I have an application from where when I am clicking on a particular link, it taking me to me Oracle Universal Content Manager. As soon as I am in UCM if go back to my application it gets timed out(logging out).
While investigating I found that jsessiond id of my application is getting killed and new jsession id is getting generated.
Does anybody has any idea of how to retain this jsession or increasing the number of jsession id at UCM side?
Any help will be appreciated.
Thanks,
Sharmistha.
After searching on support side I got to know that :
OAM protecting multiple WebLogic applications that are not sharing a session. The JSESSIONID cookie issued when a user accesses a second application will blow away the JSESSIONID from the first application.
Now, what you usually see in such a setup is that the user can go back and access the first application without having to login again. However, underneath the covers they will be issued a new session. So, upon returning to the first application, any data associated with their original session will be lost and the application flow may be disrupted or different from the expected behavior.
There are 3 ways doing this :
1. Enable session sharing between your WLS applications.
2. Configure distinct WLS session cookie names (instead of JSESSIONID) for each application so that they won’t override each other.
3. Configure distinct cookie paths for each application (by default the JSESSIONID created by WLS has a path of “/”) so that they won’t override each other.
I used second option:
Step 1 : Unzipped the cs.ear file
Step 2 : Open web.xml file.
a. Modify the filter entry for JpsFilter and add the following <init-parameter> entry at the end of this entry:
<init-param>
<param-name>IdcSessionKey</param-name>
<param-value>YOURJSESSIONID</param-value>
</init-param>
b. Modify the filter entry for IdcFilter and the following entry at the end of this entry:
<init-param>
<param-name>IdcSessionKey</param-name>
<param-value>YOURJSESSIONID</param-value>
</init-param>
c. Modify the servlet entry for adfAuthentication and add the following entry at the end of this entry:
<init-param>
<param-name>IdcSessionKey</param-name>
<param-value>YOURJSESSIONID</param-value>
</init-param>
Step 3: Open weblogic.xml.Add the following entry inside the <session-descriptor> entry:
<cookie-name>YOURJSESSIONID</cookie-name>
Step 4: Re-generate cs.war and then cs.ear file.
Step 5: Copy the newly created ear file to your location.
Step 6: Delete temp and cache wcm server domain. Then restart ucm server
Related
normally you provide a application-P.properties file with you application and in there set hibernate.hbm2ddl.auto=validate or something that does not delete data. but what if you want to have a further safeguard so that deletion needs a manual confirmation?
there are some google hits that go into the right direction but i haven't found one that clearly sasy that code x is run before spring checks that variable and deletes the db.
where in spring do you run code that is executed before the database tables are created?
I have the following scenario:
Server A:abpWeb;
Server B:abpWeb;
A and B are based on MyCompanyName.AbpZero template, abp. Net core version 3.1.1;aspnetboilerplate
Browser access A:abpWeb and B:abpWeb. But after logging in, cookie shared is invalid.
A:User.Identity?.IsAuthenticated equals true after Browser access A:Login;
But refresh B:/index on the browser,B:User.Identity?.IsAuthenticated equals false;
The same browser domain for A and B is the same.
I created two new ASP.NET Core 2.0 MVC apps with ASP.NET Core Identity, using AddDataProtection for the normal shared cookie is ok.
I referred to:
https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?tabs=aspnetcore2x
I am searching for a long time on net. But no use. Please help or try to give some ideas how to achieve this.
Thanks in advance.
The keys that encrypt/decrypt your cookies are probably trying to be written to an invalid folder.
By default AddDataProtection tries to write these keys to:
%LOCALAPPDATA%\ASP.NET\DataProtection-Keys
As long as there is an environment variable being used to create the keys path, you will need to set the following config file setting to true.
Please also see my other answer here:
IIS - AddDataProtection PersistKeysToFileSystem not creating
Fix: Within %WINDIR%\System32\inetsrv\config\applicationHost.config set setProfileEnvironment=true. I think you have to restart IIS as well.
I want to ask a couple questions about tomcat session lifecycle if we are deploying it using 2 war files.
We have the situation when we are logged in the first web app (war1) and put in the session some attributes.
After this we open a new tab at the same browser for war2 and then inside filter we are receiving request that contains new session with new cookie.
So, is it possible to somehow share session attributes on 2 different wep apps (2 dofferent war files under 1 tomcat instance).
Is it possible to have 1 session for 2 web applications?
For example if I open 1 tab in the browser for war1 I am getting sesionId 123ASD, and then if I open second tab for war2 it will contain same sessionId: 123ASD.
Is this situation possible ?
Is there any ways to configure Tomcat ?
I have tryid toput this valve inside server.xml file:
<Valve className="org.apache.catalina.authenticator.SingleSignOn" requireReauthentication="true"/>
And add crossContext="true" value for <Context crossContext="true"> at context.xml file but it doesn't helped at all.
No, it is not possible to share sessions across two web applications.
The single-sign-on valve is intended to share authentication information across applications. It does not share sessions.
The crossContext attribute on your <Context> doesn't do what you think it does. It allows the application to request a RequestDispatcher to another context for the purposes of forwarding requests across contexts. You almost never want to do that. It has nothing to do with sessions.
I have an application in which I'm trying to implement external configs. This part is working fine. However, now it seems like some of the config settings are being lost.
I am using this setting:
grails.app.context = "/${appName}"
appName is defined in the application.properties file, and was working fine.
as stated above I extenalized my datasource and grails.serverURL settings.
Now when I click my logout link I get redirected to http://myapplication/[:]/j_spring_security_logout
I can replace the [:] with the context and it takes me to the correct url (post logout) but then when trying to log back into the application I get this url.
http://myapplication/[:] in place of the default login url.
EDIT
having added some println statements to my Config.groovy file. It appears to load the Config.groovy file 3 times. The first two times I see what I'm expecting to see, the third time is when it setts the context to [:].
Why is it loading the config three times, and what is it about the third time that is loosing my settings?
To answer my own question. After much debugging and hair pulling I found my answer. It wasn't that the context was being lost after logout. The application was never truly getting the correct settings. (in a sense). There are several plugins that call to the config.groovy file during start up. One of those happened to be multiTenant. When accessing the config.groovy and subsequent external config files ${appName} was no longer in scope, thus tomcat loaded application without trouble using its default conventions. The spring logout then tried to redirect after logout to ${appName} which at the time was an empty or [:].
The solution I found was in the external config file to change my grails.serverURL from
grails.serverURL = "http://myApplication.com/${appName}"
to
grails.serverURL = "http://myApplication.com" + grails.app.name
This allows for the application.properties file to contain the app.name variable and the external config file to use the correct property that I need for the different deployments of the war file.
It may not be the most elegant solution but it solve the issue with the spring logout.
I am following this tutorial an have a lot of trouble with it as many parts are not explained to beginners: https://cloud.google.com/developers/articles/how-to-build-mobile-app-with-app-engine-backend-tutorial
I came to the part where we need to upload some data to datastore. They are using a .csv file to accomplish that.
This is part of the tutorial where I've stuck:
Create Upload Script
This is the script that actually uploads the simulated information into the backend datastore.
For information about the bulkloader.yaml and more, refer to the App Engine documentation in: Uploading and Downloading Data. Also, you can find the bulkloader.yaml file and the test data here MobileAssistant-Data.
Create a new directory and make it your current directory.
In your editor, create a script file and call it upload_data.sh.
Copy and paste the following code into the file.
#!/bin/sh
appcfg.py upload_data
--config_file bulkloader.yaml --url=http://localhost:8888/remote_api --filename $1 --kind=$2 -e
nobody#nowhere.com
The previous script accepts two arguments separated by a blank space:
./upload_data.sh<data.csv> <class entity name>
The first argument is the name of the csv file that contains the data you want to upload, The second is the name of the entity class to handle the data.
Close and save the file. Notice that the script at this time is intended to be used on local server. It must be modified when the backend application is deployed to the cloud. For example, e-mail “nobody#nowhere.com ” will be changed to an actual e-mail address of the App Engine administrator before deployment.
Places Simulated Data
The simulated data is contained in the file places.csv that you downloaded earlier from the MobileAssistant-Data directory in Mobile Shopping Assistant.
The file contains the following comma separated fields:
name: <place’s name>
placeId: <number that identifies the place>
location: <place’s latitude and longitude coordinates (two values separated by a comma) >
key: <unique key associated with the place>
address: <the place’s address >
Modify Web.xml
To upload data to the datastore, reference the “remote API servlet” and associate it with a URL. You’ll define these mappings in the Web.xml file of the MobileAssistant-Appengine application, as shown next. The web server uses this configuration to identify the servlet to handle a given request.
Note. Notice, you might need to restart Eclipse. if you skip th e Web.xml modification you will get Error 404 Not Found.
<servlet>
<display-name>Remote API Servlet</display-name>
<servlet-name>RemoteApiServlet</servlet-name>
<servlet-class>com.google.apphosting.utils.remoteapi.RemoteApiServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RemoteApiServlet</servlet-name>
<url-pattern>/remote_api</url-pattern>
</servlet-mapping>
Upload Places Simulated Data
To upload the test data to the data store, run the script that uploads the data from your script directory.
Before you upload your data, make sure to start MobileAssistant-AppEngine as a Web Application (in Debug mode) in Eclipse.
./upload_data.sh <places.csv> Place
At the password request, just press enter.
I don't understand that part with the script. I created a folder age on Desktop, placed inside their files bulkloader.yaml and places.csv. Inside that folder is that upload script.
After I run ./upload_data.sh <places.csv> Place, in my terminal I receive the following error:
upload_data.sh: line 2: appcfg.py: command not found
upload_data.sh: line 3: --config_file: command not found
upload_data.sh: line 4: nobody#nowhere.com: command not found
What should I do to upload that data to Google App Engine datastore? Thank you.
Is appcfg.py in your path, if not then set the path explicitly in your script or add the path the appcfg.py to your PATH