I have a application which has a logout.html (this is provided by third party) which invalidates the SSO(Siteminder) session:
<html>
<head>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="Fri, 5 Sep 1980 08:00:00 GMT">
<meta http-equiv="cache-control" content="no-cache">
</head>
</html>
Now when my application's session expires I want to invalidate the SSO session as well.
My idea was to add a session-destroyed listener, and within this listener somehow "simulate" the logout.html's content.
Is this somehow possible?
Related
I have one GET Request to Get access_token.
Postman Response is :
{
"token_type": "Bearer",
"expires_in": 3599,
"ext_expires_in": 3599,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyIsImtpZCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyJ9.eyJhdWQiOiJhcGk6Ly8zNTJjZDVhNC01OWViLTRmOTAtYjNiZi0yZjkwY2MxMWM1YmMiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8yODNmZmI1MC1hMzBiLTQ4OGMtOTBmNC1jZGFlNGY3YWU2ZDEvIiwiaWF0IjoxNjAwMDk4NTkzLCJuYmYiOjE2MDAwOTg1OTMsImV4cCI6MTYwMDEwMjQ5MywiYWlvIjoiRTJCZ1lEaHJjRFRVZC80NVg2NXo4c3BKdWNMbkFRPT0iLCJhcHBpZCI6ImI5YmI1Y2VlLTM5ZWUtNDM4ZC04NTI1LTdjOGZlMTE4NzZlYSIsIavswcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzI4M2ZmYjUwLWEzMGItNDg4Yy05MGY0LWNkYWU0ZjdhZTZkMS8iLCJvaWQiOiIyZTY5MTU3Mi0xYjk0LTRkZTQtYmE5Yi02YmE3OGNhZmNmNmMiLCJyaCI6IjAuQUFBQVVQc19LQXVqakVpUTlNMnVUM3JtMGU1Y3U3bnVPWTFEaFNWOGotRVlkdW9DQUFBLiIsInN1YiI6IjJlNjkxNTcyLTFiOTQtNGRlNC1iYTliLTZiYTc4Y2FmY2Y2YyIsInRpZCI6IjI4M2ZmYjUwLWEzMGItNDg4Yy05MGY0LWNkYWU0ZjdhZTZkMSIsInV0aSI6InRIV0MzUFdiNDAtM2lkeHR0bDEzTTTiLCJ2ZXIiOiIxLjAifQ.Mj3FnWRbAmpTbGpqfsda2_9SxSY-VTlCFALk-_4-2JLTZXY-dszAoupeArmJDztliETBqzGlXP7xtOls8SV_0fafZXhTxpkKuntV1d0N0l5XqmEt1Uz6vE_LMJTyzfH_OtrDBRXHEJshgKfdvXJ0eywGAFoBUSEpwlKKbg2BB-0kUJ5itFLPq5TipwL35FxUklkZ6qjB4ySG3Xuhr_dEyLu7oUhBdArX-bBVRrcsOhatVfExNq3YtVMVEO96E7hH2H7jupH4nXu1BcRJ5WkymQTV-Sg1ccF0GgxBLrk1rYjacNGlKf8SFjs3USJl2P7HHtVtS3fDSc8t5pQ7Jt5lXQ"
}
Jmeter Response :
It is kind of html and something like :
<!-- Copyright (C) Microsoft Corporation. All rights reserved. -->
<!DOCTYPE html>
<html dir="ltr" class="" lang="en">
<head>
<title>Sign in to your account</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="-1">
<link rel="preconnect" href="https://aadcdn.msauth.net" crossorigin>
<meta http-equiv="x-dns-prefetch-control" content="on">
<link rel="dns-prefetch" href="//aadcdn.msauth.net">
<link rel="dns-prefetch" href="//aadcdn.msftauth.net">
<meta name="PageID" content="ConvergedError" />
<meta name="SiteID" content="" />
<meta name="ReqLC" content="1033" />
<meta name="LocLC" content="en-US" />
<meta name="referrer" content="origin" />
<noscript>
<meta http-equiv="Refresh" content="0; URL=" />
</noscript>
<meta name="robots" content="none" />
<script type="text/javascript">//<![CDATA[
$Config={"strHeaderText":"Sign in","unsafe_strTopMessage":"Sorry, but we’re having trouble signing you in.","strMainMessage":"We received a bad request.","strAdditionalMessage":"","strServiceExceptionMessage":"AADSTS900561: The endpoint only accepts POST, OPTIONS requests. Received a GET request.","}
Looks like Jmeter response is asking for login but in postman I never login to anywhere to get token. I just imported collection and it works.
Jmeter Header :
"unsafe_strTopMessage":"Sorry, but we’re having trouble signing you
in.","strMainMessage":"We received a bad
request.","strAdditionalMessage":"","strServiceExceptionMessage":"AADSTS900561:
The endpoint only accepts POST, OPTIONS requests. Received a GET
request.","}
It looks like you have GET method your JMeter HTTP Request Sampler. But he endpoint only accepts POST , OPTIONS. Can you compare the method in working Postman request
Also compare the headers in the Postman request and the JMeter HTTP Request Sampler. Ensure name and value pairs are comparable. Check if you have included spaces in the names/values in header manager. You need to click on the fields and ensure there are no leading or trailing spaces.
I was doing the same for Azure. I think you need to change your request to be POST, and, contrary to any logic, put in the body the authentication parameters in a non-JSON format:
HTTP Request
Later on, add an HTTP Header Manager with the same information:
HTTP Header Manager
References:
https://www.blazemeter.com/blog/fill-forms-and-submit-with-jmeter-made-easy
https://powerusers.microsoft.com/t5/Building-Flows/Get-access-token-error-AADSTS900144/td-p/732173
https://github.com/postmanlabs/postman-app-support/issues/3685
https://www.swtestacademy.com/jmeter-tutorial-api-performance-testing/
P.S. StackOverflow doesn't allow me to upload images yet so you would need to click on the links.
The endpoint only accepts POST, OPTIONS requests. Received a GET
request.
Looks like you need to submit your request as a POST, not a GET.
I'm having a frightful time stopping browsers caching my index.html on S3. I've followed every single guide I can find, and it just hangs onto it no matter what I do.
Earlier, I just used an index.php that then pointed to an index.html, and that worked perfectly. Obviously on S3 we can't do that.
So, now every time I fix a bug or make any code changes, none of my users receive them and it's obviously not a good solution to ask everyone to clear their cache.
Is there any working method of preventing this? I can't believe how aggressively everything's being cached.
There's:
No service workers or anything
All of this stuff in my <head>:
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
Invalidated the files on CloudFront
Howled at the moon
Is there something obvious I'm missing?
Could someone help me with some solution that would prevent user from moving WP8 web browser content sideways but still allow to scroll vertically?
use the below meta tag in the web page to avoid sidewise scrolling.
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
I want to know how to instruct Chrome not to use a cached version of a page. I cannot get Google Chrome [15.0.874.106 m] to load the latest version. There was a typo on the page and I've corrected it. Other browsers fetch the corrected page. Chrome, not. Here below is what I have in the header section; should I add anything or change something? Also, the browser is not set up "Under the Hood" to use any sort of DNS-prefetching. Just to be clear, I don't want to clear the cache manually, but want to know how to manipulate Chrome's page-caching policies in a declarative manner. Thanks
P.S. I had this problem once before (see this question) but the circumstances are somewhat different this time, so I don't know what's going on. This page too is being displayed in a frame, but it had a no-cache policy from the get-go.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<HTML LANG="en-US">
<HEAD>
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="Wed, 26 May 2010 00:00:11 GMT">
<META NAME="ROBOTS" CONTENT="NOARCHIVE">
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
.
.
.
</HEAD>
Okay so, firstly this is a website where the user sees a list of tasks which are uncomplete. It should work so the user clicks a complete button and then the item no longer shows, it seems not though!
When they click the 'complete' for an item I have onclick function executes a SQL update statement and then does a response.redirect back to that page, the sql statement executes correctly, the page does redirect BUT the list item is still there!
If the user then exits the page and comes back to it the list item HAS disappeared, this makes me think that the page is caching, however I have put the following in place to stop this:
<meta http-equiv="Cache-Control" content="no-cache, must-revalidate, post-check=0, pre-check=0" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="-1" />
which is fine on my BlackBerry Bold running OS 5.0, but does not work for customers with BlackBerry Bold running OS 4.x
Any ideas of what this could be are most appreciated.
Try something like this:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV="Expires" CONTENT="0">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<title>Expires Example Page</title>
</head>
<body>
Hello World!
</body>
</html>
This is from the Blackberry support forum: http://supportforums.blackberry.com/t5/Web-Development/Browser-cache-and-quot-Back-quot-button/m-p/155986
How about this
http://developer.blackberry.com/bbos/html5/documentation/rim_cache_element_1264486_11.html
try changing disableAllCache to false in the config.xml
<rim:cache disableAllCache=["true" | "false"]
aggressiveCacheAge="time"
maxCacheSizeTotal="size"
maxCacheSizeItem ="size" />