Thanks for the explanation, Scott. My first couple Tango projects (~2 years ago), I didn't pass UserRef in the URL, based on what I'd read in the UserGuide.
When I started another Tango project after about 18 months hiatus, I started including the UserRef again after reading all that discussion on the list. I think I'll switch back to the cookie method. 99% of my work is intranet and we require a fairly current version of MSIE, so I've got life easy. :) FYI, I've been through and cleaned up this app and checked - it is passing the UserReference correctly, including popup windows. I've removed all User scoped variables from the taf. However, the server is still showing extra userkeys in the logfile, and the number of userkeys doesn't seem to correlate with the license errors. So I'm still digging... > -----Original Message----- > From: Scott Cadillac [mailto:[EMAIL PROTECTED] > Sent: Monday, June 02, 2003 5:28 PM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: Licensing Errors > > > Good question Bill. One that has been hotly debated on the > List in the past :-P > > Please note that Bill is referring to "session-cookies" which > are NOT the same as regular cookies. > > I say this because all modern Browsers worth their salt have > separate enabling/disabling features for both types. > > I won't advise anybody either way, but personally I avoid > using <@USERREFERENCE> 99% of the time and have had very, > very, very few problems. Certainly fewer problems than the > security issue Bill described. > > The popup issue Jason described can happen with poorly built > browsers that don't support the "session-cookie" key > association for Child Windows opened from a Parent Window. As > a rule, all Child Windows are automatically assigned the > original "session-cookie" key from the Parent - unless the > root domain address is different. > > So if the parent is www.mysite.com but the popup (child) is > for subdomain.mysite.com (regardless if this points to the > same server), or the IP address of www.mysite.com - the > Browser will treat this as a completely different site and > will not assign the "session-cookie" key - which spawns a new > session with the Server. > > Hope this helps. Cheers........ > > Scott Cadillac, > Witango.org - http://witango.org > 403-281-6090 - [EMAIL PROTECTED] > -- > Information for the Witango Developer Community > --------------------- > > XML-Extranet - http://xml-extra.net > 403-281-6090 - [EMAIL PROTECTED] > -- > Well-formed Development (for hire) > --------------------- > > > -----Original Message----- > > From: Bill Conlon [mailto:[EMAIL PROTECTED] > > Sent: Monday, June 02, 2003 3:59 PM > > To: [EMAIL PROTECTED] > > Subject: RE: Witango-Talk: Licensing Errors > > > > > > So doesn't this thread reinforce the desireability of using > > cookies for > > passing the UserReference, rather than the URL? > > > > In the past, there has been discussion about people book-marking and > > passing along stale UserReferences, or worse passing > > UserReferences that > > are still alive, and then having two distinct users treated > > as one by the > > app server. > > > > My feeling has been that I would rather not explicitly pass > any extra > > info in the URL, and instead depend on a session cookie. > > While this can > > still be manipulated by a malicious individual, it will not be used > > accidently by naive users. > > > > Anyone have other ideas? > > > > >Jason, > > > > > >Yeah, that's what I would figure, it wasn't a problem until > > moved to the > > >smaller server. > > > > > >I've checked the file. There are several html files > opened as popups > > >with JavaScript - those shouldn't be a problem AFAIK. > > > > > >The JavaScript popups that open tafs all include UserRef in > > the URL, so > > >they should be OK too. > > > > > >I'll definitely keep this in mind when creating future > > popups, though. > > > > > >Thanks very much for the help! > > > > > >j > > > > > >> -----Original Message----- > > >> From: Jason Pamental [mailto:[EMAIL PROTECTED] > > >> Sent: Monday, June 02, 2003 4:21 PM > > >> To: [EMAIL PROTECTED] > > >> Subject: Re: Witango-Talk: Licensing Errors > > >> > > >> > > >> Jamileh, > > >> > > >> It's not really a problem with popups, its just that when > > they get > > >> opened, sometimes they will create a new user session (seems > > >> to happen > > >> only with some browsers, not all) if the UserRef isn't > > >> passed. We had > > >> that problem with 5 stations using up all 10 connections > until we > > >> incorporated the userref in every popup call. > > >> > > >> Hope that helps - it may be that it's always been doing this, > > >> it just > > >> wasn't apparent until the connection limit came into play. > > >> > > >> Jason > > >> > > >> On Monday, June 2, 2003, at 04:29 PM, Wilcox, Jamileh wrote: > > >> > > >> > Jason - > > >> > > > >> > The app does use a couple of popups. I'm also not sure > > >> that UserRef > > >> > is being passed on all calls from the app. I'll check the > > >> tafs to be > > >> > sure the UserRef is always being passed explicitly in links > > >> & such. Is > > >> > there > > >> > a particular problem with popups in that regard and, if > > so, any way > > >> > around it? > > >> > > > >> > None of this was created recently, but I've had to move > > it from our > > >> > main > > >> > server (which has a Standard license) to a separate server > > >> for security > > >> > changes. > > >> > > > >> > It seemed to be working fine until last week (first > I'd heard of > > >> > problems, I just didn't get a chance to look at logs until > > >> today). I > > >> > suspect the firewall installation may have changed how > > >> Tango sees our > > >> > internal users (this box is outside a firewall that almost > > >> everything > > >> > else is behind). > > >> > > > >> > Thanks very much for the suggestion! > > >> > > > >> > jamileh > > >> > > > >> > > > >> >> -----Original Message----- > > >> >> From: Jason Pamental [mailto:[EMAIL PROTECTED] > > >> >> Sent: Monday, June 02, 2003 1:14 PM > > >> >> To: [EMAIL PROTECTED] > > >> >> Subject: Re: Witango-Talk: Licensing Errors > > >> >> > > >> >> > > >> >> Jamileh- > > >> >> > > >> >> I've seen issues with the SB server where a single user > > on an app > > >> >> that uses popup windows that don't pass the UserRef. value > > >> >> creating multiple sessions for that single user, thus > creating > > >> >> the license problem. Does > > >> >> your app use popups? (maybe something you've added recently) > > >> >> > > >> >> Jason > > >> >> > > >> >> On Monday, June 2, 2003, at 12:54 PM, Wilcox, Jamileh wrote: > > >> >> > > >> >>> Tango 2000 Small Business Edition (10 concurrent users) > > >> >> Windows 2000 > > >> >>> Server > > >> >>> > > >> >>> > > >> >>> This is a small site with one Tango application and > > not very many > > >> >>> visitors. I shouldn't be running into licensing > > >> problems, but I'm > > >> >>> getting errors. > > >> >>> > > >> >>> For example, after I received an email this morning, I > > >> checked the > > >> >>> site. > > >> >>> > > >> >>> The browser showed an error "system is busy, contact > > >> administrator". > > >> >>> > > >> >>> The Windows Application Event Log shows Error, > > Tango_2000_Server, > > >> >>> Runtime, Event 10, Description [1000] License Exceeded at > > >> >> 9:21 am It > > >> >>> shows "license exceeded" errors for the past 4 days (as > > >> far back as > > >> >>> the log goes). > > >> >>> > > >> >>> The IIS log shows four requests for the app from 2 IPs at > > >> >> the time of > > >> >>> the error, with the next earliest request 9 minutes before > > >> >> (same IP). > > >> >>> > > >> >>> I restarted the Tango server & the app started working > > >> >> again. I got > > >> >>> an error during the restart: [1656] A serious error > > occured while > > >> >>> enforcing the license I also got a couple of errors > > >> during startup > > >> >>> stating that access was denied for the OpenSCManager - > > >> >> dunno what that > > >> >>> is. > > >> >>> > > >> >>> At any rate, the service started up again & is running; I > > >> can access > > >> >>> the page. If fact, I can open many copies of the app & > > >> run searches > > >> >>> simultaneously. Processing slows down, naturally, as I > > >> stack up the > > >> >>> queries, but everything still works. > > >> >>> > > >> >>> > > >> >>> I don't see what's causing the problems. Are there other > > >> >> logs I should > > >> >>> be checking? Would a "licensing exceeded" occurrence > > >> >> prevent the app > > >> >>> from working thereafter until the server was reset? Any > > >> >> suggestions on > > >> >>> what I could watch for & how? > > >> >>> > > >> >>> > > >> >>> As always, my thanks for any info or advice. > > >> >>> > > >> >>> jamileh > > >> >>> > > >> >> ______________________________________________________________ > > >> >> _________ > > >> >>> _ > > >> >>> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > >> >>> > > >> >>> > > >> >> -- > > >> >> > > >> > > ____________________________________________________________________ > > >> >> > > >> >> Jason Pamental, President > > >> >> > > >> >> [EMAIL PROTECTED] > > >> >> > > >> >> Bathysphere Digital Media Services, Inc. > > http://bathyspheredms.com > > >> >> > > >> > > ____________________________________________________________________ > > >> >> > > >> >> Tel: 401.490.6830 Fax: 401.490.6831 > > >> >> ________________________________________ > > >> >> > > >> >> > > >> >> A North American Distributor for Witango > (http://www.witango.us) > > >> >> > > >> >> Rapid Web Application Development - XML Execution Engine > > >> >> > > >> >> > > >> >> ______________________________________________________________ > > >> >> __________ > > >> >> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > >> >> > > >> > > > >> > > > ______________________________________________________________________ > > >> > _ > > >> > _ > > >> > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > >> > > > >> > > > >> -- > > >> > > ____________________________________________________________________ > > >> > > >> Jason Pamental, President > > >> > > >> [EMAIL PROTECTED] > > >> > > >> Bathysphere Digital Media Services, Inc. > > > > >> http://bathyspheredms.com > > >> > > ____________________________________________________________________ > > >> > > >> Tel: 401.490.6830 Fax: 401.490.6831 > > >> ________________________________________ > > >> > > >> > > >> A North American Distributor for Witango (http://www.witango.us) > > >> > > >> Rapid Web Application Development - XML Execution Engine > > >> > > >> > > >> ______________________________________________________________ > > >> __________ > > >> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > >> > > >_____________________________________________________________ > > ___________ > > >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > > > > Bill Conlon > > > > To the Point > > 345 California Avenue Suite 2 > > Palo Alto, CA 94306 > > > > office: 650.327.2175 > > fax: 650.329.8335 > > mobile: 650.906.9929 > > e-mail: mailto:[EMAIL PROTECTED] > > web: http://www.tothept.com > > > > > > ______________________________________________________________ > > __________ > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > ______________________________________________________________ > __________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
