Sophana wrote:
> Christoph Zwerschke a écrit :
>> Maybe we should make '/' the default CookiePath again instead of None
>> (automatic determination)? This is less secure, but at least it will
>> always work (Microsoft policy ;-) This issue has already caused too much
>> confusion in the past.
>>
Christoph Zwerschke a écrit :
> Sophana wrote:
>
>> I reverted to 0.9.2 because of the cookie clear bug which I couldn't
>> find a workaround.
>>
>
> If you provide a test case for that bug, I'll try to fix it in the next
> version.
>
>
>>> But this would be redirected to /wk/wk/* and n
Sophana wrote:
> I reverted to 0.9.2 because of the cookie clear bug which I couldn't
> find a workaround.
If you provide a test case for that bug, I'll try to fix it in the next
version.
>> But this would be redirected to /wk/wk/* and not work anyway?
> No, in my case I only redirect / (^/$) wi
Christoph Zwerschke a écrit :
> Sorry for the late answer, I was offline was some weeks.
>
> sophana wrote:
>
>> Now looking at firefox cookie list, when I go to my server root url, I
>> get a SID cookie with the path set to //
>>
>
> This is a bug. It should only be '/'. I have already fix
Sorry for the late answer, I was offline was some weeks.
sophana wrote:
> Now looking at firefox cookie list, when I go to my server root url, I
> get a SID cookie with the path set to //
This is a bug. It should only be '/'. I have already fixed it in the
trunk. Can you try again with the HTTPR
Christoph Zwerschke a écrit :
> Concerning the sessions, this may have to do with the more secure
> default cookie path for Webware. It will be probably using '/wk' now,
> while you had been using '/'. If you still experience problems with the
> cookies, you can set a fixed cookie path in 0.9.4,
> I will revert to the previous server, then try to reproduce the problem.
> I hope the session incompatibility will not show up again...
Yes, you should check the new version on the old server and the old
version on the new server to see whether it is an issue of the server or
or Webware. I hav
Jkx a écrit :
> Hi all,
>
> I've been off webware for a while now, but yesterday I need to
> update my website, and I run into some issues with an old webware
> install (which work smothly since 2 years).
>
> I switched to mod2_webkit, and last stable webware release 0.9.3 +
> apache 2.2 (my prev
Ho I miss to answer, this email !
/me slaps me !!!
In fact, I hand patched this stuff like Christoph ask, but I run into
other issues.. mainly cause I already asked the URLParser before:
http://www.larsen-b.com/Article/91.html
I managed to fix the issue, but don't ask me exactly how. Afte
including feedback and proposals.
Subject: Re: [Webware-discuss] Session Issue
I'm kinda nervous to expose how I do things, for fear of being told I'm
completely smoking crack, BUT...
We use mod_rewrite to map the /wk/ noise right to the document root in
the httpd.conf file (similarly
To: Discussion of Webware for Python including feedback and proposals.
Subject: Re: [Webware-discuss] Session Issue
Jerome Kerdreux wrote:
> Hum .. I guess you found something. The url is
> http://www.larsen-b.com/Articles/X.html
> but the cookie path is "/wk/" ... Do you
Jerome Kerdreux wrote:
> Hum .. I guess you found something. The url is
> http://www.larsen-b.com/Articles/X.html
> but the cookie path is "/wk/" ... Do you have a idea to fix this ?
I cannot see how this happens with the rewrite rules you posted, but you
wrote that you are using another URLD
On Mon, 14 May 2007 22:54:58 +0200
Christoph Zwerschke <[EMAIL PROTECTED]> wrote:
> Jerome Kerdreux schrieb:
> > Hum, I missed to say that firefox see the SID cookie, the issue is that
> > my code doesn't have it, so create a new session cookie at each request.
> >
> > In awake(), I checked for
Jerome Kerdreux schrieb:
> Hum, I missed to say that firefox see the SID cookie, the issue is that
> my code doesn't have it, so create a new session cookie at each request.
>
> In awake(), I checked for trans.request()._environ['HTTP_COOKIE'] this
> give me some cookie but not the SID one ..
On Mon, 14 May 2007 19:02:16 +0200
Christoph Zwerschke <[EMAIL PROTECTED]> wrote:
> Jkx wrote:
> >> * If you create an empty (default) working dir, does it work?
> >
> > It should work (as my app is running), I only have some issues
> > with Session (all other is working fine)
>
> I mean, do s
Jkx wrote:
>> * If you create an empty (default) working dir, does it work?
>
> It should work (as my app is running), I only have some issues
> with Session (all other is working fine)
I mean, do sessions (e.g. the CountVisits example) work when you create
an empty working dir?
> Here is my
For un unknow reason I haven't receive the answer from Chris ..
So this is a cut/paste from the mail archive.
>> After some tweaks in the webware context config, all is working
>> quite fine. (migration was easy :) .. but the session doesn't work
>> any more. And even worst I try to do som
> After some tweaks in the webware context config, all is working
> quite fine. (migration was easy :) .. but the session doesn't work
> any more. And even worst I try to do some debuging, and find that
> trans.request()._environ['HTTP_COOKIE'], contains some cookies but
> not the SID one, beside
Hi all,
I've been off webware for a while now, but yesterday I need to
update my website, and I run into some issues with an old webware
install (which work smothly since 2 years).
I switched to mod2_webkit, and last stable webware release 0.9.3 +
apache 2.2 (my previous setup was mod_webkit
sophana a écrit:
> Is your fix available in the 0.9.2 beta? I'd like to test it...
The expired sessions fix has been added after the beta release, so you
need to get it from the SVN. You can simply replace Application.py and
HTTPExceptions.py in the WebKit folder from here:
http://svn.w4py.org/
Christoph Zwerschke a écrit :
I will also try to reimplement returning an error page for expired
sessions if IgnoreInvalidSession=False (the default is True). Maybe
instead of sending an error page, we should simply send a 408 Request
Timeout error?
I have fixed it that wa
> I will also try to reimplement returning an error page for expired
> sessions if IgnoreInvalidSession=False (the default is True). Maybe
> instead of sending an error page, we should simply send a 408 Request
> Timeout error?
I have fixed it that way now, but sending "401 Session Expired" ins
> In previous versions of webware (0.8.1), when a session expires the
> method Application.handleInvalidSession() was called, which basically
> removes the _SID_ reference so the browser will stop requesting an
> invalid session, and marks request._sessionExpired. So, I could ask
> for the var
Hello, I’m developing a web site using python 2.4.3
and Webware 0.9.1.
I have a problem to know when a session is actually expired and
is not a brand new session because the user just entered to the site.
In previous versions of webware (0.8.1), when a session
expires the method A
Hi guys
I'm using the last svn webware, I having problems with the
AutomaticPathSession stuff. I use to redirect my pages to the webware
context like this:
RewriteCond %{REQUEST_URI} !^.*_SID_.*$
RewriteRule ^(.*)$ /wk/somecontext$1 [L,PT]
This redirect the root to /wk/somecontext a first t
Hey all,
First of all, thanks a *lot* to everyone that lent helpful suggestions. It's very appreciated.
Okay, I fixed my bug. Is there some problem inherent with passing a
Session instance to the constructor of another object? For example:
class SomePage(AuthFrame):
...
def writeContent
nces to "SomeParent" in that code which should be"SiteFrame". I started to convert to your Frame naming convention butdidn't follow through. :)> -Original Message-> From: Ben Parker [mailto:[EMAIL PROTECTED]]> Sent: Thursday, March 31, 2005 1:38 PM> To
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Greg
> McClure
>
> ...
>
> My real problem is that I can not get my code to detect session cookie
> deletion. I feel like I'm missing something obvious, but I'm looking
> for anyone to say, "Here it is. You
: Thursday, March 31, 2005 1:38 PM
> To: Greg McClure
> Cc: Webware discussion list
> Subject: RE: [Webware-discuss] Session Cookies Issue
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of Greg
> > McClure
>
Seeya,
Thanks for your response, but the 'BasicFrame' and 'AuthFrame' classes
are *not* frames, sorry for not explaining that. Those are just my
terms since I feel that what they're doing is "framing" content and I
dislike the term "page" for that function, since I feel that software
like Webware
Greg McClure wrote:
> I need to detect if the session cookie is present or not, *before* the
> rest of a page executes. Right now my protected pages are inheriting
> from an AuthFrame class which uses the awake method to handle this
> stuff. I have caching turned off.
How about self.transaction().
Hi Greg
What is your real problem? I don't know if is your case, but Internet
Explorer doesn't save cookies if you are on a frame (in my case an
iframe). I need to use AutomaticPathSession=1 on the configuration.
If I open the frame on a new window all is ok...
seeya
On Thu, 31 Mar 2005 00:35:0
Argh.
I tried it, but unfortunately trans.hasSession() doesn't seem to be
solving my problem.
Here's a sample of my code, as per your suggestion:
import lib.Config
from BasicFrame import BasicFrame
class AuthFrame(BasicFrame):
def awake(self, trans):
BasicFrame.awake(self, trans)
Yo folks,
Okay, I wrote a simple authorization/authentication scheme with
Webware that relied mostly on session variables to pass certain bits
of user info around. I was aware of a few security issues with my
scheme, but I considered them minor and I wasn't concerned about them
at this point in de
Yo folks,
Okay, I wrote a simple authorization/authentication scheme with
Webware that relied mostly on session variables to pass certain bits
of user info around. I was aware of a few security issues with my
scheme, but I considered them minor and I wasn't concerned about them
at this point in de
On Tue, 1 Mar 2005 17:21:18 -0800, Greg McClure wrote:
> Hey all.
>
> I suppose I'm not understanding Webware sessions very well. I'm
> trying to detect if a session has expired by doing what seems
> obvious:
>
> if self.session().isExpired():
> etc ...
Here are some quick tips that may help:
* I
Hey all.
I suppose I'm not understanding Webware sessions very well. I'm trying
to detect if a session has expired by doing what seems obvious:
if self.session().isExpired():
etc ...
Further, I want to check later to see if this user has logged in:
if not self.session().hasValue('loginid'):
On Dec 23, 2004, at 8:10 AM, Geoffrey Talvola wrote:
Frank Barknecht wrote:
Geoffrey Talvola hat gesagt: // Geoffrey Talvola wrote:
So the most secure solution is indeed to use "URL secrets", like the
incrementing id already proposed (which must not be guessable) or
random secrets (like in Funcs.un
Frank Barknecht wrote:
> Geoffrey Talvola hat gesagt: // Geoffrey Talvola wrote:
>
>> Using the latest Webware CVS as of a few minutes ago, if you use
>> UseAutomaticPathSessions=True with UseCookieSessions=False then the
>> session id is exclusively embedded in the URL and never sent in a
>> cook
Hallo,
Geoffrey Talvola hat gesagt: // Geoffrey Talvola wrote:
> Using the latest Webware CVS as of a few minutes ago, if you use
> UseAutomaticPathSessions=True with UseCookieSessions=False then the session
> id is exclusively embedded in the URL and never sent in a cookie, so based
> on my readi
Frank Barknecht wrote:
> Hi,
>
> maybe you have already seen this one some news sites, but this
> document on "Session Riding" [1] IMO discusses a very important
> security issue with web based applications like you all probably
> develop with Webware, too, and it shines new light on the Cookie vs
Enrique Arizón wrote:
Of course, I send it back and for embedded in the
form as a hidden input field, so I can't imagine a
general way to use it in Webware (or any other
framework)
Yeah.
Though, if this scheme is used in HTML forms only and application use
some form-management tool like FormKit o
> I assume you attach this number to the urls in the
> final HTML response?
> Passing it back as cookie is useless, AFAIS.
>
Of course, I send it back and for embedded in the
form as a hidden input field, so I can't imagine a
general way to use it in Webware (or any other
framework)
Regards!
Enrique Arizón wrote:
I use "sequence numbers" to avoid the problem. It's
basically a similar solution to the "secrets"
mentioned in the article. An increasing integer number
is send back to client with every request. The client
must put it back to the server with each new request.
It has the added
I use "sequence numbers" to avoid the problem. It's
basically a similar solution to the "secrets"
mentioned in the article. An increasing integer number
is send back to client with every request. The client
must put it back to the server with each new request.
It has the added advantage (that was r
Hi,
maybe you have already seen this one some news sites, but this
document on "Session Riding" [1] IMO discusses a very important
security issue with web based applications like you all probably
develop with Webware, too, and it shines new light on the Cookie vs.
URL-session debate. Essential rea
; > strings
>> > into the session store, so that skews our results in the "good"
>> > direction.
>> >
>> > Cheers!
>> > --
>> > David Hancock
>> >
>> > -Original Message-
>> > From: Matt Feifar
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
> Sent: Wednesday, October 20, 2004 3:57 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [Webware-discuss] session strangeness
>
>
> Hey, thanks everyone f
ction.
>
> Cheers!
> --
> David Hancock
>
> -Original Message-
> From: Matt Feifarek [mailto:[EMAIL PROTECTED]
> Sent: Wed 10/20/2004 6:12 PM
> To: Hancock, David (DHANCOCK)
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Webware-discuss] session strangeness
>
> Th
Title: RE: [Webware-discuss] session strangeness
Thanks, Matt--that's useful. We never (purposely) put anything but strings
into the session store, so that skews our results in the "good" direction.
Cheers!
--
David Hancock
-Original Message-
From
Thanks for that.
I guess that it's not "way" :-)
But it does depend on what gets pickled; if it stays in memory, there's
no pickling. I've noticed for example that pickling new style classes
(with the getstate/setstate stuff) is pretty slow. Typical session stuff
like strings and ints should be
:[EMAIL PROTECTED] On Behalf Of Matt
Feifarek
Sent: Wednesday, October 20, 2004 3:08 PM
To: [EMAIL PROTECTED]
Cc: JD Kaplan; [EMAIL PROTECTED]
Subject: Re: [Webware-discuss] session strangeness
File based sessions are way slower. Definitely an undesirable band-aid
solution.
We've seen this s
es them all when
starting the server).
I have no idea why
redirecting would cause this to happen.
Let us know what you
find out.
-
Geoff
-Original Message-From: JD Kaplan
[mailto:[EMAIL PROTECTED]Sent: Monday, October 18, 2004 4:29
PMTo: [EMAIL PROTECTED]Subject: RE:
[Webwar
File based sessions are way slower. Definitely an undesirable band-aid
solution.
We've seen this sort of thing, too. We were never able to determine the
source of the bug (or whether it was a bug).
[EMAIL PROTECTED] wrote:
Try changing your sessions store from Dynamic to File. What do you mean
Kaplan
Cc: [EMAIL PROTECTED]
Subject: RE: [Webware-discuss] session strangeness
Try changing your sessions store from Dynamic to File. What do you mean
by bounce the server?
Jose
> Original Message
> Subject: RE: [Webware-discuss] session strangeness
> From: "JD K
Try changing your sessions store from Dynamic to File. What do you mean
by bounce the server?
Jose
> Original Message
> Subject: RE: [Webware-discuss] session strangeness
> From: "JD Kaplan" <[EMAIL PROTECTED]>
> Date: Mon, October 18, 2004 1:
Of JD Kaplan
Sent: Monday, October 18, 2004
3:06 PM
To:
[EMAIL PROTECTED]
Subject: [Webware-discuss] session
strangeness
So I’ve recently been forced to store some information
in the session and I used the transaction.session().setValue() call to do
so. I manage the lifecycle of that
So I’ve recently been forced to store some information
in the session and I used the transaction.session().setValue() call to do so.
I manage the lifecycle of that information, removing it when I don’t need
it any longer and putting it in only when I need it. The code works fine and I’m
h
Hi guys!
I´m using this methods, session().values() and request().fields() to
get all the values of the session and of the request as a dictionary.
I think it would be good to have a method request().values(), is this a
good idea, does someone agree with me?
Thanks for attention
=
--
Michel
We're running the latest released Webware, Linux (RH 7.3), Python 2.3.2,
Apache 1.3.x, mod_webkit adapter, and we're using the File session store.
We're seeing an increased number of KeyError tracebacks, where the "key" is
the session key. Interestingly, we just got two tracebacks within a couple
I'm having a bit of an issue with session timeouts. It seems that the
sessions are timing out regardless of whether or not the session has
been accessed.
A specific situation is with a call tracking system that I am developing
internally for my employer. The user home page is set to refresh ever
On Fri, Mar 05, 2004 at 04:42:15PM -0600, Jason Hildebrand wrote:
>
> Hi Jerome,
>
> I'm curious why you aren't using Modeling anymore, or why you've decided to
> go with SQLObject. I've looked through the Modeling docs a couple of times,
> and while it looks impressive, but I haven't used or te
On Thu, 2004-03-04 at 18:03, Jerome Kerdreux wrote:
> In a previous life, i used Modeling for a while, and in Modeling
> you simply work in a editing context and binding an ec to session
> is easy so, commiting changes is just a ec.saveChanges()... and
> to loose modification simply discard this ec
On Thu, Mar 04, 2004 at 05:24:38PM -0600, Ian Bicking wrote:
> You shouldn't keep the SQLObject instances in the session -- they
> persist independently in the database, and it can potentially confuse
> things if you keep them elsewhere. Well... maybe not so much. Really
> they should be pickl
Jerome Kerdreux wrote:
I'm wondering how you use session in webware.
My main problem is that i what to edit some
SQLObject in session. But i can to that directly
so i decided to write something that 'clone'
a SQLObject into a database-less object and put
it session. This works fine except that obje
Hi All:)
I'm wondering how you use session in webware.
My main problem is that i what to edit some
SQLObject in session. But i can to that directly
so i decided to write something that 'clone'
a SQLObject into a database-less object and put
it session. This works fine except that objects
aren't pi
_session is the class variable; session() is the access method.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek
Kubica
Sent: Friday, December 05, 2003 7:18 AM
To: webware-discuss
Subject: Re: [Webware-discuss] session from PSP
Hello,
>>
Hello,
>> sess = self._session()
IB> should be "self.session()", i.e., no underscore.
Thank you, it worked. :)
But why dir(self) displays _session?
greets,
Marek
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert
On Dec 3, 2003, at 11:19 AM, Marek Kubica wrote:
Hello,
I'm pretty new to PSP/Webware. I've got the following problem: how can
I access session form PSP? I've tried:
<%
sess = self._session()
should be "self.session()", i.e., no underscore.
sess.setValue('x', 5)
res.write(str(sess.value('x')))
%>
Hello,
I'm pretty new to PSP/Webware. I've got the following problem: how can
I access session form PSP? I've tried:
<%
sess = self._session()
sess.setValue('x', 5)
res.write(str(sess.value('x')))
%>
But this seems to be wrong.
Who can help?
Please!
greets,
Marek
Hello there.
I'm using... Webware 0.8. WebKit, in this particular example.
Sooo, it looks to me like when you create a session, a cookie gets
created, and there's no way to set the expiration date on the cookie.
So it defaults to "valid for current (browser) session only." This
doesn't work so
Vitaliy Fuks wrote:
I believe your problem may be that if you set a cookie and redirect in
same request the cookie is ignored.
You are not inherintly doing that, but because session is expired new
session is created when user requests that page. At this time, a cookie
with new session id is sent.
I've been having a session problem. It happens when a session times
out. Here is the scenario:
1. User surfs happily with no problems then waits a while.
2. Session times out (I believe).
3. User request handled by displatch servlet (Index.py).
4. Dispatch servlet (Index.py) sets value in sessi
Hi!
I've got a problem, related to session handling.
Clients are reporting this problem both on IIS and built-in http server,
while I can't reproduce it on my dev. machine (using built-in http
server). Platform is Windows2K, IE 6.0.
The problem is: when the WebKit is restarted the session data
Aaron,
I have tried with Mozilla. It just works fine. It's only IE and
Konqeror. I add a bunch of print statements to check the cookies being
received and sent and it seems that after my sub window calls
window.close it seems the next page I access just doesn't have any
cookies being sent. I p
I would recommend that you first test with Mozilla or some browser that
lets you monitor cookies. (From Mz click Tools -> cookie manager ->
manage cookies).
First of all make sure that you indeed blocking the cookies.
Next dump the session contents for each page and try to find where the
sess
Good Morning,
I've been working with webware 0.8 and have an app that is using a
variant on the Securepage used in the Examples. On one of these
secure pages I have a button which through some horrible javascript,
pops up another Window for some dataentry. Both of these forms are
subclassed fr
Huy Do wrote:
> Hi,
>
> I was just wondering if anyone stores their db cursors (psycopg) in the
> session so the user can reuse the same cursor if necessary (i.e so the
> program does not have to re query the database). I am basically using
> this for a web page which for eg. List 30 rows at a tim
Hi,
I was just wondering if anyone stores their db cursors (psycopg) in the
session so the user can reuse the same cursor if necessary (i.e so the
program does not have to re query the database). I am basically using
this for a web page which for eg. List 30 rows at a time from a result
set of 100
Stuart Donaldson'
> Cc: Chris Backas; WebWare Community
> Subject: RE: [Webware-discuss] Session timeouts
>
>
> I figured out the source of my confusion about the session expiration.
>
> In my testing, everything was working properly. After
> session expiration, I
>
I figured out the source of my confusion about the session expiration.
In my testing, everything was working properly. After session expiration, I
would get a new session ID and a fresh, clean session on the first request.
It turns out that I was making that request after the session sweeper thr
Stuart Donaldson [mailto:[EMAIL PROTECTED]] wrote:
> That is rather interesting. The SecureCountVisits page does
> not check
> for Application.createSessionForTransaction() as does the CountVisits
page.
>
> It appears that when a session expires, the strategy is to call
> Application.handleI
Randall Randall wrote:
Stuart Donaldson wrote:
Probably what should happen, is that the SecureCountVisits example
should be updated to include a check for isSessionExpired() and then
display an expired sesion page.
Shoudn't this be in SecurePage itself? Is it useful to
Stuart Donaldson wrote:
> Probably what should happen, is that the SecureCountVisits example
> should be updated to include a check for isSessionExpired() and then
> display an expired sesion page.
Shoudn't this be in SecurePage itself? Is it useful to have a page one
only inherits to enforce lo
That is rather interesting. The SecureCountVisits page does not check
for isSessionExpired() as does the CountVisits page.
It appears that when a session expires, the strategy is to call
Application.handleInvalidSession() which basically removes the _SID_
reference so the browser will stop r
Hello all,
I've been having an interesting problem with dynamic session timeouts and
the SecurePage skeleton provided by the examples. I've got a servlet
hierarchy based on the SecurePage example to handle authentication. It
generally works fine, but when the user leaves the session idle a l
Michael Engelhart wrote:
BTW, it appears that expiring() doesn't get called on application
shutdown. Any ideas on what the deal is with that?
I think that the theory is that you could restart the application, and
it can pick up the sessions and go, without expiring them. If they
actually a
Thanks Matt
Good idea. I hadn't looked into the MixIn class. I'll check that out.
Maybe that's a better solution then mucking around in the Session class
BTW, it appears that expiring() doesn't get called on application
shutdown. Any ideas on what the deal is with that?
I saw that storeAllS
Michael Engelhart wrote:
Is there a way to handle cleanup of application specific resources
when a session is about to expire?
We're doing something similar to write log data when a session is
over... in the __init__.py of an application, you can do something like
this:
Is there a way to handle cleanup of application specific resources when
a session is about to expire?
Let's say that I have a database connection stored in a session
(obviously I would use a pooled object for this but this just an
example) and I wanted to close the connection before the object
That's what I'd like to see.
I do agree that pickling to disk on restart is nice for development and
in a lot of other situations as well but I guess I just like "choice"
:-)
Thanks for listening to my rant.
Cheers,
Mike
On Tuesday, December 3, 2002, at 11:30 AM, Geoffrey Talvola wrote:
I
in the session object.
- Geoff
> -Original Message-
> From: Michael Engelhart [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 02, 2002 11:45 PM
> To: Ian Bicking
> Cc: Webware discuss
> Subject: Re: [Webware-discuss] session persistence
>
>
> Hi Ian,
Hi Ian,
Thanks for the code snippets and advice.But I'm afraid my issue
with this is more than just my pickling problem with my LDAP connection
objects. It's also the problem I have with Webware having 3 types of
session storage that all write to disk at some point. By forcing
MemorySe
On Mon, 2002-12-02 at 12:07, Michael Engelhart wrote:
> Hi all -
>
> I wrote about this a month or two ago and didn't really get a response
> but it's starting to bite me again.
> I'm trying to store LDAP connection objects in the user session and
> because the underlying LDAP objects (from the
Hi all -
I wrote about this a month or two ago and didn't really get a response
but it's starting to bite me again.
I'm trying to store LDAP connection objects in the user session and
because the underlying LDAP objects (from the python-ldap.sf.net
modules) aren't "pickleable", on shutdown of t
Edmund Lian wrote:
> Under what circumstances does Webware generate a new session ID? For
> example, if I clear out the session store, will the session ID be
> regenerated?
Clearing out the session shouldn't cause the session ID to be regenerated (I
think).
I think if your servlets don't actuall
On 08/22/2002 09:32:04 AM Geoff wrote:
>The cookie is called "_SID_" and it does remain constant across all
>requests. And it should work fine with OneShot.cgi.
>
>Are you sure you have cookies enabled in your browser?
Yes, I'm using Mozilla, and what I've done is to turn on cookie acceptance
Edmund Lian wrote:
> From reading the docs, it appears that session IDs are stored
> as cookies
> unless UseAutomaticPathSessions is set. However, I don't
> actually see any
> cookies stored on my machine that corresponds to my domain name, or
> anything else that I might recognize as being from
>From reading the docs, it appears that session IDs are stored as cookies
unless UseAutomaticPathSessions is set. However, I don't actually see any
cookies stored on my machine that corresponds to my domain name, or
anything else that I might recognize as being from Webware. What is the
name of t
Hiya,
I'm subclassing SecurePage. Page 1 gives the user a form, then spits it to
an action in Page 2. Both pages inherit directly from the same SecurePage.
I'm using OneShot.cgi.
The problem is that sometimes, when going from Page 1 to Page 2, I get a
login request, even though I'm logged in to
1 - 100 of 115 matches
Mail list logo
