Unfortunately, yes. The user CAN access two companies in two different browser windows at the same time (especially the support personel). Session Variables are not being used, but Client Variables are (shouldn't be tooo much differnce though). And I agree - I'd like to drop the URL token.
At this point, we have focused on getting the core functionality of the app in place for one company at a time. Adding the ability to access more than one company simultaneously can come later as an enhancement to the application. We felt it best to get the app running properly first (at least more important than this multi-company issue). Thanks for the input. Shawn Grover -----Original Message----- From: Jim McAtee [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 20, 2002 7:50 AM To: CF-Talk Subject: Re: Need Suggestions - Multiple instances of application. Do users ever hava a valid need to access two companies at the same time in two different browser windows? If not, just use session variables to store the company information and drop the url token altogether. Jim ----- Original Message ----- From: "Shawn Grover" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, March 19, 2002 4:31 PM Subject: Need Suggestions - Multiple instances of application. > We need to allow our users to have access to one or more company's data at a > given time. This is done through our application interface, but in essance > would require a separate instance of the application for each company. I'm > looking for ideas how to do this. > > The problem is this: We put company specific information into client > variables. Opening a second company would overwrite the first's client > vars. Previous contractors began looking at this issue, but did not > complete it. They were passing a generated token on each call to new > windows. However, from an implentation standpoint, the end user may change > the URL parameter for the token (hacking), and the token was generated by > simple math that may or may not have been sufficient to come up with a > unique ID. > > One of our developers here has suggested using a database table in some way. > Before we go down that road, I'm hoping to get some feedback on how others > have handled this. Are these the only two feasible options? Placing a > token of somesort in the URL parameters or Taking a database hit on each new > page/window? > > I guess we can get into dynamic naming of cookies, but I think managing that > would be a large issue. > > Thanks in advance for any ideas. > > Shawn Grover ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists