This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Hi, We are hosting a web application.I am using hidden form fields for session managment.Last week suddenly users started facing difficulty in accessing our site..What is happening is :- 1)User login to our site.We serve the fist page. 2)User is trying to perform a form POST. 3)Reqeust coming to IBM HTTP Server.Since its not having session data,we are redirecting it to login page again. Upon investigation we found that those users who have Antivirus(Norton)on their m/c are facing this problem..The session data is getting blocked.. Same user can access his account from other m/c which doesnt have antivirus.. Does any internet sercurity s/w or anti virus suit restrict/strip off hidden data??
"Vvn", We're pleased to have you here with us in the WebSphere forum, but there are a few rules that need to be followed, and one is that proper names are required. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.
In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious.
Antivirus shouldn't do this, but could Norton be blocking the cookies?
Joined: Feb 03, 2004
My apologies for the ignoring the naming convention.I have changed it. Ruled out the possibiliy of AntiVirus..We digged into the issue further.We have IBM HTTP Server(IHS) 2.0 version installed recently and the problems started after that only..I was going through the IBM site and found that WebSphere fails to handle post requests when the post data is sent in time intervals greater than the connection timeout.WebSphere needs to handle this situation and return the correct status code.The plugin also needs to be modified slightly to limit the possibility of sending this type of request to the application server. Could the issue be with IHS? Only 5-10% of the users are failing and the interesting thing is the same user can access the site from some other m/c!..
Any insights would be helpful.. Regards vaibhav
author & internet detective