If you aren't using session cookies the session of the user won't be expired if they simply close the browser since the default expiration of cookies is something like 2037. You can check this by looking for the cookies on your machine. To change the normal cookies into session cookies (ones that expire as soon as the browser is closed) do the following:
When setting up your application make sure you have SETCLIENTCOOKIES="NO" Then on session start <cfif not IsDefined("Cookie.CFID")> <CFLOCK SCOPE="SESSION" TYPE="READONLY" TIMEOUT="5"> <CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#" > <CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#" > </CFLOCK> </cfif> or switch to using J2EE sessions which automatically destroys the jsessionid when the browser is closed. -- Gary Gilbert http://www.garyrgilbert.com/blog ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Check out the new features and enhancements in the latest product release - download the "What's New PDF" now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:293118 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4