session-cookies

问题 I'm developing an application that does a remote login, amongst other things, via cURL. The remote site gives out a session cookie, which I can store in my cookie jar. I want each user to my site to have a unique session on the remote site. My application works fine with just one user (me), but I'm not sure how to make it multiuser. My first thought is to set a session variable for my application users, then use this variable as the name of the cookie jar, but this seems ugly. Is there any

问题 I have changed the sessionCookieName in context.xml <Context sessionCookieName="SESSIONID"> ... </Context> Edit after @denov's answer: In my web.xml I'm using this configuration: <session-config> <tracking-mode>COOKIE</tracking-mode> </session-config> Now I can see the new cookie name in my url: http://localhost:8080/profile;SESSIONID=FEB1091BD2E132362FFDE8FE354F4CEA It happen never if I'm using default tomcat settings (JSESSIONID) So how to disable this "feature"? 回答1: https://tomcat.apache

问题 OK basically I am trying to implement form authentication in my web application and to do this I need to know how does the web-server decide a request is a new one or not. This is becasue the webs-server creates a new session per new request. So i create an authenticatecoookie per successful login and its a persistent cookie that will last until it times-out regardless of weather the user closes his/her browser or looses connection and has to reconnect as this cookie is stored on the client

问题 I am making a session system for a Happstack server and I use mongoDB for persistent storage. I was wondering if the MongoDB ObjectIDs are safe for use as session IDs. 回答1: Generally speaking, MongoDB ObjectIDs are globally unique, and therefore safe if collisions are your concern. However, if you're talking about a session ID, the question really depends on if you are encrypting it client side and how. Typically the answers to those questions should be yes and as an encrypted cookie value

问题 I know this problem has been presented here in SO and I've tried the solutions but it's still not fixed. PHP is deleting the session after some time of inactivity (i assume 24 minutes as it's the default and seems to fit the testing). I have the following code set in all the pages: ini_set('display_errors', 0); $sessionCookieExpireTime = 2880000; session_set_cookie_params($sessionCookieExpireTime); ini_set('session.gc_maxlifetime', $sessionCookieExpireTime); session_start(); echo ini_get(

问题 I am setting up a payment gateway and am using sessions to store data across page requests. The class below is used for organizing and storing information to the session. class Gateway: def __init__(self, session_key=None, session_name="FOO"): # Store session ID and name self.session_key = session_key self.session_name = session_name # Get the session session = SessionStore(session_key=self.session_key) try : data = session[self.session_name] except : data = {user_id:None, checked_in:False }

问题 I have the following issue. I am building a PHP + jQuery mobile website and I want to maintain the PHP session. The problem here is that when I close the browser App (Samsung Galaxy S4/S5 or Google Chrome on Android) and I leave the phone for say, ten minutes, and then reopen the browser, the whole session appears to be destroyed and I have to log in again. I tried to increase the cookie lifetime like this: ini_set('session.cookie_lifetime', 60 * 60 * 24); ini_set('session.gc-maxlifetime', 60

问题 I am working on a web application where I have to tell user that he is logged in gmail or yahoo or facebook account. I think this can be done using cookies . How to find out it? what is the cookie name of these accounts, so that I can check their presence 回答1: Gmail can be tested by linking to a public image in your own google account. Facebook can be tested by loading your own profile, as a script. Both of these links will succeed if the person is logged into the respective service and fail

问题 Is it possible to get session cookie name in medium trust level? The code below works in full trust, but throws a security exception in medium trust level. string sessionCookieName = ((SessionStateSection)WebConfigurationManager.GetSection("system.web/sessionState")).CookieName; 回答1: You can use HTTP_COOKIE server variable from the Request object, to get the cookie string that was included with the request. string cookieString = Request.ServerVariables["HTTP_COOKIE"] If what you want is to

问题 I am using Laravel Framework version 4.1.21 and the "expire_on_close" option does not end the session in Chrome when the browser is closed. The options in my config/session.php file look like this: 'driver' => 'file', 'lifetime' => 120, 'expire_on_close' => true, Also in the developer toolbar, under Resources > Cookies, the Expires value is set to "Session" for the laravel_session cookie. This works fine in Firefox though. Any ideas what am I missing ? Thanks ! 回答1: It's becasue of Chrome's