Writing Cookie from a Portlet

Similar Messages

• Writing Cookie from Custom Tag

  Hi Everyone.
  I am attempting to write a cookie from a custom tag with the following code.
  private void writeCookie(){
           Cookie cookie = new Cookie("TEST", "cookie_value_from_tag");
       cookie.setMaxAge(60*60*24*7* 52);
       cookie.setComment("Test_CookieFromCuttomTag");
       cookie.setPath("/student");
       javax.servlet.http.HttpServletResponse resp = (javax.servlet.http.HttpServletResponse)pageContext.getResponse();
       System.out.println("Adding test cookie from CustomTag");
       resp.addCookie(cookie);
       System.out.println("DONE Adding test cookie from CustomTag");
      }The cookie never appears on my machine.
  I see the messages that wrap the resp.addCookie() method
  so I know the code is being called.
  What am I doing Wrong?
  My Browser is set to accept ALL cookies.
  I am using Tomcat 4.1.27
  Any and all help is greatly appreciated
  Sean

  Actually, the cookie is not writing when I am using <jsp:include>
  It works fine when I do not use include
  the jsp I am using to include is
  <jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
  xmlns:registration="urn:jsptld:/WEB-INF/enrollment.tld"
  xmlns:html="urn:jsptld:/WEB-INF/struts-html.tld"
  xmlns:logic="urn:jsptld:/WEB-INF/struts-logic.tld"
  xmlns:bean="urn:jsptld:/WEB-INF/struts-bean.tld"
  xmlns:common="urn:jsptld:/WEB-INF/common.tld"
  version="2.0" >
  <jsp:directive.page language="java" contentType="text/html;charset=UTF-8"/>
  <html  xmlns:jsp="http://java.sun.com/JSP/Page">
    <body>
        <jsp:include flush="true" page="forgotPasswordChallenge.jsp"/>
        <jsp:include flush="true" page="new_forgotPassword.jsp"/>
        <common:validation_message/>
    </body>
  </html>
  </jsp:root>the custom tag is <common:validation_message/>
  Any Ideas on why this is occuring?

• How do you stop unauthorized cookies from appearing in Safari?

  Hi ,
  I'm using Safari 5.1.10 and system 10.6.8.  I've gotten all the security downloads available, but I seem to having issues with unauthorized  cookies appearing. These seem to appear even though I've not visited their websites, and have Safari set to accept cookies from only sites I've visited.
  After going to Preferences:Privacy: remove all website data: then remove all cookies,
  If I just wait a few minutes, I get 72 website cookies restored to  my computer, without doing anything. These include cookies from google, alibaba, 2mdn.net, facebook, microsoft, oracle and many more.  Some of these  declare they are using local storage, others the catch, while others just declare themselves as cookies.
  These appear in spite of the fact that I have the preferences set to block cookies from third party advertizers, set Extensions to OFF, but have Javascript enabled, and allow Java, but deny all other plug-ins.
  If I unclick the allow Java button in Preferences:security, then  11 of these cookies sneek back in, but the others seem to be blocked. Those that come back include Alibaba, apple, google-analytics, "local documents on my computer", machine-seeker, wikipedia, and a few others.
  If I disable JavaScript in Preferences:Security, now I get only cookies from sites I've visited, as I'm supposed to, according to the settings in my Safari preferences.
  So it seems that some unscrupulous information collectors are collecting data  even when the Safari settings should prohibit it. Unfortunately, some of the sites I visit ( Like Apple support communities)  require that Javascript be enabled, so I don't know how to stop this. 
  The problem is that I've found these unwarrented cookies appear to slow down my internet connection speeds  by  ~ 95% ( Try removing them and disabling Javascript to see what happens) in addition to it being an invasion of my privacy. In addition, it really bothers me that some of these sites are storing local documents on my computer without permission.
  As I've said, I've already installed ALL the pertinent security updates.  Does anybody have any idea how to stop this from happening? I presume this is also happening on my iphone and ipad as well, but haven't checked.
  I see that Safari was sued by Apple in 2012 for doing just this same thing, but they appear to be up to their old tricks, as well as many other companies.
  Thanks

  Hi,
  I've investigated this phenomena  of UNauthorized Cookies a bit more  in the past few days and found their cause  and uses goes very deep down the internet rabbit hole.  While most browsers allow the user to delete cookies, or to block cookies from third parties, third parties may place cookies or "cookie equivalents" on your computer through a large variety of back doors. The most pernicious type  of such cookie is euphemistically  called a "Zombie Cookie"  or a "supercookie".
  These may reside in a number of places either in  your own computer or remotely on the web. Deleting zombie cookies or supercookies is generally ineffective, because they are reinstalled in your browser, or worse, just exchange information with your browser withouth leaving a trail of cookie crumbs, the next time you get online. Some of these zombie cookies are not browser specific, so they can be accessed through all browsers on your computer. 
  The reason that you may never have heard of supercookies, and the reason they are so hard to find and get rid of, is that their deployment is deliberately sneaky and designed to evade detection and deletion. This means that most people who think they have cleared their computers of tracking objects have likely not. The European Union has recently taken action to make illegal the emplacement of "non-essential" cookies  on your computer, but the United States, being less concerned about your personal privacy, and more concerned about  making it easy for companies (and the government) to eavesdrop, has not.
  The following is a list ( probably incomplete) where zombie cookies may be hiding on your computer:
  Standard HTTP cookies
  Storing cookies in and reading out web history
  Storing cookies in HTTP ETags
  Internet Explorer userData storage (starting IE9, userData is no longer supported)
  HTML5 Session Storage
  HTML5 Local Storage
  HTML5 Global Storage
  HTML5 Database Storage via SQLite
  Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
  Local Shared Objects
  Silverlight Isolated Storage
  Cookie syncing scripts that function as a cache cookie and respawn the MUID cookie[4]
  If a user is not able to remove the cookie from every one of these data stores then the cookie will be recreated to all of these stores on the next visit to the site that uses that particular cookie, or in some cases, just the next visit to the internet, even though you may have barred 3rd party cookies from being emplaced in your browser. Every company has their own implementation of zombie cookies and most are kept proprietary, although an open-source implementation of zombie cookies, called Evercookie,[5] is available and commonly used.
  One  such common type of supercookie is called Local shared objects (LSOs), or more commonly Flash cookies (due to their similarities with HTTP cookies), are pieces of data that websites which use Adobe Flash may store on a user's computer. Local shared objects are used by all versions of Adobe Flash Player and version 6 and above of Macromedia's now-obsolete Flash Player.[1]
  It is possible to see who is using Flash cookies on your computer, (and remove them) by going to the adobe website storage settings panel : (http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_man ager07.html).  This takes you to a settings manager  figure. This  Settings Manager figure that you see on this page is not an image; it is the actual Settings Manager for your computer. Click the tabs to see different panels, and click the options in the panels to change your Adobe Flash Player settings.
  So far, I have not been able to find a method of removing or inhibiting zombie cookies that use HTML5 local or global storage locations. Some browsers may provide such power, but Apple Safari apparently does not.
  For more information on supercookies see:
  https://www.bestvpn.com/blog/8177/super-cookies-flash-cookies/
  There are some ways to reduce your load of unwanted cookies and local storage  type cookies using  extensions such as AdBlock or Disconnect,  But I've tried some of these and it doesn't seem to  stop very many of them, even though the Disconnect extension is said to block over 2000 of these types of  cookies.
  For those who are trying to ride under the radar by using some of these extensions or software blockers, be aware that use of these may actually make you more visible because of browser fingerprinting.  Whenever you visit a website your browser sends data to the server hosting that site. This data includes basic information, including the browser name, operating system, and exact version number of the browser. This information is known as passive browser fingerprint because it happens automatically. However websites when blocked, can also easily install other types of scripts that ask for additional information, such as a list of all installed fonts and plugins, supported data types (so-called MIME types), screen resolution, system colors and much more. Because this information has to be solicited from your browser, it is known as active fingerprinting. Taken altogether, the various fingerprint attributes can be almost instantly (it takes just a few milliseconds to run algorithms that compare millions of fingerprints) combined to create a unique fingerprint that can be used to very accurately identify an individual user, no matter if cookies have been deleted or IP address changed between website visits.
  For an article on browser fingerprinting, See : https://www.bestvpn.com/blog/8159/browsers-fingerprint-reduce/
  The bottom line is that if you use the internet, your browser history is being tracked by a myriad of companies and government agents, and it is likely not possible to stop this.  For those who work in science, industry or government and are working on sensitive topics or novel product development  that  another company or government may find interesting, there appears to be many ways to recreate  what you are working on by studying your browser history, or installing worms to view exactly what you are writing or reading.  It came as somewhat of a shock to me to see just how pervasive internet spying has become, and it's not just malicious or destrustive agents who are doing so. Google didn't become a $350 billion company by simply bringing nice toys to us to play with. The real value of the internet comes from the trade and sale of secretly obtained personal information from you and I and everyone else, and its sale to all who will pay for it.

• How can I pass information from one portlet to another?

  First, some background...
  I am using Portal 5.0.2 and developing portlets using JSP/Java on a remote server.
  I need to pass information from a portlet on pageA to another portlet on pageB, but I can't do it using the traditional methods, such as query string, session, cookies, etc. due to either portal framework limitations or because of functional constraints (basically, a user will not necessarily be logged in to the portal, but he can view anything available to the GUEST user). Here are the different ways I've considered using to save state and their limitations:
  Query string: can't use this because portlets on remote servers don't have access to it
  Cookies: if user disables cookies, code will not function properly
  Session variables: limited to one user's connection with one portlet (i.e., can't access a session variable set in portletA from portletB)
  Application variables: because the user may not be logged in, I have no way of uniquely naming variables, which is a necessity in order to maintain state for EACH user
  User Settings: again, the user may not be logged in, so I can't use these
  PCC: can't access client-side variables because server-side JSP executes first
  Are my assumptions above correct? Has anyone had any success using one of these methods given the same constraints, or does anyone have an alternative solution? I'd certainly appreciate any help anyone could provide.
  Thanks,
  Jose

  One possibility would be to use a Login PEI to set a unique UserInfo Name/Value for the user. I think in 5.0 each guest session is unique, so would have unique UserInfo. Then you could pass this value to your portlet (by specifying it in the web service) and use it as a key into a Application-scoped hashmap where you store your info. In other words, your Application variables option, but you have a way of uniquely naming your variables via PEI-set UserInfo.

• WHY does "block cookies from 3rd party and advertisers" allow a FLOOD of cookies, and caches?

  My next previous computer was a powerbook circa 2003, and I got it up to 10.4..and I could easily manage cookies, see what they were and who from- AND when Isaid block them it WORKED.
  What the **** is going on with this bit where they offer a block 3rd arty cookies and from advertisers - chcek box, but it STOPS NOTHING?
  This may be a deal breaker- can I go back to an older safari?

  It's not really an issue of Safari as such, but that the web developers have found all sorts of ways - evercookies, Flash cookies, and a number of other strategies - around the normal web cookies which is all a browser's cookie management is designed to handle. Other web browsers have more sophisticated cookie management (OmniWeb had the most complete I ever came across), but none can completely manage all types of cookies. If you want more complete management, you'll need to look to third-party cookie managers. I use Cookie from Sweet P Productions and found it to do a good job of cleaning up most cookies, but nothing is completely foolproof. It's rather like the race between virus developers and those writing antivirus utilities, though of course nowhere near as consequential.
  Regards.

• How to get the cookie from a web service using Axis

  I used the AXIS wizard to consume a WSDL and create a bunch of boiler plate code. It works great in that I can talk to the web service and submit requests.
  The problem is that I need to retrieve the cookie from the login request and use it when making subsequent requests. I have been unable to find the cookie and would appreciate a point in the right direction.
  Currently I'm trying something like this
  String cookie = (String)((Stub)service)._getCall().getMessageContext().getProperty(HTTPConstants.HEADER_COOKIE);
  Thanks in advance.

  Answered on my own:
  Just have to use
  x_result = http_client->response->get_data( ).
  instead of
  x_result = http_client->response->to_xstring( ).
  Just don't knwo why the filesize is wrong also - but I can work with this image!

• File Not found error when calling Form Post Method to a JSP from JSP Portlet

  I have built a set of JSP forms using post method to call other JSPs. Normally, the code looks like
  <form name="MyForm" action="MyJsp.jsp" method="post">
  I migrated the calling form containing this code to a portlet, but not the MyJsp.jsp. When I submit the form, I get a file not found in Jserv.log
  Exception:javax.servlet.ServletException: java.io.FileNotFoundException: D:\servlet\RegisterCompany.jsp (The system cannot find the file specified)
  [14/06/2001 13:59:59:679 PDT] JspServlet: unable to dispatch to requested page: Exception:javax.servlet.ServletException: java.io.FileNotFoundException: d:\oracle\isuites\apache\apache\MyJsp.jsp (The system cannot find the file specified)
  I notice that launching the calling jsp from a portlet, my opriginal context that uses ../Apache/Apache/htdocs is not being searched for the JSp. Why is this? Moreover, I try to set up an Alias in httpd.conf file to the this director and use it with the jsp in the action tag, but still get an error that my jsp servlets/Myjsp can't be found. Why is it insiting on looking at servlets context instead of htdocs.
  I have none of these issues outside of Portal30 using IAS.
  regard

  Initially, I couldn't do this unless I moved tghe jsp's up to the root directory of IAS, i.e ../Apache/Apache. Nomrally, htdocs is my doc directory for IAS. I could not do http:\\myUrl\htdocs\myJsp. If I tgried this, I got an error in Apache error logg that said can't find file ..\htdocs\htdocs\MyJsp.jsp.
  If I just tried the the URL http:\\myUrl\MyJsp.jsp with Jsp file in htdocs, I would get an error in the Jserve log that file d:\oracle\isuites\apache\apache\MyJsp.jsp could not be found. Once I moved the file MyJsp to Apache/Apache directory, it could be found using http:\\myUrl\MyJsp.jsp. Later, I delted these files and kept the ones in htdocs and they continued to work.
  I'm confused why launching pages through portal isn't consistant with Apache Standards. Where is the documentation that tells me how to configure context and aliases for pages launched from portal pages?
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Sue Vickers ([email protected]):
  David,
  Passing information using Portal is different than just using Apache/Jserv. Does it work in portal if you use the absolute path?
  <form name="MyForm" action="http://host.domain/MyJSP.jsp" method="post">
  Portal will not be on the same relative path as your Apache, so you may need to adjust your action somehow.
  Thanks,
  Sue<HR></BLOCKQUOTE>
  null

• How can I redirect to an URL from a portlet?

  I'm using Bea Workshop 8.1 and trying to perform a redirect from inside a portlet
  using HTTPServletResponse.sendRedirect(String url)... but nothing happens ((
  I tryed the same trick with a simple JSP, and that's ok, but portal pages obviously
  catch the redirect somehow.
  Please could you tell the correct way of redirecting the whole browser to another
  page from inside portlets?
  Thanks!!!

  Backing files is an option. If you need to do it from the controller, you
  could use the Forward object. The forward object constructor can take a URL
  object as a parameter. This should do the trick.
  Regards,
  Kunal
  "Panji Aryaputra" <[email protected]> wrote in message
  news:[email protected]..
  Hi, you have to use backing file to get what you want. In my case, I am
  using a page backing file. Perhaps a portlet backing file can do thatalso.
  Cmiiw, the redirect header makes the page redirected only if the httpheader
  has not been sent to client. In your case, the header has been sent (i.e.
  the portal header.jsp has been displayed, etc). So the header need to be
  sent before anything else sent to client browser. This is where thebacking
  file comes handy.
  hth
  panji.a
  "A Hagen" <[email protected]> wrote in message
  news:[email protected]..
  I'm using Bea Workshop 8.1 and trying to perform a redirect from inside
  a
  portlet
  using HTTPServletResponse.sendRedirect(String url)... but nothing
  happens
  I tryed the same trick with a simple JSP, and that's ok, but portal
  pages
  obviously
  catch the redirect somehow.
  Please could you tell the correct way of redirecting the whole browser
  to
  another
  page from inside portlets?
  Thanks!!!

• How do I stop tracking cookies from respawning every time I open a Firefox window?

  I'm in Firefox 21. I tried to delete my cookies, but when I close and reopen the "Show Cookies" window, all cookies have respawned, including many third party advertising cookies from sites I have never visited, sites such as 2o7.net, interclick.com, adlegend.com, and about a hundred others. This is in spite of the fact that I have "Accept third-party cookies" unclicked. How can I delete these advertising tracking cookies and ensure that they never come back?

  Additional Detail: If I close all tabs and windows of Firefox, then the cookies do not respawn; the cookies window then remains empty. However, once I open a window and navigate to any page, they all come back.

• Whats happened to the 'Only allow cookies from websites I visit' option gone in Safari 5.1.7?

  I'm sure there used to be an option to only allow cookies from websites I visit in earlier versions of Safari so my question is have Apple removed some very useful functionality from Safari or have they just hidden somewhere else?

  Chains,
  I use Cookies by Sweet P Productions.  It manages your cookies, letting you choose favorites for cookies, flash cookies, and databases (I didn't know about some of these so I had to educate myself!).
  They also have a FREE app/extension/addon called Safari Cookies - only for Safari not other browsers.  I started out using it, but it does install something called SIMBL, and I've heard negative things about it.  Nothing serious, but I decided against it.  The paid program is a true app/program and does not use SIMBL.
  Right now, they actually have their Cookies program on sale  (FREE stuff at the bottom of page).  You can find their stuff here:  http://sweetpproductions.com/
  I have been using them for almost a year without any issues or problems and it's pretty easy to set up.  It's worth it for you to check it out and decide for yourself.
  Good luck!

• File download from a portletized ADF app running in webcenter spaces.

  Hi,
  I am having trouble downloading non static files from a portletized(with ADFPortletBridge) ADF application running as a portlet producer in Webcenter spaces .
  This is my scenario :
  Jdev : 11.1.1.3
  Webcenter : 11.1.1
  The ADF app has a query page, that uses the af:query component to do a query and display results on a table. This table data need to be exported as a file with some changes like splitting address to component city and state columns .
  The ADF app makes use of af:filedownloadlistener to get this(HTML formatted file with an .xls ext is our current preference to get it to open in excel, but could be anything) done . The ADF app works just fine, but as section 30.2.5.5 in the web center dev guide points out http://download.oracle.com/docs/cd/E14571_01/webcenter.1111/e10148/jpsdg_bridge.htm#CACBHDEF
  > The <af.fileDownloadActionListener> component is not supported.
  The actual behavior however is that the export happens when triggered, but the component keep serving up the same file it created the first time it got invoked every subsequent time. The same file is served even across sessions.
  The alternatives I've considered so far are :
  1. <af:exportCollectionActionListener> - Exports what you see on the UI table. Would not work for us, because our exported data is different than whats on screen. (eg: whole addresses are displayed as a single column, but broken down as component city and state columns in exported data )
  UPDATE : <af:exportCollectionActionListener> exhibits the same behavior as <af.fileDownloadActionListener> in a portlet environment. The first time after deployment it works, and every subsequent time (across sessions) it serves up the same file it first generated.
  2. redirect to a servlet - admittedly half baked idea - fiire an action that will generate the report, then put it in sessionScope , redirect to a servlet that would pick up the report from session and stream it to the user by setting the servlet's response content type. Very unsure if this would fly in a portlet environment (sorry, I'm new to portlets) and even if it does, section 30.2.5.2 in the web center dev guide says :
  Do not redirect or forward a request within your JSP. JSR 168 only supports requestDispatcher.include(). The use of httpServletResponse.sendRedirect() or requestDispatcher.forward() results in exceptions and errors. Am I overlooking some feature that would let me do this or whats the recommended method to achieve this functionality of exporting a file generated at run-time in a portlet environment ?
  Edited by: Jeevan Joseph on Oct 14, 2010 1:02 PM

  I'm facing the same problem. Do you have any news on this issue?

• Is there a way to have Firefox keep cookies from only certain sites?

  I want to allow Firefox to retain cookies from only certain sites. Is there a way to do this? My understanding is that it is much riskier from a security standpoint to allow cookies to remain in the browser continually. So I have it set to remove them when Firefox closes. But there are a couple of sites I trust and it would make things a lot better if I could keep their cookies.

  I'm not aware of such an add-on, but it might exist. There also might be a Greasemonkey userscript that will load the pages and fire the save.
  This thread discusses way to save pages once you have them loaded: [https://support.mozilla.org/en-US/questions/923234 How to save a website using firefox. | Firefox Support Forum | Firefox Help].

• Need to remove the "customize" from a portlet

  Hi Everyone,
  Hoping someone can help with this...
  I would like to remove the "customize" link from the portlet header. There are no user servicable parts inside when the portlet appears, it has essentially all it needs to function properly.
  Can I make a PL/SQL call before the page is rendered to disable this?
  Is there an example somewhere I have not yet found?

  I'm sorry most of these options won't help.
  1) Header will disappear altogether, Including title.
  2) The same problem
  3) If you don't give Edit privileges to a folder you still will be able to customize the portlet.
  4) Can work, but it is very time consuming to create a portlet with the same functionality as the folder portlet. I heard that this will be solved anyway in future releases.
  Another option is giving the header (customize) text the same color as the background (using page style). But this option also has disadvantages.
  a. You will still be able to click on customize (although you cannot see the text)
  b. In some browser you still see the underline.
  Regards,
  Bram
  null

• Unable to read Cookies from Browser

  Hi All,
  The following is the scenario:
  Portal 1
  We have intranet portal which is developed using ASP.NET and upon successful authentication a cookie(logged-in user) is created in the browser.
  Portal 2
  We have another portal(running on Apache tomcat) has to read the cookie(logged-in user) from the browser and display the welcome text 
  Initially the user access portal 1 after successful authentication the user access portal 2(by overwriting in the browser) which should read cookie from the browser and display the successful text.
  If the URL is overwritten in the browser with portal 2 we are unable to read the cookies.
  Pls suggest possible solution.
  Thanks
  vijay

  I have the same issue with Q10
  when i try to hold the link, the menu has lots of options one of them is save file on link. even by selecting that nothing happens. :"( ..

• Getting "Set-Cookie" from response message

  Hello XI SDN'ers,
  I am calling an external webservice through my "SOAP (Axis)" adapter and I am getting the response. The response header looks like this:
  HTTP/1.1 200 OK
  Server: Apache-Coyote/1.1
  X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
  Set-Cookie: JSESSIONID=4DF8F0B8FAF5A1F2D7EE6A0110A33E70; Path=/
  Content-Type: text/xml;charset=utf-8
  Date: Mon, 26 May 2008 10:07:58 GMT
  Connection: close
  I want to get this "Set-Cookie" from my initial "Login" response and set the cookie in further "Synchronous Request" so that I won't loose my sessions.
  so I wrote my UDF to get this SetCookie:
  DynamicConfiguration conf = (DynamicConfiguration) container
      .getTransformationParameters()
      .get(StreamTransformationConstants.DYNAMIC_CONFIGURATION);
  DynamicConfigurationKey key = DynamicConfigurationKey.create(
  paramNamespace, paramName);
  String value = conf.get(key);
  return myString;
  but I am getting "Null" value.
  Please correct me to get "Set Cookie" value from my response!
  Thanks & Regards,
  Satish.

  Hi,
  Check this URL for more clarification:
  help.sap.com/saphelp_nw70/helpdata/en/a6/10b98ae47ef14799a918db66ee9477/content.htm - 34k
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b092777b-ee47-2a10-17b3-c5f59380957f
  Thanks,
  Boopathi