Web Services :: Rest Session Not Getting Invalidated After Invalidating UI Session?

Dec 17, 2014

I have 2 war in 1 EAR.

War A corresponds to UI

War B corresponds to Rest

1) From War A, I login to the application and then fetch some users that is a rest call. I get the response back from rest in json form that ui consumes and display the data on page.

2) Now I click on the logout link from ui jsp. This logs out the session from Ui. I use <form data-dojo-type="dijit/form/Form" based logout.

3) I then go to the proxy (using burp) and manually request the rest call which I made in step no 1), the rest gives the response back with the same json object returned in step no 1) This shows that the logout action on step 2) is invalidated the session from War A (ui war) but the session or cookie based from WAR B (rest war) is not invalidated.

Expected outcome:After I Logout from War A(ui war), the session must also get invalidated from war B (rest war) and manually request from proxy should not get the same response object as received in step 1)

View Replies


ADVERTISEMENT

JSP :: Page Directive Attribute Session False - Yet Session Created

Feb 26, 2014

May be I did not understand the meaning and usage of attribute "session" in page directive. My understanding is if session=false, in page directive, then the JSP page will not participate in the session. However, I have my welcomepage as below:

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" session="true"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
........
.......
<%= session %>
<c:out value="${pageContext.request.session}"/>

if I choose session=true, then both ways of accessing session works , which means the JSP page participated in the session.

But if I change the session=false, then <%= session %> fails, but <c:out value="${pageContext.request.session}"/> does not fail.

how can c:out still show the session, when session = false

View Replies View Related

Servlets :: Can Access Session Object Even Session Is Time Out

Jun 4, 2014

Can I access the session object even session has been expired? I need to check whether session is expired or not for each request.The session invalidation is set null the session object. What I concluded, session time out I can access session object but session invalidation I can not access session object. How can I find the session time out by using session object?

View Replies View Related

Servlets :: Updating Session Value But Same Session In JSP Page Not Updated

Jul 8, 2014

I am developing a e-commerce college project, here i add the items in the cart(a div tag in the jsp page) via servlet by creating sessions,

flow control: shopping jsp (when user wants to add an item in the cart) --> item servlet (which is used to create session and synchronized it) --> cart servlet(which is used to add items in the arraylist and show them in the shopping.jsp's div tag + it also sets the total purchase amount in the session variable "totalpurchase")

now after that user wants to proceed to checkout, here i use the onclick event to check the minimumshopping amount must be less than the totalpurchase (totalpurchase which i had setted in the session),but my jsp page is unable to rechognise the updated value of the totalpurchase, yes, if i reload the page, it rechognises the new updated value of the totalpurchase? but i want it to rechognise the updated total purchase value, without reloading he jsp page..

View Replies View Related

Web Services :: How To Implement Rest API

Mar 26, 2015

how to implement the Rest API which is like "URL...". And how to implement in Java where the class extends ServerResource.

View Replies View Related

Web Services :: Rest Modify Resource

Jan 20, 2015

"citizen":{"name":"John", "gender":"M","age":32}

Now, I only want to change age to 35, which method should I use and how should the payload/URL look like to be RESTful?

View Replies View Related

Web Services :: How To Use Special Character In URL Using REST Web Service

Mar 19, 2015

URL....my file name can contain special characters but when I passing this file name as a parameter in URL using REST.I am getting exception.

View Replies View Related

Web Services :: WebDav HTTP Extensions And REST

Nov 26, 2014

Are the WebDAV extensions related to REST principles? What I mean by that is, REST is an abstraction of the WWW architecture and the WebDAV is just an extension to the HTTP. So can we say that when I speak in terms of REST API's, I can restrict myself to HTTP and not HTTP extensions like WebDAV?

View Replies View Related

Web Services :: REST Interceptor Argument Pass Through

Mar 22, 2015

I hope this is the right forum. My question is about REST interceptors. I've got the code:

package edu.psu.swe.fortress.poc.interceptor;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

import javax.enterprise.util.Nonbinding;
import javax.ws.rs.NameBinding;

[Code]...

The output from the debug show that permissions values inside of the ResourceImpl contains the values I'd expect (foo,bar), but inside the interceptor, they're missing. Is there a way to get the arguments in ResourceImpl to pass through to the interceptor?

Log output looks like:

15:59:55,223 INFO [stdout] (default task-9) @edu.psu.swe.fortress.poc.interceptor.FortressProtected(permissions=[])
15:59:55,229 INFO [stdout] (default task-9) @edu.psu.swe.fortress.poc.interceptor.FortressProtected(permissions=[foo, bar])

View Replies View Related

EJB / EE :: Session Bean Must Not Extend Another Session Bean?

Nov 9, 2014

I have tried this example ([URL].../) with CarDao extending the BaseDao, it works like a charm.However, from the CarDao class, my NetBeans underlined the class name “CarDao” with the error message “A session bean must not extend another session bean.” But I can compile, deploy and run the application without any problem.

I have also heard that a session bean cannot extend another session bean, but why it works here?

I am using Java EE 6, NetBeans 8.0.1 and WebLogic 12c for this code testing.

View Replies View Related

Web Services :: Getting Connection Time Out - JSON Rest Client For POST Request

Mar 23, 2015

I want to write one REST client program for POST request ,request and response is in JSON Format.

public String getAck() {
HttpURLConnection httpConnection = null;
URL url=null;
try {
url = new URL("http://test:8080/ils/main");
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();

[Code]....

Line OutputStream os = httpConnection.getOutputStream();

I am getting connection time out problem

View Replies View Related

JSF :: Updating Session Value

Apr 29, 2014

I am using JSF2 with Primefaces. Here is my business requirement-Hidden field on JSF page should take the value from the session object that is set in managed bean. Session object is updated every time when the user submits the page. I am able to update the session object in the managed bean and able to get the value in the hidden field first time and after that i see the same value in the hidden field even though session object has different value. Here is the hidden field: <h:inputHidden id="xyz" value="xyz"/> i tried using sessionScope but still didn't work.

View Replies View Related

JSF :: Immediate Session Timeout

Jan 27, 2014

I have set the session timeout in web.xml to 60 but when I start on the home page and begin to enter any data I immediately get redirected to the timeout page.From the timeout page I can click a link that takes me to the home page. Now I get the 60 minutes before another timeout occurs. Changing the timeout only results in a change to the timeout after going back to the home page..why I am seeing an immediate timeout?

View Replies View Related

Servlets :: How To Use Session

Apr 16, 2014

I'm trying to go back to basic and strengthen some of my foundation. I'm wondering what kind of data would be appropriate to be stored inside a session? My app is a web app where all the users are the employee of a company. So it's an web-based app that keeps track of stock movements, purchasing and sales order (standard distributor company). The web app interacts strictly with employees, so no public facing app (yes, that's right, no shopping cart). So, in this kind of web app, what kind of data that by storing it to session.

View Replies View Related

Session Creation For Users

Apr 3, 2014

I am making a Java project using Eclipse,oracle 10g and Apache tomcat.

Now my problem is that I cant create a session for the users. I have coded on jsp pages mostly.

Session creation using HttpSession through servlets or jsp

View Replies View Related

JSP :: Initializing Captcha From Session

Feb 26, 2015

I am new to JSP and I'm having a problem with captcha containing a value in the field when toggling from the first page to another and clicking submit on the second page before entering data to validate the fields and the code just falls through and returns the error "Please enter the correct code". The values returned are (captcha)96043 (code)null, captcha is not null because it is retrieved from session which is the last value captured from the page I'm assuming.

I've used request.getSession().removeAttribute( "captcha" ); before building the page to clear out the values, resetting captcha to null etc.; nothing is working.

Here's the code:

boolean isPostBack =false;
String captcha = (String) session.getAttribute("captcha");
String code = (String) request.getParameter("j_captcha_response");

[code]....

View Replies View Related

JSP :: Generating Unique ID With Session

Sep 5, 2004

Is it a good idea to use the date and time with the first or last few values of the session ID. Or should I just use the complete session ID value for my "unique id"?

View Replies View Related

JSF :: Saving A Session Attribute?

Mar 13, 2014

How can I store in database an user Session attribute along with other informations provided in the same form?

<p:outputLabel value="user ID:" for="informer" />
<p:inputText id="informer" value="#{session.getAttribute('userID').toString()}"
title="informer" disabled="true" />

I've already tested with disabled="false", too, but only the Session attribute is saved as NULL, though it appears in the form field. The other fields are saved properly.

View Replies View Related

JSP :: How To Access Session From Different Context

Apr 4, 2015

How to access session from different context? I have created a session in one jsp, in one context and trying to access it from different context. But, I was unable to access the same. How to achieve it?

View Replies View Related

Compare Session Value With Textbox?

Oct 2, 2014

I could get my session values in my jsp, now I want to compare the session value whether it matches the textbox, if it matches, it will redirect the user to another page else it will remain the same page.

View Replies View Related

JSF :: Passing Session To Different Machine

Aug 4, 2014

In my JSF application user starts on primary server where the session begins and then the user is redirected to a different server using sendRedirect. I want to pass some authentication token to the next server from primary server. I am trying to set session attribute as:

request.getSession().setAttribute("auth_token", "1");

And then send it to the next server as:

response.sendRedirect(encodedUrl);

But this attribute is not reaching the new server. I cannot pass this auth_token as request parameter as that wont be secure. So how to get some session data to new server?

View Replies View Related

EJB / EE :: Session Beans Concurrency

Jan 13, 2015

I'm trying to understand the concurrent model of each EJB session bean types.

The singleton is well documented and seems clear to me... Only one instance and many threads using it but each method by default is synchronized because @Lock is defaulted to WRITE. We can let multiple threads use on method with @Lock(READ).

The stateless beans are in a pool I think I read somewhere that the container will ensure only one thread is using one instance at a time but this instances are recycled/reused so many threads can use the same instance but one at a time.

Is this correct ? or is it possible that multi-threading occur in one instance of SLSB ?If in the client I obtain a single reference of a SLSB and share this "instance reference" in multiple threads is it true that all the threads could use different instances on the server side ?

The stateful instance I obtain in the client is linked to one server instance and any method call will target the same instace. If many threads are using the same reference, all method calls will be synchronized and waiting for a certain amount of time that can be defined in @AccessTimeout and if the timeout is reach will end with a ConcurrentAccessException.

Can we use @Lock(READ) and let many thread use the same method like in a singleton ?

View Replies View Related

JSF :: Application / Session Bean

Jan 30, 2015

When i create an application Bean how i can update it from another bean? Lets say application Bean has variable h=1 and i want to update from another bean and make it 2 how i can do it? And how i can access the value of a session bean from another bean?

View Replies View Related

Lost Session In Weblogic

Aug 20, 2014

I have two different web apps (let's name them A and B) running on Tomcat (v5). At some point, one of A's JSPs invokes one of B's through an iFrame that contains a form. Then, B does its bussiness and sends an answer to another one of A's JSPs, which now can continue doing its stuff.

As I said, this runs on Tomcat with zero problems.

But recently I tried to deploy both apps on Weblogic (v9.2) and found one big problem: just when B has sent the answer, A loses the session and has to stop.

What could be the cause to this?

View Replies View Related

JSP :: Losing Session Values During Redirect?

Mar 30, 2014

I am trying Single signon to a different application from my application. i use redirect to open the new URL in a separate window. MY single signon works well. But i am losing the session values in my application.

Because of this when i close the new window and click on any link in my application, i am getting error sicne all application objects inside session are reset to null. how to retain the session values after Redirect.

View Replies View Related

Servlets :: Same Session On Two Separate Web Applications?

May 18, 2014

We have this website that is run on two web applications. The first web application hosts the home page and clicking certain links in the home page would forward it to pages of the second web application where certain functionalities can be done. Now, there has been an initiative to redesign the site to have a login page and only logged in users could browse it. This would mean a login page being created in the first app, and when links to the second application are clicked, the pages are supposed to forward to it with the same session of the user that logged in.

We have already creating handling to pass the session from the first app to the second. Logging out from the first application would also invalidate the same user session in the second application. My questions is, is this a bad idea? would it be better to combine the two apps even if it would mean a huge impact?

or is there are better way to do this? like set it in web.xml. I have read that you cannot use two context for it.

View Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved