Thanks for that information guys, I'll go into the admin and switch it over to J2EE session management, is there are GOTCHA's that I need to watch out for when doing this? I only ask because in my logic, if we were better off using J2EE then it would be applied by default :-D Is there any reason why i wouldn't want to use this?
Thanks guys, Rob -----Original Message----- From: Bobby Hartsfield [mailto:[EMAIL PROTECTED] Sent: 14 May 2007 16:32 To: CF-Talk Subject: RE: Session Security > I'm running ColdFusion in its standalone mode, does > that still use J2EE sessions You have to go into the memory vars section of the administrator and check the box for "Use J2EE session variables". -----Original Message----- From: Robert Rawlins - Think Blue [mailto:[EMAIL PROTECTED] Sent: Monday, May 14, 2007 11:09 AM To: CF-Talk Subject: RE: Session Security Ah that's good to know, I'm running SSL. I'm guessing the J2EE sessions are pretty tidy them. I'm running ColdFusion in its standalone mode, does that still use J2EE sessions? Are there any specific application settings I should be using in my application.cfc to help keep this all buttoned down, i've never really understood the loginstorage settings and the setdomaincookie variables. Thanks, Rob -----Original Message----- From: James Holmes [mailto:[EMAIL PROTECTED] Sent: 14 May 2007 16:02 To: CF-Talk Subject: Re: Session Security Without XSS, on a server using J2EE sessions over SSL, it's really unlikely that anyone will succeed. On 5/14/07, Claude Schneegans <[EMAIL PROTECTED]> wrote: > >>Any thoughts on where to get started with this stuff? > > Have you an example of how some one could hijack a session under CF? > > -- > _______________________________________ > REUSE CODE! Use custom tags; > See http://www.contentbox.com/claude/customtags/tagstore.cfm > (Please send any spam to this address: [EMAIL PROTECTED]) > Thanks. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278056 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4