-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yawar,
On 8/21/2010 12:42 AM, Yawar Khan wrote:
> chris, i had a look at container managed authentication and its quite handy.
> but
> i couldnt see how i can add extra functionality like calling an encryption
> function on password text field befo
Yawar Khan wrote:
Felix, the issue still persists, i dont know what else to do? and i dont know
why this issue is popping up on linux enviroment only. under windows there is no
session mixup issue.
Now this are no class wide variables and i had moved them inside the login
function.
Hi.
Thi
i had moved them inside the
login
> function.
>
>
>
>
>
>
>
> From: Felix Schumacher
> To: Tomcat Users List
> Sent: Sat, August 21, 2010 6:07:18 PM
> Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
>
>
>
>
.
From: Felix Schumacher
To: Tomcat Users List
Sent: Sat, August 21, 2010 6:07:18 PM
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
"Yawar Khan" schrieb:
>thanks felix, very nicely explained!
>
>but do you think that declaring connection and rs variable
ith the
values of your user beans.
Hth
Felix
>
>
>
>
>From: Felix Schumacher
>To: Tomcat Users List
>Sent: Sat, August 21, 2010 4:13:52 PM
>Subject: RE: Sessions mix-up on Tomcat 6.0.26 on Linux
>
>Am Freitag, den 20.08.2010,
: Sessions mix-up on Tomcat 6.0.26 on Linux
Am Freitag, den 20.08.2010, 21:54 -0700 schrieb Yawar Khan:
> Chris, you identified a possible sql injection in my code and declaring it a
> very bad piece of code. Despite the fact that jdbc does not allow more than 1
> query on this execute
gt; Sent: Sat, August 21, 2010 3:16:23 PM
> Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
>
> On Sat, Aug 21, 2010 at 6:54 AM, Yawar Khan wrote:
>
>> Chris, you identified a possible sql injection in my code and declaring it
>> a
>> very bad piece of code.
stmt = null;
> }
>
> if (currentCon != null) {
> try {
> currentCon.close();
> } catch (Exception e) {
> }
>
> currentCon = null;
> }
>
try {
>stmt.close();
> } catch (Exception e) {}
>stmt = null;
> }
>
> if (currentCon != null) {
> try {
>currentCon.close();
> } catch
-Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Friday, August 20, 2010 3:41 AM
> To: Tomcat Users List
> Subject: Re: [OT] Sessions mix-up on Tomcat 6.0.26 on Linux
>
> Yawar,
>
> On 8/19/2010 3:27 PM, Yawar Saeed Khan/ITG/Kara
} catch (Exception e) {}
>stmt = null;
> }
>
> if (currentCon != null) {
> try {
>currentCon.close();
> } catch (Exception e) {
> }
>
>
}
}
return bean;
}
}
ysk
-Original Message-----
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Friday, August 20, 2010 3:43 AM
To: Tomcat Users List
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA
...@gmail.com]
Sent: Friday, August 20, 2010 2:05 AM
To: Tomcat Users List
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
Maybe its just be but I still don't see where uadc is declared or even
imported.
On Thu, Aug 19, 2010 at 10:26 PM, Yawar Saeed Khan/ITG/Karachi <
yawar.sa...@mc
, 2010 3:41 AM
To: Tomcat Users List
Subject: Re: [OT] Sessions mix-up on Tomcat 6.0.26 on Linux
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yawar,
On 8/19/2010 3:27 PM, Yawar Saeed Khan/ITG/Karachi wrote:
> your comments on my current code tells me that this code is not bad,
> but I
On 19/08/2010 23:42, Christopher Schultz wrote:
> Wesley,
>
> On 8/19/2010 5:04 PM, Wesley Acheson wrote:
>> Maybe its just be but I still don't see where uadc is declared or even
>> imported.
>
> ...or even used.
>
> I'm guessing that the bad code exists outside of this login servlet.
s/the b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wesley,
On 8/19/2010 5:04 PM, Wesley Acheson wrote:
> Maybe its just be but I still don't see where uadc is declared or even
> imported.
...or even used.
I'm guessing that the bad code exists outside of this login servlet.
- -chris
-BEGIN PGP S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yawar,
On 8/19/2010 3:27 PM, Yawar Saeed Khan/ITG/Karachi wrote:
> your comments on my current code tells me that this code is not bad,
> but I should check out tomcat's container managed logins... right?
This code seems to be doing more work than ne
d void doGet(HttpServletRequest request, HttpServletResponse
> response)
>throws ServletException, IOException {
>processRequest(request, response);
>}
>@Override
>protected void doPost(HttpServletRequest request, HttpServletResponse
> response)
> throws Servl
__
From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
Sent: Fri 20-Aug-10 1:56 AM
To: Tomcat Users List
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
Sorry can't see it. Are you sure you attached it? you could use something
like pastebin if the mail list does accept attachment
/mde/
- Original Message
From: Yawar Saeed Khan/ITG/Karachi
To: Tomcat Users List
Sent: Thu, August 19, 2010 12:27:08 PM
Subject: RE: [OT] Sessions mix-up on Tomcat 6.0.26 on Linux
thanks for your constructive comments, as I mentioned that "bad, bad, bad" code
is out. n
gestions are welcome.
>
>
>
> From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
> Sent: Fri 20-Aug-10 12:38 AM
> To: Tomcat Users List
> Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
>
>
>
> Okay I've a little tehory could you post
mention that I have client side form validations (js) to
stop query busters.
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Thu 19-Aug-10 11:01 PM
To: Tomcat Users List
Subject: Re: [OT] Sessions mix-up on Tomcat 6.0.26 on Linux
-B
source code is attached;
suggestions are welcome.
From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
Sent: Fri 20-Aug-10 12:38 AM
To: Tomcat Users List
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
Okay I've a little tehory could you pos
Okay I've a little tehory could you post the entire code for loginmanager.
How is udac declared? If its a class variable then *ITS NOT THREAD SAFE*.
As a basic rule don't declare class variables in a servlet (There are
exceptions to this rule but you shouldn't under normal circumstances)
On 8/19/2010 11:28 AM, Yawar Saeed Khan/ITG/Karachi wrote:
> Chuck, what you say makes sense but I check the behavior on windows.
All that says to me is that your testing environment on Windows is inadequate.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MAT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yawar,
On 8/19/2010 11:28 AM, Yawar Saeed Khan/ITG/Karachi wrote:
> Chuck, what you say makes sense but I check the behavior on windows.
> the problem is in Linux environment only. I would imagine that tomcat
> configuration might be different on both
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yawar,
I'm marking this as off-topic for /your/ request. I just have some
comments for you. Take them or leave them.
On 8/19/2010 11:53 AM, Yawar Saeed Khan/ITG/Karachi wrote:
> Ok, let me share my source code with you...
>
> my index.jsp page has a
: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
2010/8/19 Yawar Saeed Khan/ITG/Karachi :
> Ok, let me share my source code with you...
>
> HttpSession session = request.getSession(true);
> response.sendRedirect("main.jsp"); //logged-in page
2010/8/19 Yawar Saeed Khan/ITG/Karachi :
> Ok, let me share my source code with you...
>
> HttpSession session = request.getSession(true);
> response.sendRedirect("main.jsp"); //logged-in page
See documentation on HttpServletResponse.encodeRedirectURL( ) method.
I
YSDATE WHERE USER_ID = '"+ rs.getString("USER_ID") +"'");
int audit_insrt = InsertAuditEntry("F001", (String)
session.getAttribute("user_id"), (String) session.getAttribute("branch_code"));
response.sendRedirect("main.j
both machines
with default configurations.
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Thu 19-Aug-10 7:02 PM
To: Tomcat Users List
Subject: RE: Sessions mix-up on Tomcat 6.0.26 on Linux
Yawar Saeed Khan/ITG/Karachi wrote:
>
>
On 19/08/2010 14:02, Caldarale, Charles R wrote:
> Yawar Saeed Khan/ITG/Karachi wrote:
>>
>> I have developed a web application using jsp and servlets with
>> oracle database.
>>
>> The application is working fine on windows,
>
> Or at least running on that platform hasn't uncovered the latent bu
Ben Souther wrote:
On Thu, 2010-08-19 at 12:45 +0200, André Warnier wrote:
Yawar Saeed Khan/ITG/Karachi wrote:
Hi,
I have developed a web application using jsp and servlets with oracle
database.
and with Tomcat also ?
Look in the subject line. :)
Ok, I overlooked the subject line (*).
Yawar Saeed Khan/ITG/Karachi wrote:
>
> I have developed a web application using jsp and servlets with
> oracle database.
>
> The application is working fine on windows,
Or at least running on that platform hasn't uncovered the latent bugs in your
webapp.
> but the problem arises when we deploy
On Thu, 2010-08-19 at 12:45 +0200, André Warnier wrote:
> Yawar Saeed Khan/ITG/Karachi wrote:
> > Hi,
> >
> >
> > I have developed a web application using jsp and servlets with oracle
> > database.
> >
> and with Tomcat also ?
Look in the subject line. :)
> >
> >
> >
> > The application
Yawar Saeed Khan/ITG/Karachi wrote:
Hi,
I have developed a web application using jsp and servlets with oracle
database.
and with Tomcat also ?
The application is working fine on windows,
Windows version, JVM version, tomcat version ?
but the problem arises when
we deploy it on Linux
Hi,
I have developed a web application using jsp and servlets with oracle
database.
The application is working fine on windows, but the problem arises when
we deploy it on Linux(64bit), we get session issues in the application.
The session variables get mixed up and we can see previously lo
37 matches
Mail list logo
