> Just a quick question. When is it necessary to pass the > session information for a user in the URL as that user > navigates a site? If I remember correctly, some of this > depends on whether cookies are enabled on the browser and > whether J2EE session variables are enabled. Can anyone give > me a quick primer on this or point me in the right direction?
If you cannot rely on cookies to ensure that every request contains a session token, you must ensure that the session token is passed some other way for every request, whether that request is triggered by a link, a form submission, or a client- or server-side redirect. This doesn't have anything to do with J2EE sessions vs CF sessions. However, J2EE session cookies are nonpersistent by default, so they are more likely to be accepted by browsers. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:263948 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
