I understand. I'm just taking issue with your conclusion, not the experience
itself.
> Am I missing the obvious here, when would a cookie be sent to
> a host in a cluster? I was under the understanding that
> cookies were set on the client machine, not on the server.
When you use CFLOGIN, that host sets a cookie which is sent to the browser.
The browser then returns that cookie on every subsequent visit to the
server. By default, that cookie may be host-specific. That is, it may only
be returned to the host from which it was originally sent. Or, even if it is
returned to each host in a cluster, it may be the case that other hosts
won't know how to interpret the cookie (this is my suspicion, actually). In
that case, you'd only be authenticated against the server which set the
cookie.
My point was simply that this doesn't have anything to do with Session
variables, although it may not work unless you've enabled sticky sessions on
your load balancer.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: 202-797-5496
fax: 202-797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
