYY HH:MIPM"     4
    0.46800     0.00000     ...NLS: Set g_nls_timestamp_format="DD-MON-YYYY HH:MIPM"     4
    0.46800     0.00000     ...NLS: Set g_nls_timestamp_tz_format="DD-MON-YYYY HH:MIPM"     4
    0.46800     0.00000     NLS: wwv_flow.g_flow_language_derived_from=0: wwv_flow.g_browser_language=en     4
    0.46800     0.00000     Application 101, Authentication: PLUGIN, Page Template: 61331314513900454147     4
    0.46800     0.00000     Authentication check: No Authentication (NATIVE_DAD)     4
    0.46800     0.00000     ...fetch session state from database     4
    0.46800     0.01600     fetch items (exact)     4
    0.48400     0.00000     ... sentry+verification success     4
    0.48400     0.00000     ...Session ID 7751818952614 can be used     4
    0.48400     0.01500     ...Application session: 7751818952614, user=nobody     4
    0.49900     0.03100     ...Setting session time_zone to -05:00     4
    0.53000     0.00000     Session: Fetch session header information     4
    0.53000     0.00000     Run APPLICATION_PROCESS= request     4
    0.53000     0.00000     ...Execute Statement: begin sys.htp.p( F_NEXT_STUDENT( in_workstation_id => apex_application.g_x01 ) ); end;     4
    0.53000     0.00000     Stop APEX Engine detected     4
    0.53000     -     Final commit     4Again, not sure if I'm reading this correctly but it seems that the steps that are taking the most time seem to be related to NLS settings... and I have translating turned off. This is consistent with all of the longer page views. As a side note, my DBA did turn archive log mode back on this weekend.
    Again, everything seems to be running smoothly at the moment so the above data is more to help satisfy my curiosity about the inner workings of Apex.
    Regards,
    Tadeusz
    Edited by: tdsacilowski on Feb 25, 2013 3:04 PM

  • Bounded task flow not executing in a default view activity.

    Hi,
    I am practising Region to Region Interaction between two bounded taskflows in an unbounded task flow.
    I will just illustrate the theme:
    *Unbounded task flow[ DEfault view activity(view1)]*
    view1 contains Bounded task flow task 1 and task2.
    task 1 contains fragment frag1 .
    task 2 contains fragment frag2. I want to establish communication between task 1 and task2 through contextual events.
    I have created managed bean seperately for each bounded taskflow bean1 in task1 and bean2 in task2 which are in session scope that is frag1 vaues are maaped to bean1 and frag 2 values are mapped to bean2.
    I completed full flow of creating contextula events and event map too. I was stuck with errror.
    So I created an application only with default view activity containg boundsed taskflow and fragments and respective beans without contextual event and event map , so that i can make sure atleast my basicview is executing properl;y. But I failed to have result.
    Error is shown below:
    <UIXRegion> <_warn> Error processing viewId: /task1/frag1 URI: /frag1.jsff actual-URI: /frag1.jsff.javax.el.PropertyNotFoundException: Target Unreachable, 'frag1' returned null     at com.sun.el.parser.AstValue.getTarget(Unknown Source)
         at com.sun.el.parser.AstValue.isReadOnly(Unknown Source)
         at com.sun.el.ValueExpressionImpl.isReadOnly(Unknown Source)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
         at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:117)
         at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:334)
         at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:767)
         at javax.faces.component.UIComponent.encodeAll(UIComponent.java:937)
    **somw lines removed since exceeding word length**
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
    <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
    javax.el.PropertyNotFoundException: Target Unreachable, 'frag1' returned null     at com.sun.el.parser.AstValue.getTarget(Unknown Source)
         at com.sun.el.parser.AstValue.isReadOnly(Unknown Source)
         at com.sun.el.ValueExpressionImpl.isReadOnly(Unknown Source)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
         at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:117)
         at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:334)
         **somw lines removed since exceeding word length**     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
    <Feb 14, 2013 10:09:12 AM IST> <Error> <HTTP> <BEA-101020> <[ServletContext@20743039[app:TaskR2R2 module:TaskR2R2-ViewController-context-root path:/TaskR2R2-ViewController-context-root spec-version:2.5 version:V2.0]] Servlet failed with Exception
    javax.el.PropertyNotFoundException: Target Unreachable, 'frag13' returned null
         at com.sun.el.parser.AstValue.getTarget(Unknown Source)
         at com.sun.el.parser.AstValue.isReadOnly(Unknown Source)
         at com.sun.el.ValueExpressionImpl.isReadOnly(Unknown Source)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
         Truncated. see log file for complete stacktrace
    >
    <Feb 14, 2013 10:09:12 AM IST> <Notice> <Diagnostics> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'DefaultServer' has triggered at Feb 14, 2013 10:09:12 AM IST. Notification details:
    WatchRuleType: Log
    WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
    WatchData: DATE = Feb 14, 2013 10:09:12 AM IST SERVER = DefaultServer MESSAGE = [ServletContext@20743039[app:TaskR2R2 module:TaskR2R2-ViewController-context-root path:/TaskR2R2-ViewController-context-root spec-version:2.5 version:V2.0]] Servlet failed with Exception
    javax.el.PropertyNotFoundException: Target Unreachable, 'frag13' returned null
         at com.sun.el.parser.AstValue.getTarget(Unknown Source)
         at com.sun.el.parser.AstValue.isReadOnly(Unknown Source)
         at com.sun.el.ValueExpressionImpl.isReadOnly(Unknown Source)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
         at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:117)
    somw lines removed since exceeding word length     
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
    SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = DS-E06995E6AA3D TXID = CONTEXTID = f03d4fb0a8f478c1:-6d1db003:13cd6f5c4ce:-8000-0000000000000039 TIMESTAMP = 1360816752931
    WatchAlarmType: AutomaticReset
    WatchAlarmResetPeriod: 30000
    >
    <Feb 14, 2013 10:09:16 AM IST> <Alert> <Diagnostics> <BEA-320016> <Creating diagnostic image in c:\users\dineshvishnukumar-c\appdata\roaming\jdeveloper\system11.1.1.4.37.59.23\defaultdomain\servers\defaultserver\adr\diag\ofm\defaultdomain\defaultserver\incident\incdir_248 with a lockout minute period of 1.>

    The error logs point to an error in your EL that references the frag1 bean. Firstly, rather than use session scope you must consider using pageFlowScope for your managed bean.

  • Cfid & cftoken keep resetting everytime time the page refreshes!!!!

    I need some assistance.  I have setup several CF applications and never had any issues with session/application management.  However this time around every time I refresh the page it gives me a new cfid and cftoken.  Obviously it won't allow me to keep my session and I get redirected to the log in page.  Here is how I am setting up my application.  Does anyone see any issues with this?
    <cfscript>
    This.name = 'ApplicationName';
    this.clientmanagement="no";
    This.sessionManagement = "yes";
    This.applicationtimeout = CreateTimeSpan(0,1,0,0);
    This.sessionTimeout = CreateTimeSpan(0,0,20,0);
    This.scriptProtect="All";
    This.setclientcookies = "no";
    This.setdomaincookies = "no";
    </cfscript>
    Side question, when is the cfid and cftoken suppose to change?  When I land on the page for the first time before I log in the cfid & cftoken get set.  That will be the same cfid & cftoken for the full session.  Then the cfid & cftoken gets dropped once the application has timed out?  (maybe a dumb question...)
    Please Help!!!

    If you setclientcookies to be FALSE ("no", whatever), then you need to deal with the CFID & CFTOKEN values yourself (generally by passing them on every URL in your site.  Which is a right PitA.
    Are you sure you meant to set it to FALSE?
    Adam

Maybe you are looking for