The story is like this: using Liferay, if a user is logged-in on one browser and attempts to log-in on another browser (or another machine), then he should have the option of continuing that sesion (i.e. copy all the session attributes from that session and kill it from the first browser) or starting a new one (killing the session on the first machine).
I'd like to know if Liferay has support for something like this. I'm thinking that persisting the session attributes to the DB and getting them back in the second browser (e.g. using a PreLoginAction) might be a solution. I'm curious if there is a provided method of persisting the session and also a way to invalidate / kill the session on the first browser when the second one copies it.
Thanks in advance.
Please add the following properties in your portal-ext.properties and restart the server
#
# Set the following to true if users are allowed to have simultaneous logins
# from different sessions. This property is not used unless the property
# "live.users.enabled" is set to true.
#
auth.simultaneous.logins=true
##
## Live Users
##
#
# Set this to true to enable tracking via Live Users.
#
live.users.enabled=true
Related
We have a platform with a lots of workflows and a lots of tests. Right now for each test we have to complete a long workflow. In order to speed up this, I want to share the context or the browser, with all the cookies, the url, and all the data between all the it inside each describe.
I could also crete just one it and put everything inside but i'll prefer to maintain all the it functions to have all more organizated.
I know that i'm dealing with anti patterns.. but this will improve significantly the speed of the tests.
So.. is there a way to acomplish this? I can't find anything.
Thank you!
cy.session() should get you most of the way there. It allows you create a session, from which Cypress will cache most of the browser context. The next time Cypress encounters the session command, it will check to see if it has created a session with the same id, and if it has, it will use those cached values. Otherwise, it executes the contents of the cy.session() command.
From the docs:
Cache and restore cookies, localStorage, and sessionStorage (i.e. session data) in order to recreate a consistent browser context between tests.
Once created, a session for a given id is cached for the duration of the spec file. You can't modify a stored session after it has been cached, but you can always create a new session with a different id.
In order to reduce development time, when running Cypress in "open" mode, sessions will be cached for spec file reruns. To persist a session across multiple specs, use the option cacheAcrossSpecs=true
And their example using cy.session inside of a login command.
Cypress.Commands.add('login', (username, password) => {
cy.session([username, password], () => {
cy.visit('/login')
cy.get('[data-test=name]').type(username)
cy.get('[data-test=password]').type(password)
cy.get('form').contains('Log In').click()
cy.url().should('contain', '/login-successful')
})
})
I have two independent copies of a same Laravel app on my domain, each one behaves as expected when used exclusively:
app1.mydomain.com
app2.mydomain.com
They do have different APP_NAME values in their respective .env files. I do want the two to be completely independent (thus all of the rational env variables are set appropriately unique, e.g: the APP_KEYs, APP_NAMEs, APP_URLs, etc). While two distinct databases are designated (though on a same host, of course), I've put an identical "user" on both of the databases.
The thing is, sometimes when they're being utilized together (kinda concurrently), a 419 error shows up when I'm already logged into one of them through the "user" credentials, and try to log into the other one through a distinct but identical "user" credentials! Seems like the app2 thinks the user is already logged in; while the user is already logged into the other supposedly independent subdomain. I've tried SESSION_COOKIE and SESSION_DOMAIN environment variables to no avail.
By setting the SESSION_DOMAINs to app1.mydomain.com and app2.mydomain.com respectively; you may log into one of them successfully; but trying to log into the other one displays the error page of 419! Also, the domain entries for the session in the browser are set with a preceding dot, e.g: .app1.mydomain.com (while when you omit the SESSION_DOMAINs, the values do appear without the leading dot.)
I've noticed a session of app1_session does also show up in the browser cookies for app2.mydomain.com (and sometimes a session of laravel_session do also show up! the laravel is a default string substituted whenever the environment variable of APP_NAME is not read by the system!)
So, what's wrong and how can I fix it?!
Assuming you are setting up each .env file pointing to each separate sub domain. The functionality you may be after is setting the same_site value to strict.
This will ensure only cookies that are from the defined domain are accepted.
P.S. for good measure, a php artisan config:clear once you change it.
I think its not a Problem on Any of your subdomains Probably . I think You where checking out Both the site on same browser instance that why this issue is occuring try to use one on normal browser mode & open another on Private mode (or) Incognito mode ... it would probably works on your case ....
If it does not works for you Implement A Laravel Session Table So you can Track Session IDs of logged in user having a current session i hope it works for you
Same issue happening to me, fixed by setting different values for SESSION_COOKIE= inside each project .env
When you set up a ColdFusion session inside of a application.cfm or application.cfc file you can define a sessionTimeout like:
<cfapplication name = "appname"
sessionTimeout = #CreateTimeSpan(0, 0, 30, 0)# <!--- 30min timeout --->
sessionManagement = "yes">
I think that a ColdFusion session is 'extended' or 'renewed' every time:
The user navigates to a new ColdFusion Template (a .cfm file)
The user refreshes a Coldfusion Template (a .cfm file)
The user accesses a ColdFusion Component (a .cfc file) in any way, including via ajax calls that run a cffunction in the .cfc file.
In other words, if a user performs any of the actions above (assuming the sessionTimeout is 30 minutes like in the above example) the session will expire 30 minutes from when the action was performed--essentially 'extending' the life of the session to the value of sessionTimeout each time the user performs one of those actions.
Does this understanding sound correct? Are there any actions that 'extend' a ColdFusion session that I'm missing? Do the ones I listed actually behave how I think they behave and 'extend' the session?
Something similar was asked here: Can we renew session in Coldfusion?
What Alex says is true. There is a way of maintaining a session without cookies if you look at the docs. Check out the section Using client and session variables without cookies.
The only other way I can think of extending a session without user intervention would be if you can find the session through SessionTracker. Here's a nice post about it: Advanced ColdFusion Session Management.
In fact, in the comments, it says that if you access the sessions through the built-in java methods, you might extend them:
You might want to note that as soon as you access any sessions through
those methods, you'll update the "lastAccessed" timestamp.
After a research it seems that Meteor Sessions are reset after refreshing page or opening the website in new tab, i.e. they are not usual server-side sessions but something like global javascript variables on client-side. Some people advice to use AmplifyJS, but I'm not sure that it will work like usual session in other frameworks/languages and also it is a third party library, so is there any normal way to use sessions in Meteor, i.e. keep user-specific data on server?
At this moment I'm handling that by using custom Collections, but it is not an ideal way of doing that because it is needed to remove expired values from Collection manually, which makes additional troubles.
Yes this is correct. Despite the name Session is nothing like a cookie, but just a reactive form of a variable stored in a hashmap
To keep data persistent across tabs you need to use a Collections (as this is the only way to reactively share data across tabs) - Cookies can't work because they can't be made reactive as data needs to be sent to the server to notify the client when there is a change. There really wouldn't be another way at the moment as the publish/subscribe methods can only send down data from collections at the moment.
You can use your setup you have now with your custom collection. You can use a server side cron job to remove expired data (either with Meteor.setInterval or Tom Coleman's cron.
There is a package developed just for that: https://atmospherejs.com/u2622/persistent-session
After installation you can use the following functions to set sessions which are persistent:
//store a persistent session variable which is stored across templates
Session.setPersistent(key, value);
//same as above, but automatically deletes session data when user logs out
Session.setAuth(key, value);
I've tried the package and it works like charm.
I am working with ASP.NET MVC 3.0. I have a page with an action link that makes appear a window in which you can adjust a certain value. Once the new value is sent to the database, an extern application deals with the value and send the result back to that database. I want the action link to be disabled while the extern application is doing her job. The page I am working on is refreshing automatically with some AJAX calls. The date when the extern application finished her last adjustment on a value is kept in the database. I first thought I could use session variables to store the date time of when the action link was pressed (because I need it through all the application) and then enable the action link when the adjust time is greater than the time when the action link was pressed, but I heard it was bad practices. Does someone have another solution?
Since you are already using the database - query the database to check the current status. If your application is restarted - a session value would be lost unless you are using a state server (ie sql server) to manage state- unless you don't care if its lost upon restart. You can use session and save yourself database calls - but the database is a bit cleaner and doesn't suffer from the same issue. If you do end up using the session, don't spread that session value all over your code, simply have a single method that reads or sets it (same with the db solution as well)