SPONSORS:






User Tag List

Thanks Thanks:  0
Likes Likes:  0
Dislikes Dislikes:  0
Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Feb 2005
    Location
    Mumbai
    Posts
    68
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Session Management

    Hi,
    I want to know in detail about how to test the session management in a web page.

    [ 08-04-2005, 01:56 AM: Message edited by: sonti_hanu ]

  2. #2
    Junior Member
    Join Date
    Aug 2005
    Location
    Bangalore
    Posts
    29
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Hi,

    First let me clarify you,Session management depends on your application. It includes Shopper side session and Administrator session.
    If you keep your browser open, for a long time [ex: Yahoo.] you will get a alert message as "Your session expired" and may get alert message to enter user id and password again.

    One more type session:- On a single system if your are using more than one browser, for same application, then also there are also chances that
    you may get session problem.

    please let me know, If you are not satisfied with solution.
    Attack major risks early and continuously---Or Else they attack you.
    Thanks,
    Shiva

  3. #3
    Moderator
    Join Date
    Jan 2005
    Location
    England
    Posts
    765
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Originally posted by sonti_hanu:
    Hi,
    I want to know in detail about how to test the session management in a web page.
    <font size="2" face="Verdana, Arial, Helvetica">This is not a small subject, but I'll try to summarise.

    Session Management is necessary because HTTP is stateless, which means that the web server treats each request for a page as a distinct transaction. The web server has no idea of which pages you've been looking at.

    To get around this, the server will provide you with a code, and every request you make of the server will include that code. So the server can take the code, and see which pages you were looking at.

    This is particularly important for things like shopping baskets where the server has to know that the person who selected the TV, is now the same person that has provided their credit card details.

    Now there are lots of ways that the developers can implement session management. The most common is by using cookies because most web servers make it easy to deal with cookies.

    Another common way is by using a session id held on the querystring, you'll see some URL's with great big ID's after the name. This is a session id.

    There are 2 types of cookies. Session based and persistent. Session based means that the cookie only exists for the session and as soon as you close the browser, the cookie is destroyed.
    A persistent cookie is written to the clients hard disk and can be accessed the next day.

    So, the first thing to do is find out how the developers are implementing session Management.

    The second thing is to read as much as you can about the particular type of session management and try to think of tests that you can perform.

    Some examples include:
    1) What happens if the user disables cookies.
    2) If using a server farm (i.e. more than 1 server) what happens if you start your session on 1 server and then switch to the other server.
    3) If using a sessionid on the querystring, can you guess a valid sessionid and hijack someone elses session?

    This is a big subject so good luck with your reading.
    Everywhere's within walking distance if you have enough time.

  4. #4
    Junior Member
    Join Date
    Jul 2005
    Location
    New Delhi
    Posts
    26
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Hey stephen,

    This is really informative and helpful
    Thanks..man

  5. #5
    Member
    Join Date
    Feb 2005
    Location
    Mumbai
    Posts
    68
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    I am also very much pleased with the information.
    Thank u all

  6. #6
    Junior Member
    Join Date
    Sep 2005
    Posts
    3
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Hi,
    Iam currently testing a intranet site, manually.This involves testing many forms in different modules, basically having the same field structure.Is there any other tool to autofill the fields apart from google's autofill.

  7. #7
    Moderator
    Join Date
    Jan 2005
    Location
    England
    Posts
    765
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Sam,
    I'm glad you asked this.
    For any car engine to work, it needs to have 3 things, fuel, oxygen and fire.
    As the piston falls, it sucks air through the carburettor which pulls fuel out. The mixture becomes a fine mist of fuel and air.
    The valve is closed to trap this mixture, the piston compresses the mixture and at the top of the stroke the spark plug fires and ignites the fuel and air mixture.

    And that is how an engine works.
    I hope this helps.
    Everywhere's within walking distance if you have enough time.

  8. #8
    Junior Member
    Join Date
    Sep 2005
    Posts
    3
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Hi Stephen,

    Thanks for the information!!
    Could you please elaborate??

    Thanks again

  9. #9
    Moderator
    Join Date
    Jan 2005
    Location
    England
    Posts
    765
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Sam,
    Neither your question nor my answer have anything to do with this post.

    Normally by now you would have been told that you had hijacked the thread, killing any useful discussion on the original topic.

    If you want a sensible answer to your question you should start a new post with a relevant topic so that people who know something about it can help you.
    Everywhere's within walking distance if you have enough time.

  10. #10
    Senior Member
    Join Date
    Feb 2003
    Location
    FL, USA
    Posts
    3,646
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    Total Downloaded
    0

    Re: Session Management

    Originally posted by Sam.Maaz:
    Hi,
    Iam currently testing a intranet site, manually.This involves testing many forms in different modules, basically having the same field structure.Is there any other tool to autofill the fields apart from google's autofill.
    <font size="2" face="Verdana, Arial, Helvetica">Stephen is correct - you have hijacked this tread by asking a non related question which is against the rules of the forum.

    Please read the following it will help you use the forum correctly.

    http://www.qaforums.com/cgi-bin/foru...bb.cgi?ubb=faq
    Lynne

    I have not failed. I've just found 10,000 ways that won't work" --Thomas Edison

 

 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Search Engine Optimisation provided by DragonByte SEO v2.0.36 (Pro) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
Resources saved on this page: MySQL 8.57%
vBulletin Optimisation provided by vB Optimise v2.6.4 (Pro) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.2.8 (Pro) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
vBNominate (Lite) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
Feedback Buttons provided by Advanced Post Thanks / Like (Pro) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
Username Changing provided by Username Change (Free) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
BetaSoft Inc.
Digital Point modules: Sphinx-based search
All times are GMT -8. The time now is 11:37 AM.

Copyright BetaSoft Inc.