WebEngine "keep me logged in" functionality - javafx-2

Is there any way to store state, basically to have a "keep me logged in" functionality like browsers do?
I've been looking into the CookieManager, and search a lot but haven't been able to find anything on this.
I have a social feeds reader, in which if a user clicks on a link it is opened on a WebView. The thing is, that on every run of my app, when they click on a link pointing to a private facebook post, they need to log in to their accounts in order to view it, which is quite uncomfortable.
Appreciate your help.

I found this How do I persist cookies when using HTTPUrlConnection?
and this http://docs.oracle.com/javase/tutorial/networking/cookies/custom.html
which allowed me to create a persistent cookie handler.

Related

Best practice to check if the user is logged in during the entire session

I'm using React on the front, nodejs + express for the back, mongodb , and passportJS for the auth, and express sessions to store the session information.
Whenever someone joins my website, react is sending a request to the backend to check if the user is logged in, and then if the user is logged in it will show adapted content. The problem is that whenever someone is logged in it will first show in the nav bar a button that says "log in" and only half a second later will it be updated to "log out" because the post request that says the user is logged will resolve. What is the best practice to solve this issue? at the moment I check if the user is logged in every single time that the user navigates to a new page and it does not sound like a best practice to me.
Try adding a loading state to your component. So instead of two states of login and logout, you will have login, loading, and logout.
This will allow you to add a new UI state for loading. Now it up to you to decide the UX.
UX Solution:
Some sites just put a giant loader and blocks the site till the app is loaded which works but is not that appealing.
A more modern solution is to use a skeleton loader. This will display a fake component while the application is loading (Note: NOT the whole sight needs to be in this skeleton state. It can be only the navbar while the rest of the application is displayed).
See AntD skeleton: https://ant.design/components/skeleton/

How to track last login date for IBM Domino web user?

Does IBM Domino track the last login date for web users(UserName/Password and internet certificate)? I know the access logs contains this information but wanted to know if there may be something built into Domino (maybe in Address Book). Trying to come up with a method to disable web accounts that have not accessed a domino server in a specified time period.
Thanks,
Kev
The User Activity area in the Database Properties picks up from the log.nsf, which is where this information is stored. But, typically, the log.nsf will only have a few days' worth of information. When I've had this requirement before, I've manually captured it via a custom login page or an initUser function I've had in applications.
One of the easiest solutions is to trigger an action from a live web page that generates a database.nsf?openagent event.
like:
or
Ideally you've use the openagent to print a content type and a response, but if you don't browsers do pretty well with invalid responses from servers.
inside your "myagent" you will have the users name available to you to write it to a document.
Your next challenge will be in getting the agent to trigger, but, not too often, ideally only on login.
When a user uses a custom login form it submits the username/password and redirection url in POST method. You could change that to ...?openagent&nexturl=/blablabla.nsf
Your tiny little agent would run one and only one time upon login and update a document in a your custom logging database.
That's a developer's solution.
There are also admin solutions. The server does keep track of active web sessions, but, it does not drop them into the log.nsf like it does upon session ending for a notes session. I don't think it would be too much work from an admin standpoint to get that information there are a lot of event triggers available to you. It's just been way too long since I worked on any server that anyone cared about statistics.

LIKES done by me on my own page don't show up anymore after making an app to post to my page's fanpage

I really hope someone can tell me more about what's going on, because I spent days searching the net and for the life of me can't say what is going on.
Here's what happened. I have a website 4nieuws.nl . On every article's page I put a like button using the Javascript SDK. All worked well. On facebook I created a fanpage for the website, facebook.com/4nieuws and every now and again I would copy an interesting article there. The like button and Javascript SDK on 4nieuws.nl uses the APP Id from an app I created specifically for that purpose.
Then I thought I might automate to publish the most popular articles on the fanpage using the PHP api. I set about getting the proper authorization key using the sequence explained on this page: http://www.typeoneerror.com/articles/post/permanent-facebook-sessions-and-posting-as-a-page
For this to work I authorized the previously mentioned app to publish on the facebook fanpages that I am admin of. And this works.
Now for the strange part. Ever since I authorized the app, if I go to 4nieuws.nl and like a page, or even 'post to facebook', the button shows 1 more like. But the like message never shows up on my personal wall. My wife, logged in to her own facebook account, gets a notification that I liked a page, but when she clicks the notification she is sent to a Facebook 404 page. When I subsequently reload the article, my 'like' is not there anymore.
Has anyone ever come across something like this ? I'm a bit anxious because I am not sure if other peoples likes on 4nieuws.nl are working as it should. I do see likes on pages but have no idea if those likes are actually registering on peoples walls.
Any help greatly appreciated.

How to logout of an HTTP authentication (htaccess) that works in Google Chrome?

I got a solution for Firefox and IE but I didn't find any solution for Google Chrome.
Is there a way to do it in Google Chrome?
I know it's a really old post... I mean like friggin 5 years now, but I just found a somewhat good solution.
Inside your protected folder, create another folder, let's call it "logout". Place the same .htaccess file in here as you have in your protected folder, except with a small modification.
instead of:
Require valid-user
now write:
Require user EXIT
And make sure, you don't have a user named exit! :D
In your protected area, your logout link or button or whatever, should redirect the user to this address: example.com/protectedFolder/logout
The browsers usually are able to keep only one user logged in from one site name or realm name... the sign in attempt for the user Exit will overwrite everything, thus the originally logged in user, would have to log in again to the protected area.
But as always, I might be wrong, and you should still close all your browser window, and restart the computer if you want to be sure! :)
Also, it wouldn't hurt, if you would tell your users what is going to happen, when they hit logout!
I have tested this in chrome and in internet explorer 11.(will not work in edge, and maybe others neither)
The solution was found here:
https://www.mavensecurity.com/media/BasicAuthLogOut.pdf
You can't logout a HTTP authenticated session other then closing the browser window. Also see the accepted answer on this question for an extensive explanation.
try redirect to:
wrong_user:wrong_password#yourdomain.com
I have put together the following article which explains how I have managed to achieve this in Chrome. I hope this helps. https://www.hattonwebsolutions.co.uk/articles/how_to_logout_of_http_sessions
In short - you create a sub folder (as per Gyula's answer) but then send an ajax request to the page (which fails) and then trigger a timeout redirect to the logged out page. This avoids having a secondary popup in the logout folder requesting another username (which would confuse users). My article uses Jquery but it should be possible to avoid this.

Facebook Like button that posts to page wall as well?

I have a online shop. On the home page there are products, with a like button. When a person clicks on the button, it goes to their profile and it says that they liked it. However, I also want when the user clicks like, that it is posted to my BUSINESS FACEBOOK PAGE as well.
1. Is this possible?
2. Is this possible using the standard facebook like button?
I am implementing this on a site with Drupal which is using the FBConnect module.
Yes
No
We can't do anything with that standard facebook like button. That's the way it is. However, we can achieve what you want by other means.
Since you're the owner of the business page, you can get the access_token for it, preferably with publish_stream permission. Then you can use edge.create event on the pages with the like button and detect that to publish on your business wall.
Check the links. For the access_token / authentication link, look for "Page Login".

Resources