Dave, That makes perfect since. Thats a great idea I didn't even think of it. I'm just suprised that the default behavior or CF Server is to drop permanent state cookies. I will do it manually and then I will be golden. Cool.
Thanks, Jon -----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 12, 2002 4:10 PM To: CF-Talk Subject: RE: For the gurus: Question about state management with CLIENT sc ope > I'm writing an app that uses the CLIENT scope for state > management. When somebody logs in, there are some "client" > variables that are set like CLIENT.firstName and CLIENT.lastName. > > The problem is that even if the end user quits the browser > after being logged in and comes back to the site 10 minutes > later, the user is still logged in from before. I realize > that you can set a timeout on client variables, but that > is stupid. The CFTOKEN and CFID need to go away when the > browser closes - just it it does on any other website I > can think of. The Client scope isn't really intended to behave the same way as the Session scope - it's intended more for long-term user data storage, rather than storing data during an individual visit. > How can I tell CF to set the CFID and CFTOKEN cookies as > 'session' cookies, meaning that they are gone when the > browser instance quits? It doesn't make any since for > people to still be logged in after they quit the browser > and it poses a mild security risk for what I'm trying to > do. I can think of some annoying work arounds but I can't > think of any elegant solutions for this problem. You can set the cookies yourself in Application.cfm: <cfapplication ... clientmanagement="yes" setclientcookies="no"> <cfif not IsDefined("Cookie.CFID")> <cfcookie name="CFID" value="#Client.CFID#"> <cfcookie name="CFTOKEN" value="#Client.CFTOKEN#"> </cfif> Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm