I have an application that starts as such:
<cfapplication name="myApp" sessionmanagement="Yes"> --time span is handled
in the CF Administrator
I have built a timed out session error handler that looks in a thrown error
and redirects the user to the login automatically. This works fine, except
when the page I access doesnt have a session param on it.
My app works fine:
1. you cant access any page under it without being logged in.
2. the error process listed above works as well. I am handling the
expired session stuff on the pages that use sessions by looking for the
string "session" in the error string, and redirecting the user based upon
that.
When I try to add session validation on the application.cfm I end up getting
that login looping thing that I am sure everyone has seen.
I think the problem lies in the fact that I am using cookies and session
params. I have included my code below. There are tweaks in it for in system
pop ups and nakedly accessed pages.
Anyone have any suggestions to what I should do so that whenever the
sessions expire, the next page load triggers a re-login regardless of
whether the page calls a session or not?
<cfapplication name="myApp" sessionmanagement="Yes">
<cfheader name="cache-control" value="public">
<cfparam name="DSN" default="TAMALE">
<cfif not isDefined('cookie.isLoggedin')>
<cfcookie name="isLoggedin" value="no">
<cfcookie name="userid" value="0">
<cfcookie name="useremail" value="">
<cfcookie name="applist" value="">
<cfcookie name="LoginAttempts" value="0">
<cfcookie name="Sound" value="true">
<cfcookie name="Chat" value="false">
<cfcookie name="chat_room_id" value="9999">
<cfcookie name="chat_last_id" value="0">
<cfif not isdefined("session.Auth")>
<cfset session.Auth = structNew()>
<cfset session.Auth.isLoggedIn="No">
<cfset session.Auth.Customer="No">
<cfset session.Auth.Customer_Application="">
<cfset session.Auth.Customer_Company_ID="">
<cfset session.Auth.Customer_Company_Name="">
<cfset session.Auth.UserName="">
<cfset session.auth.message_given="false">
</cfif>
<cfif NOT FindNoCase("data_request",cf_template_path)>
<cflocation url="" addtoken="No">
</cfif>
<cfelse>
<cfif NOT FindNoCase("int.cfm",HTTP_REFERER)>
<cfif cf_template_path is not "C:\Inetpub\wwwroot\AeroNet\logout.cfm"
and cf_template_path is not "C:\Inetpub\wwwroot\AeroNet\int.cfm" and
cf_template_path is not "C:\Inetpub\wwwroot\AeroNet\login.cfm" AND NOT
FindNoCase("superadmin",cf_template_path) AND NOT
FindNoCase("webservices",cf_template_path) AND NOT
FindNoCase("filetransfer",cf_template_path) and cf_template_path is not
"E:\Inetpub\wwwroot\AeroNet\int.cfm" and cf_template_path is not
"E:\Inetpub\wwwroot\AeroNet\logout.cfm" and cf_template_path is not
"E:\Inetpub\wwwroot\AeroNet\login.cfm" AND NOT
FindNoCase("PTM",cf_template_path) AND NOT
FindNoCase("document_read_report",cf_template_path) AND NOT
FindNoCase("NLM",cf_template_path) AND NOT
FindNoCase("Chat",cf_template_path) AND NOT
FindNoCase("youarehere",cf_template_path) AND NOT
FindNoCase("data_request",cf_template_path) AND NOT
FindNoCase("common",cf_template_path)>
<script>
if (!this.parent.frames[2]){
if (!this.parent.parent.frames[2] && this.parent.name != "Preview"){
if(this.location != " http://meatloaf:81/mail.cfm
<http://meatloaf:81/mail.cfm> "){
parent.parent.document.location="/logout.cfm";
}
}
}
</script>
</cfif>
</cfif>
<cfif cookie.isLoggedin is "no" AND NOT
FindNoCase("filetransfer",cf_template_path) AND NOT
FindNoCase("PTM",cf_template_path) AND NOT
FindNoCase("data_request",cf_template_path)>
<cfinclude template="login.cfm">
</cfif>
</cfif>
<script>
document.title="myApp";
</script>
<cferror type="EXCEPTION" exception="any"
template="/AeroNet/default_validation_error_page.cfm">
<cferror type="REQUEST"
template="/AeroNet/default_validation_error_page.cfm">
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- Application Question Eric Creese
- Re: Application Question Calvin Ward
- John Stanley