AFAIK Sessions are for one server only so if you have cluster servers a different server cannot access the session details of another server... However with Client variables (turned off the default location of the registry to a database such as SQL Server) you can store these in a central location such as SQL server that all the servers can access.
It is possible to write code that will time the user out such as sessions do like this.. <CFIF DateDiff("n", Client.LastVisit, Now()) GTE 20> <!--- Manually log the user out as there session has timed out ---> <CFLOOP LIST="#GetClientVariablesList()#" INDEX="idxClientVar"> <CFIF NOT DeleteClientVariable("#idxClientVar#")> <CFSET "Client.#idxClientVar#" = ""> </CFIF> </CFLOOP> <!--- Now that they are logged out send them to the index page ---> <CFLOCATION URL="#Application.Root#index2.cfm" ADDTOKEN="No"> <CFABORT> </CFIF> This code will setup a sessions type scenario so that the client will not be logged in if they try to access the site after 20mins of inactivity Session Variables also exist in the shared memory scope and thus require locking on reads and writes. -----Original Message----- From: Gyrus [mailto:[EMAIL PROTECTED]] Sent: 14 November 2001 18:27 To: CF-Talk Subject: Re: Session and Client Variables > Hi Folks, i'm prepping for the cf exam and i'm lacking a good understanding > of the difference between client and session variables. It seems that > they both are capable of doing the same thing. When and why > should/would i use one or the other? What apps have you used client > vars for and not session vars for and visa versa and why? Thanks for > any help. As I understand it, the key difference is that session variables timeout. Client variables are tied to a specific client, session variables are tied to a specific client *and last for a specific period of time after the last request from that client to a specific application*. This timeout period is controlled in CF Admin, or in the CFAPPLICATION tag in application.cfm. I use session variables mostly for password-protected areas (usually backend CMS's) that need the finite login time for security reasons. I never really used client variables. I suppose I could provide the option to "remember me next time" when users login, and this is a good example of the difference I suppose: - Normal login = session variables, and if you leave the app for 20 mins (or whatever), you will have to login again. - "Remember me" login = client variables, and as long as the connected cookies remain on the client, you won't have to login to get into the app. hth, - Gyrus ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists