wood burning stoves 2.0*
The moose likes Websphere and the fly likes Hidden Data getting restricted Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "Hidden Data getting restricted" Watch "Hidden Data getting restricted" New topic
Author

Hidden Data getting restricted

v_zunzun
Greenhorn

Joined: Feb 03, 2004
Posts: 2
Hi,
We are hosting a web application.I am using hidden form fields for session managment.Last week suddenly users started facing difficulty in accessing our site..What is happening is :-
1)User login to our site.We serve the fist page.
2)User is trying to perform a form POST.
3)Reqeust coming to IBM HTTP Server.Since its not having session data,we are redirecting it to login page again.
Upon investigation we found that those users who have Antivirus(Norton)on their m/c are facing this problem..The session data is getting blocked..
Same user can access his account from other m/c which doesnt have antivirus..
Does any internet sercurity s/w or anti virus suit restrict/strip off hidden data??

Regards
vvn
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

"Vvn",
We're pleased to have you here with us in the WebSphere forum, but there are a few rules that need to be followed, and one is that proper names are required. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.

In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious.

Thanks,
Jeanne
Forum Bartender


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

Antivirus shouldn't do this, but could Norton be blocking the cookies?
v_zunzun
Greenhorn

Joined: Feb 03, 2004
Posts: 2
My apologies for the ignoring the naming convention.I have changed it.
Ruled out the possibiliy of AntiVirus..We digged into the issue further.We have IBM HTTP Server(IHS) 2.0 version installed recently and the problems started after that only..I was going through the IBM site and found that
WebSphere fails to handle post requests when the post data is sent in time intervals greater than the connection timeout.WebSphere needs to handle this situation and return the correct status code.The plugin also needs to be modified slightly to limit the possibility of sending this type of request to the application server.
Could the issue be with IHS?
Only 5-10% of the users are failing and the interesting thing is the same user can access the site from some other m/c!..

Any insights would be helpful..
Regards
vaibhav
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

Vaibhav,
Thanks for updating the display name.

The HTTP server definitely sounds like something that could cause the problem. I don't have any more detailed thoughts on it though.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Hidden Data getting restricted
 
Similar Threads
Prefer hidden field instead of session attribute
How do I "force create" a new session in JSF
New question on SERVLET filter
JSP SESSION MANAGEMENT
STRUTS - Remebering page access after login