I’ve a very strange problem. I’ve my user data stored in sessions when people are loggin in to the site. This is working as it should, but sometimes when i navigate around on my site, Codeigniter loggin me out automatic out of the wind.
Anyone got this problem before and know a solution?
Check session time.....
application/config/config.php
$config['sess_expiration'] = 7200;
The number of seconds you would like the session to last. The default value is 2 hours (7200 seconds). If you would like a non-expiring session set the value to zero: 0
For more details...
http://ellislab.com/codeigniter/user-guide/libraries/sessions.html
Hi please make the following changes in the system/libraries/sessions.php file.
public $sess_encrypt_cookie;
public $sess_use_database;
public $sess_table_name;
public $sess_expiration;
public $sess_expire_on_close;
public $sess_match_ip;
public $sess_match_useragent;
public $sess_cookie_name;
public $cookie_prefix;
public $cookie_path;
public $cookie_domain;
public $cookie_secure;
public $sess_time_to_update;
public $encryption_key;
public $flashdata_key;
public $time_reference;
public $gc_probability;
public $userdata;
public $CI;
public $now;
I had same problem custom session was going destroy automatically after some interval of time.
Related
I can't access Session variables outside controllers, there are over 200 examples where they advise you to add ;
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddHttpContextAccessor();
and use
public class DummyReference
{
private IHttpContextAccessor _httpContextAccessor;
public DummyReference(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
public void DoSomething()
{
// access _httpcontextaccessor to reach sessions variables
}
}
But, no-one mentions how to call this class from my controller. How can I reach that class?
If changed it to static then I need bypass construct. If I create it I need httpcontextaccessor for construct.
For who wants learn more why I approached like that, I want to write class include methods like encrypt, decrypt database tables RowIDs for masking in VIEW with value+sessionvariable to ensure its not modified.
Also I want DummyReference to be static, that way I can easily reach DummyReference.EncryptValue or DecryptValue.
Don't use IHttpContextAccessor outside of controllers. Instead, use HttpContextAccessor.
Like this in static classes ;
private static HttpContext _httpContext => new HttpContextAccessor().HttpContext;
Or anywhere else. You still need service of course and the thing we do in the controllers.
the same happend to me
I found the solution putting in my method into the no controller class (where I want to use it)
var HttpContext = _httpContextAccessor.HttpContext;
var vUser = _httpContextAccessor.HttpContext.Session.GetString("user");
That code gets you the current HttpContext. Sessions are slightly different: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/app-state?view=aspnetcore-2.2
According to Microsoft docs Add
builder.Services.AddHttpContextAccessor();
Then
private readonly IHttpContextAccessor _httpContextAccessor;
public UserRepository(IHttpContextAccessor httpContextAccessor) =>
_httpContextAccessor = httpContextAccessor;
As I am new to spring MVC, I am stuck on this problem.
I am trying to use session Scope , where I want a list to be shared across multiple controller in a http session. But I do not want this session to be shared by different http sessions. Each http session should have its own list(storage) which is shared among its controllers.
The problem I am facing is , this list is shared among all the request which are running in parallel.
For eg . If I hit the controller on my machine and some other request comes
from a different machine ,they both are using the same list(session storage)
This is MySession class which holds a List which needs to be shared across multiple controllers and each controller can do operation on this list.
#Component
#Scope("session")
public class MySession
{
public List<String> mylist;
}
Here is my controller which is using the MySession class object, Similarly there are other Controllers which can update the List in the session.
#Controller
#Scope("request")
public class SessionController
{
#Autowired
private MySession mySession;
#RequestMapping("/updateSession")
public ModelAndView updateSession(#RequestParam("id") int id)
{
//Operation on List(add remove items)
}
}
So now what is happening is List in MySession is getting effected my some other requests as I think all concurrent requests are using the same list.
Please help me how can I solve this problem if there is anything that I am missing
Ask for any modification.
Thanks in advance.
I am facing a very weird problem.
I used MyBatis generator automatically generate mappers and xml from my MySQL databases.And used the selectByExample method of the mapper to pass criteria trying to verify the user. Below is the code.
#Service
public class EmployeeServiceImpl implements EmployeeService {
#Autowired
private EmployeeMapper employeeMapper;
#Autowired
private EmployeeExample employeeExample;
#Override
public boolean verify(String username,String password) {
EmployeeExample.Criteria criteria = employeeExample.createCriteria();
criteria.andUsernameEqualTo(username);
criteria.andPasswordEqualTo(password);
List<Employee> list = employeeMapper.selectByExample(employeeExample);
if(list.size()>0) {
return true;
}else {
return false;
}
}
}
When I use SpringMVC controller passing the username and password to the mapper, it just returns only one result. When I pass correct information it will return true, but after that, every incorrect information gets true also.
I'm not sure if is it the MyBatis problem or Spring MVC?
Could anyone help me with that?
Really appreciate!
I just fixed the problem with not injecting the EmployeeExample and "new" one instead. But is it violating the decoupling principle? And how that problem happens? Could anyone explain it a little bit? Appreciate again!
I have the following problem with annotation based Spring MVC:
I have two Controllers (LoginController, AdminController) and I can pass an object (loggedInUser of type BonjourUser) form the LoginController to the AdminController by persisting it in the session. So far so good.
To prevent hotlinking, on the initial "GET" the AdminController verifies it received a valid admin-user when it is called.
This works fine the first Time, because the loginController added the object to the session.
Now here comes my problem:
Once the admin has logged in and tries to reaccess the admin-page (eg via a link in the JSP) the user-object seems to have vanished from the session, for I get a HttpSessionRequiredException for the "loggedInUser" attribute.
AFAIK the object should not be removed from the session unless I call setComplete() on the session. (I am not calling this method!) So why is the attribute removed from the session? I read here that you cannot pass session attribues between controllers. But then here it is said that it is possible. I also think it should work, since I already pass a parameter between controllers, when I redirect from the LoginController to the AdminController.
So here is the code:
LoginController:
#Controller
#SessionAttributes("loggedInUser")
public class LoginController extends BonjourController
{
[...]
#RequestMapping(value = {"/home"}, method = RequestMethod.POST)
public String validate(#ModelAttribute(value = "command") BonjourUser user, ModelMap map, HttpSession session)
{
[...]
map.addAttribute("loggedInUser", loggedInUser);
[...]
return "redirect:/admin";
}
}
And the AdminController:
#Controller
#RequestMapping(value = "/admin")
#SessionAttributes("loggedInUser")
public class AdminController extends BonjourController
{
#RequestMapping(method = RequestMethod.GET)
public String loginAdmin(#ModelAttribute("loggedInUser") BonjourUser loggedInUser, ModelMap map, HttpSession session)
{
//check if access is authorized
if(loggedInUser == null)
{
return "redirect:/login";
}
[...]
}
}
The link I use in the admins' jsp (which leads to the exception) looks like this
Once more to admin section
Basicaly I get the same exception when I just enter this in my browsers URL-bar:
http://localhost:8080/Bonjour/admin
The exception looks like this:
org.springframework.web.HttpSessionRequiredException: Expected session attribute 'loggedInUser'
So what do I need to change to ensure the user-object (loggedInUser) is not removed from the session?
Thanks in advance,
Maex
Update Spring to the latest version and it should work. See the comment to this answer: https://stackoverflow.com/a/9412890/1981720
I tried 3 different versions of spring now:
3.1.1
3.2.2
3.2.3
Always the same problem. The debugger tells me this:
I pass from login to admin:
object is perfectly stored in the session -> attributes map.
I use a link or re-type the url to access the same page again:
no object any more in session -> attributes map.
My bad - I blocked cookies!
So the session had no chance to be persisted except for POST requests, therefor the login worked but the GET for the same page did not...
I am trying to do a simple android application that communicates with a Spring server.
I'd like to use Sessions to store data of each logged in User.
My App exchange Json objects with the server and the Request Mapping is like this:
#Controller
public class LoginController {
#Autowired
private IUserDao userDao;
#RequestMapping( value = "/loginJson",method = RequestMethod.POST)
public #ResponseBody loginResponse login(#RequestBody loginModel login) {
loginResponse response=userDao.checkCredentials(login.getUsername(),login.getPassword());
System.out.println("Result="+response.isSuccess());
System.out.println("Received:"+login.getUsername()+" "+login.getPassword());
return response;
}
}
The controller is working fine, but I can't figure out how to store a sessione variable. I found many documents explaining Spring Sessions, but each of them different from the other.
Someone can suggest me some simple way to do this or some kind of good tutorial?
Not sure what you mean by saying Spring session, but you can declare additional HttpSession parameter in your method, and then do whatever you like inside of the method. Is this what you wanted to find out?