I want to store values in variables to access form another page (a.k.a State management).
Now I cannot use sessions since I have multiple Zope instances & if one fails the user need to be redirected to another Zope instance and one session is valid only for one Zope instance.
Now my remaining options are
submit a Hidden input tag using POST method
Passing through URL with GET method
Using cookies
Using Database (which I think is 'making simple things complex'.)
I am not even considering the first 2 methods and I think using cookies is not secure.
So is there a commercial or open source module that can securely (encryption etc.) do cookie management.
If not I will have to use a database.
Please inform me, if I am missing something.
Version - Zope 2.11.1
The SESSION support built-in to Zope 2 actually keeps the session in a temporary partition of the ZODB so I think it actually is valid for multiple Zope clients connecting to the same ZEO server. The cost of this is that all session changes invoke the transaction machinery and result in a commit, so just make sure you're not using the SESSION in something very low-level like PAS auth or you'll have commits hitting your ZODB for every image, CSS file, and JS file.
Related
Let's say I have a notes app. I want to enable the user to make changes while he is offline, save the changes optimistically in a Mobx store, and add a request to save the changes (on the server) to a queue.
Then when the internet connection is re-established I want to run the requests in the queue one by one so the data in the app syncs with data on the server.
Any suggestions would help.
I tried using react-native-job-queue but it doesn't seem to work.
I also considered react-native-queue but the library seems to be abandoned.
You could create a separate store (or an array in AsyncStorage) for pending operations, and add the operations to an array there when the network is disconnected. Tell your existing stores to look there for data, so you can render it optimistically. Then, when you detect a connection, run the updates in array order, and clear the array when done.
You could also use your existing stores, and add something like pending: true to values that haven't posted to your backend. However, you'll have less control over the order of operations, which sounds like it is important.
As it turns out I was in the wrong. The react-native-job-queue library does work, I just made a mistake by trying to pass a function reference (API call) to the Worker instead of just passing an object that contains the request URL and method and then just implement the Worker to make the API call based on those parameters.
i have defined a dev.properties file for the mule flow.where i am passing the username and password required to run the flow.This password gets updated everymonth.So everymonth i have to deploy the code to the server after changing the password.Is there a way , where we can keep the properties file outside the code in mule server path.and change it when required in order to avoid redeployment.
One more idea is to completely discard any usage of a file to pickup the username and password.
Instead try using a credentials providing service, like a http requestor which is collecting the username and password from an independent API(child API/providing service).
Store it in a cache object-store of your parent API (the calling API). Keep using those values, unless the flow using them fails or if the client needs to expire them after a month. Later simply refresh them.
You can trigger your credentials providing service using a scheduler with a Cron expression having Monthly Triggers.
No, because even if the properties file is outside the application, properties are loaded on application deployment. So you would need to restart the application anyway to pick up the new values.
Instead you can create a custom module that read the properties from somewhere (a file, some service, etc), assign the value to a variable, and use the variable instead at execution time. Note that some configurations may only be set at deployment time, so variables will not be evaluated as such.
If the credentials are not exposing your application security or data, then you can move them to another config file(place it Outside mule app path). Generate a RAML file which will read & reload the credentials after application deploy/start-up, and store them in cache with timeToLive around 12 hours.
The next time when you have to change Username/Password, change in the file directly and cache will refresh it automatically after expiry time.
Actually not because all the properties secure properties needs to be there at runtime and is it is not there your application will get failed,
There is one way but it’s not best one, instead of editing code you can directly edit secure property I.e username and password in your case directly in cloudhub runtime manager properties tab.
After editing just apply changes then api will restart automatically and will deploy successfully
How can I define a variable that is accessible over several #include levels? E.g. I have some DIM declared in a VBScript and I want to access this by name inside an included VBScript so it is accessible for one user/one session which must be equal to session("UserID") if I have disabled sessions at all and also do not use cookies.
If you want to keep the variable state through multiple page requests and can't use cookies nor session state, an option i see is carrying it in the query string of each request url.
Or maybe you can also look at html5 local storage. Despite some people depreciating w3schools, i always find it a good starting point.
Well, it's been a very long time since I've last worked with ASP3 and VBScript, but if memory serves, the #Include directive is actually not a part of the ASP, it's an instruction to the IIS to add the file that is included into your ASP page.
Therefor any function or variable declared in an included file should be considered for all intents and purposes as if it was written directly into your ASP page.
As you should know, VBScript can't use a variable unless it's declared in a previous code row, therefor it's only a matter of where in your ASP page you are using the #Include directive.
This is why you should use the #Include directive as soon as possible in the ASP page that uses them.
Cookies, sessions (cookie-sessions), local storage values, are the most common types to track a visitor. Another unrealiable option is to store the values in a DB table and then use a mix of IP address and other browser sniffing variables to indicate a user (this is a bad idea).
Your best bet is to use standard cookies and keep ASP-SESSIONS off. Then you would have to build your own session management, which is usually done in a Database.
As for getting those session values into ASP and playing with them on the server side, you just do a request.cookies("session-coookie-name") and then look up the session in your DB. If you want this to go across all pages of your site put it in an include file and make sure that include file is included in all of your asp scripts.
When coding Classic asp, I usually start with a boiler plate which has a few includes (include-page-start.asp, include-head-asp, include-menu.asp, include-page-end.asp). Having an approach like this allows you to quickly add functionality without having to edit every page later. Remember includes can also include other includes :) (part of the reason asp classic both sucks and rocks!)
Sessions also use cookies to track visitor.
But ASP-SessionID Cookie does not have an expire time so if you close your browser, your cookie with ASP-SessionID will delete and your session will be terminated.
i think you try to build a load balance on an ASP site which is most complicated thing with session variables.
You have to use something different to track visitors. Cookies are an option but you have to create your own session management and still have to use a cookie to remember it.
i found a new component to do this. it work like a charm for load balance and keep your own session management with multi accesible mechanism.
http://www.aspstate.com/Developer/Documentation/html/R_Project_Documentation.htm
I have a tomcat server on which I have deployed 10 web applications.
I have a Filter which reads an incoming request from one application (say "A"), reads a certain cookie value, and gets another context name (Say "B") from the database based on the value of the cookie.
This filter then rewrites the request with context A(e.g. http://1.1.1.1/A/XYZServlet) to a new request having context as B (e.g. http://1.1.1.1/B/XYZServlet).
On doing this, all the session variables are lost when the new request gets executed.
How can I make sure that the session and all the session variables(related to context A) are retained when my filter redirects the old request(context A) to the new request(context B) ?
Setting emptySessionPath = "true" in server.xml cannot be a solution due to certain architecture reasons.
Tomcat sessions are scoped to a single web application. In your case, when you switch to a different context, the session data is not lost, but simply not applicable to the new context. The scoping is controlled by the session cookie's path, it will contain the context of the creating web application and thus be only sent to the Tomcat for requests within that context.
If you want to extend the session's scope, several options come to mind: You could modify the session cookie (JSESSIONID by default) to the root context path /. Yet session cookie management is very deeply embedded in Tomcat and hard (if not impossible) to modify. I once tried to change the session cookie to be persistent with a fixed validity duration, but didn't find a way to do so.
A less elegant but maybe working way would be to duplicate the session cookie. I'm not sure if it will work, but in your filter, you could read the session cookie and create a duplicate with the target context as path. On subsequent requests, the faked session cookie would be included, possibly making your previous session data available.
I am using NSRULConnection to make http request on my iphone application. All works just fine.
The problem is after logged in I need to keep the same session to get data from the server.
I read a few posts saying all I need was using the same instance of NSURLConnection and it would use the same session... if that is true, that doesn't make sense to me, cause the NSURLConnection is not mutable and there is no method to change the request since I have to access different pages.
Is there anyway simple way to keep a session using NSURLConnection.
If you are managing sessions using cookies, there is no need to do anything special to achieve session management.The URL loading system automatically sends any stored cookies appropriate for an NSURLRequest. unless the request specifies not to send cookies. So, your sessions should be managed automatically for you.
However, as the Apple's doc says, if someone has set the cookie-acceptance policy to reject all cookies or only accept cookies selectively, you might be in a fix (you can change the cookie acceptance policy yourself too). In such a case, you might resort to URL based session-management; in which you append a session-identifier to the URL as a parameter (You can get this identifier as a part of the successful log-in response), which can be extracted on the server-side. This, however, is considered really bad practice.
Another way, which I have come across more often, is to get a session-identifier as part of the response for a successful log-in and include that identifier in all your subsequent requests as a parameter. Although this would require a major change in the way the server handles the sessions.