John, I'm just throwing out an idea here, but instead of executing the <cfapplication> tag in your onPageChange.cfc, why not just delete the session variables that maintain the user's 'login' identity?
For example, in one of the applications I support, we set all the 'login' variables in a 'session.user' scope, like this: <cfset session.user.authenticated = true> <cfset session.user.userid = 'whatever'> ... and so on So, when we want to force a logout, we just do: <cfset structDelete(session,"user")> If you've got the logic set up the way you want and it's simply the deletion of the 'session' or client variables, you could do something similar where you have the <cfapplication> tag. Hope this helps. Dave -----Original Message----- From: John Grubb [mailto:[email protected]] Sent: Wednesday, July 08, 2009 7:50 AM To: cf-newbie Subject: programmatically change session timeout I have been away for a few years and am just getting back to work, so please forgive the rookie question. I need to have a user automatically logged out 30 seconds after leaving my domain. I am not using standard login due to security restraints, but setting up application, client, and session variables. The 30 seconds just ensures enough time for the next page to load and, if it's in my domain, the user should not be logged out. All of the necessary code to clear client variables and uptade database tables is in application.cfc in the onSessionEnd function. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-newbie/message.cfm/messageid:4613 Subscription: http://www.houseoffusion.com/groups/cf-newbie/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
