1. Home
  2. Portal
  3. RE: Need to retain my session in portal till the user login

RE: Need to retain my session in portal till the user login

thumbnail
Faris Abdulla, modified 14 Years ago.
Need to retain my session in portal till the user login
Regular Member Posts: 183 Join Date: 9/2/09 Recent Posts
Hi,

I need to retain session object "ABC" which is created before login.

Now, the session object which is created before login is not available after login in the portal.

How can I retain the session until it was killed by my custom action instead of liferay action events?

Is there any workaround to achieve this.

Regards,
Faris
thumbnail
Srikanth Reddy Sanivarapu, modified 14 Years ago.
RE: Need to retain my session in portal till the user login
Regular Member Posts: 203 Join Date: 11/15/08 Recent Posts
This may help you....

session.enable.phishing.protection=true...

Set the above property to false. Thanks.

Regards,
Srik
thumbnail
Faris Abdulla, modified 14 Years ago.
RE: Need to retain my session in portal till the user login
Regular Member Posts: 183 Join Date: 9/2/09 Recent Posts
Its great!!.. its working...

Thanks Srikanth...

I've some more help needed in this ..

In the case if I want to keep only the known session object "ABC" remaining session object should get killed to prevents phishing.

How can I achieve this? Which event I need to override?

When this com.liferay.portal.events.SessionDestroyAction is executed?
thumbnail
Mika Koivisto, modified 14 Years ago.
RE: Need to retain my session in portal till the user login
Liferay Legend Posts: 1519 Join Date: 8/7/06 Recent Posts
You can also add your ABC session object name to following list:
session.phishing.protected.attributes=HTTPS_INITIAL,LAST_PATH


That way you can still have session phishing enabled and retain your session object after login.
thumbnail
Faris Abdulla, modified 14 Years ago.
RE: Need to retain my session in portal till the user login
Regular Member Posts: 183 Join Date: 9/2/09 Recent Posts
Hi Mika,

I was in busy with other task to finsh.. So I didnt check this.

But I didnt find any portal.properties for this key "session.phishing.protected.attributes" in liferay 5.2.3" Hope it may in new version liferay 6.x

Regards,
Faris
thumbnail
Mika Koivisto, modified 14 Years ago.
RE: Need to retain my session in portal till the user login
Liferay Legend Posts: 1519 Join Date: 8/7/06 Recent Posts
Ah you are right it was added in 6.0.
thumbnail
Tanweer Ahmed Ansari, modified 3 Years ago.
RE: Need to retain my session in portal till the user login
Expert Posts: 322 Join Date: 3/11/10 Recent Posts
Hi Mika,

This property only works if we set <private-session-attributes>false</private-session-attributes> in liferay-portlet.xml which means we have to use the global session rather then the portlet session .
Is there any way of making the session.phishing.protected.attributes property work without setting the <private-session-attributes>false</private-session-attributes>

Appreciate your suggestions.