session-cookies

I am going through the great Michael Hartl tutorial to build ruby app here . I am trying to understand the concept of how to create a session and I am stuck in understanding this line: self.current_user = user in this method: module SessionsHelper def sign_in(user) cookies.permanent[:remember_token] = user.remember_token self.current_user = user end end I understand the whole concept of creating a cookie with the user_token. But I don't understand what does self.current_user = user means and why is it even necessary to keep this line of code - I have the cookie with the token - why do I need

We're using ASP.NET and IIS 6.0. I realise that the definitions of applications, websites and virtual directories are ill-defined in IIS 6, and changed a lot in IIS 7. However, I'm stuck with IIS 6.0 for now. We have a single web site defined in IIS, and a number of separate sub-sites in Virtual Directories. The scheme looks like this:- http://site.example.com/site1 http://site.example.com/site2 .. etc .. site1, site2, ... are virtual directories in IIS 6.0, under the "Default Web Site". I need to use ASP.NET sessions and forms authentication in most of these sites, and I don't want them to

i'm on rails 4 with passenger. everything was working great until i did a bundle just now. now i'm hitting the following error: Web application could not be started uninitialized constant ActionDispatch::Session::EncryptedCookieStore (NameError) /u/sf/ytl/.rbenv/versions/2.0.0-p0/lib/ruby/gems/2.0.0/bundler/gems/rails-2ac97df55230/railties/lib/rails/application/configuration.rb:144:in `const_get' /u/sf/ytl/.rbenv/versions/2.0.0-p0/lib/ruby/gems/2.0.0/bundler/gems/rails-2ac97df55230/railties/lib/rails/application/configuration.rb:144:in `session_store' /u/sf/ytl/.rbenv/versions/2.0.0-p0/lib

After login in android app, how do I create a token session in the php api? Like this: I would like to make sure that when user log in it will stay in session no matter what happens (crashed, shut down/power down/reboot, leaving the app) at same time the user info data will be sending with all the activities in the app to the webserver. Do I simply use: session_start(); $_SESSION['username'] = $user; $_SESSION['auth'] = "true"; If so how do I pass this session into the android application? Login Authentification in Android App: HttpClient client = new DefaultHttpClient(); String url = "http:/

I am busy with a login system for my project. Just for an extra step to the security.. How can I check/detect if a user has manually changed a cookie value? Is there some easy way of doing this? Or do I have to set an extra Session variable and match it up with that? With this being said, is a normal ASP.Net Session traceable by the browser? And viewable to the user? Thanks. Bill Brasky You could append a digital signature to the cookie value and check the signature when you read it back. That way, if the cookie value is tampered with it will be very apparent. private string sign(string