.because you would instead need to be sending the jsessionid cookie instead.
I was about to write the same answer as Cameron, but adding that little detail. ;--} /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Cameron Childress Sent: Thursday, June 18, 2009 2:22 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] single sign-on issue CF 8 Sravan- I would say that if "Use J2EE Session Variables" is turned on in the CFAdmin and the remote system is to using CFID/CFTOKEN pairs instead, that would definitely result in the behavior you're seeing. -Cameron On Thu, Jun 18, 2009 at 11:31 AM, Mike Staver <sta...@fimble.com> wrote: I've had issues with CF 7 & 8 before in cases where I had the J2EE sessions turned on or off in the CF Administrator. With them turned off while using Application.cfc, no sessions were "sticking". Every page request seemed to generate a new session. That doesn't sound like the issue here, but you might try turning that setting on or off and see if that affects behavior any. I would suggest playing around with or at the very least making note of these settings: - Use J2EE session variables - Enable Application Variables - Enable Session Variables > > Tried the same (appending CFID and CFTOKEN in the form POST) but still CF8 > generating a new CFID and CFTOKEN as soon we get a request from third > party. > > > > i don't understand why CF8 creating a new session when infact it see a > valid CFID and CFTOKEN in the URL as well. > > > > thanks > > Sravan > > > > > > From: sdruc...@figleaf.com > To: discussion@acfug.org > Subject: Re: [ACFUG Discuss] single sign-on issue CF 8 > Date: Wed, 17 Jun 2009 21:04:47 -0400 > CC: discussion@acfug.org > > > Try passing the cfid and cftoken back from the third party server to cf > over the URL. > > Regards, > Steve Drucker > Founder > Fig Leaf Software > http://www.figleaf.com > http://training.figleaf.com > > > > On Jun 17, 2009, at 9:00 PM, sravan kumar <erk...@hotmail.com> wrote: > > > > > Hi, > > We are converting our applications from CF5 to CF8.0. Yes, we are still in > CF5.0 for various reasons :-) > > We have a application in CF5 in production that integrates with a third > party application. When a user clicks a link on our application, we will > post an action page to third party site with session info (like encrypted > cookie, cfid and cftoken etc). Third party makes an internal request from > their app to our site to get some xml data using the session identifiers > provided using a https GET request. This works fine. however when they > make an internal request to our site using https POST method, our CF8 > server is generating a new session for some reason. > > does anybody have seen this behaviour? This app works great in CF5.0 > though. > > Any insight is greatly appreciated. > > thanks > Sravan > > > > > > > Lauren found her dream laptop. Find the PC that's right for you. > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink > ------------------------------------------------------------- > _________________________________________________________________ > BingT brings you maps, menus, and reviews organized in one place. Try > it now. > http://www.bing.com/search?q=restaurants <http://www.bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TEXT _MLOGEN_Core_tagline_local_1x1> &form=MLOGEN&publ=WLHMTAG&crea=TEXT_MLOGEN_Core_tagline_local_1x1 > > > ------------------------------------------------------------- > > To unsubscribe from this list, manage your profile @ > > http://www.acfug.org?fa=login.edituserform > > > > For more info, see http://www.acfug.org/mailinglists > > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > > List hosted by http://www.fusionlink.com > > ------------------------------------------------------------- > > > ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?falogin.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com ------------------------------------------------------------- -- Cameron Childress Sumo Consulting Inc http://www.sumoc.com --- cell: 678.637.5072 aim: cameroncf email: camer...@gmail.com ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------