I want someone to tell me where to search for how to make a session between the client(s) and the server in RMI, i.e what is the name of that concept for searching purposes?
I named this the Remote Session pattern in my 2001 book.
The idea is to have a singleton RMI object, bound in the Registry, with nothing but a login() method. That method, if successful, returns a new RemoteSession object for every call, that contains the API you need for the session. RemoteSession is another remote interface of course. It also contains a logout() method, which unexports the object, and it also implements Unreferenced, as another way of terminating the session.
Each instance of RemoteSession can maintain client state, so it is a session object, and as the only way to get a RemoteSession object is via login(), it is secure to a first approximation.
Related
I am working on Webhooks Concept. Since Webhooks acts like a trigger, it will be firing an event when Update or Insert takes place.
It's a MVC application and I have two Controllers, Home and Webhook Controller.
I am passing arguments through Query String on Home controller.
I have tried Session, TempData and Cookies for passing variable from home to Webhooks
HttpContext.Session.SetString("UserName", Request.Query["UserName"].ToString());
and getting session value on webhook controller
HttpContext.Session.GetString("UserName");
Also tried the same for TempData
Issue is On webbooks Controller its coming null.
I need to store parameter (User Name ,password) and reuse the same for database related operations.
Kindly guide
As far as I know, if you store the data into the cookie, session or TempData, it will always use the cookie. But you said the Webhook should worked as a trigger.
I guess this trigger is not triggered by the request or not. It was triggered by some application method. Since it doesn't contain the cookie ID which is used to get the session, cookie, TempData value.
I suggest you could use some database to store it, for example Redis, Service Bus.
If your data volume is not very large, I suggest you could consider using the memory cache, by using this , you could store these things into the memory and use it.
Notice: If your data is very large, I suggest you could use redis or service bus instead.
I have a request service and I want to get tenant's address with its id. So I need TenantAppService in another service. I can't pass it from javascript, because it is an object and I think ajax converts my parameters to url. Do I need to serialize it or can I create an instance of TenantAppService in my service? Is there an applicable constructor?
Or can I use stored procedure? I tried it but even though i imported
using System.Data.SqlClient;
SqlConnection could not be found.
I have been using cookies to share non-sensitive data across sessions. I want to store some lastUsedEntity (a string literal) from the current session at user logout event so that that entity can be read/used at next login session. The said entity belongs to a session bean of my application.
I decided to extract and store this entity in #PreDestroy method of the session bean. The method ran successfully at session timeout of the application. But storing cookie failed because FacesContext.getCurrentInstance() was null in #PreDestroy method, maybe because JSF Lifecycle request-response cycle completed by then. I tried caching FacesContext.getCurrentInstance() in #PostContruct method of my session bean so that I could access faces context cached instance but then I faced another problem java.lang.IllegalStateException at com.sun.faces.context.FacesContextImpl.assertNotReleased because I used FacesContext as instance variable of my session scoped class. I would appreciate if I could get some heads up here or any other better idea in order to persist my old session data for further use in this scenario.
There's not necessarily means of a HTTP request when a HTTP session gets expired in server side due to enduser inactivity. The enduser itself is the only one who can send a HTTP request. If there's no HTTP request which invoked the FacesServlet, then there's no FacesContext either. Let alone a HTTP response on which you could return the cookie.
You'd better rethink your logic. E.g. set the cookie immediately on every request, overriding the previous one, if necessary on a specific path and/or with a timestamp in the cookie value. Depending on the concrete functional requirement there may be better ways though as cookies are fully manipulatable by the enduser and you should absolutely not depend critical business logic on that. If it's purely for presentation, it should be okayish, otherwise better store it in the database associated with logged-in user.
I need to add a key to my session object on the browser using angular.js. Is this possible?
It's not possible to change your session from client side.
If you mean changing client-side session window.sessionStorage then just ad key-value with the object.
Otherwise if you want to change server-side session this needs some work.
I assume you use some MVC framework. First create an action in a controller which logic should add key-value passed by parameter to you session. Map the action to some path. On client-side you should create service which makes $http.post call to that action path and value as data.
Security hint: Please don't parametrize key name unless you have some security checks server-side. This way malicious user won't be able to modify sensitive key-value in your sessions.
I have cherrypy server. It is working with files and I need to delete files when session expires. Is it possible call cherrypy function, when session is expired?
You could write your own session class that inherits from the already existing session class and overwrite the expiring method.
You can take a look at
http://github.com/3kwa/cherrys
it is not what you want but this guy has written a session class to use redis (a key/value storage) for sessions. And he uses the method I mentioned to overwrite methods with the desired behaviour. You may want to look into "cherrypy/lib/sessions.py" for an overview of session methods and classes.
It's not the most convenient solution, though.