sorry to resurrect an old thread, but i think i have something to add to it...
the same issue has manifested itself on one of my sites about 2 days ago all of a sudden. my error handler started flooding my inbox with "Session is invalid" error reports at a rate of about 80-110 a day. nothing at all has changed on the server (it's a VPS which i control). from my error reports i can see that all of the errors are caused by one and the same process: the rss reader in my own Thunderbird email client trying to fetch an RSS feed from the site. The rss feed file (a cfm page) is under the global Application.cfc, so all app settings (session management etc) apply to it too. i think that may be the problem - i have no idea if/how Thunderbird works with sessions... and i also have no idea if other rss readers may be affected by this (though i suppose i would have gotten an error email about this - i guess just only me subscribed to the site's feed :( ) i have increased session-timeout setting in web.xml file and made sure the settings in cf admin do not exceed it, so will now wait and see if that helps... Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ On 17/04/2009 21:46, Paul Vernon wrote: > > Can someone explain why the "Session is invalid null" occurs? > > We have a site on a dedicated server running CF 8 (8,0,1,195765) Standard > edition. It gets around 11,000 users a day and for the most part is issue > free. > > I've searched HoF etc., I've read the tech notes and I've subsequently > altered the session-timeout value in the web.xml config file so the timeout > is larger than the session timeout in the CF admin settings. Altering the > session-timeout value has *definitely reduced* this error occurring but it > hasn't fixed the problem and my gut instinct is that by altering the > session-timeout value I'm just hiding the problem rather than dealing with it. > > Prior to altering the value, the error was happening around 60 or 70 times a > day, altering the value has reduced this error to a couple of times a day. I > suspect increasing the session-timeout value to an even larger number will > eradicate the problem but because I donât understand the mechanics of why > it's happening in the first place, this solution just doesn't feel right. > > Also, J2EE sessions are enabled and I see the jsessionid in the headers of > requests but I still see CFID and CFTOKEN values too. I may have got this > wrong but I thought that the jsessionid negated the need for CFID and CFTOKEN? > > Any explanations as to exactly how the session cookies work and why the > session null error happens in the first place are gratefully received! > > Paul > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325167 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
