i tried both.
third party is using .NET application. i asked them to send the code they are using to post to our server. thanks Sravan > Date: Tue, 23 Jun 2009 08:09:22 -0600 > Subject: RE: [ACFUG Discuss] single sign-on issue CF 8 > From: sta...@fimble.com > To: discussion@acfug.org > > Well, I don't know what this 3rd party software you are using to connect > to your site is - but my guess is that it's not handling the session > correctly. When you did your test from the HTML pages, did you use the > cfid and cftoken variables or jsessionid? > > > > > i tried this in between two cf servers and it works well. i was able to > > access other CF server page from html page. > > > > > > > > Any other ideas? > > > > > > > > thanks > > > > Sravan > > > > > > > >> Date: Fri, 19 Jun 2009 16:11:05 -0600 > >> Subject: RE: [ACFUG Discuss] single sign-on issue CF 8 > >> From: sta...@fimble.com > >> To: discussion@acfug.org > >> > >> I have a simple test for you I think. Make an HTML page that does a form > >> post to the URL of your application. Make sure the HTML page is hosted > >> on > >> a different webserver of some kind, preferrably a completely different > >> machine. Log into your CF app and take note of the sessionid variables. > >> Put that information into the form action parameter on your html page, > >> obviously appended onto the url to the app. Try viewing the HTML and > >> posting the information with either javascript or a submit button. > >> > >> What is your result? > >> > >> > > >> > I didn't have this problem when user is in my application. User is > >> able to > >> > navigate between pages without any problem. > >> > > >> > > >> > > >> > Third party website is able to make a GET request without any > >> problems. If > >> > bombs out only when they make a POST request. > >> > > >> > > >> > > >> > i wonder what causes CF8.0 to think that it is a new session. > >> > > >> > \ > >> > > >> > thanks > >> > > >> > sravan > >> > > >> > > >> > > >> >> Date: Thu, 18 Jun 2009 09:31:42 -0600 > >> >> Subject: RE: [ACFUG Discuss] single sign-on issue CF 8 > >> >> From: sta...@fimble.com > >> >> To: discussion@acfug.org > >> >> > >> >> I've had issues with CF 7 & 8 before in cases where I had the J2EE > >> >> sessions turned on or off in the CF Administrator. With them turned > >> off > >> >> while using Application.cfc, no sessions were "sticking". Every page > >> >> request seemed to generate a new session. That doesn't sound like the > >> >> issue here, but you might try turning that setting on or off and see > >> if > >> >> that affects behavior any. I would suggest playing around with or at > >> the > >> >> very least making note of these settings: > >> >> > >> >> - Use J2EE session variables > >> >> - Enable Application Variables > >> >> - Enable Session Variables > >> >> > >> >> > > >> >> > Tried the same (appending CFID and CFTOKEN in the form POST) but > >> still > >> >> CF8 > >> >> > generating a new CFID and CFTOKEN as soon we get a request from > >> third > >> >> > party. > >> >> > > >> >> > > >> >> > > >> >> > i don't understand why CF8 creating a new session when infact it > >> see a > >> >> > valid CFID and CFTOKEN in the URL as well. > >> >> > > >> >> > > >> >> > > >> >> > thanks > >> >> > > >> >> > Sravan > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > From: sdruc...@figleaf.com > >> >> > To: discussion@acfug.org > >> >> > Subject: Re: [ACFUG Discuss] single sign-on issue CF 8 > >> >> > Date: Wed, 17 Jun 2009 21:04:47 -0400 > >> >> > CC: discussion@acfug.org > >> >> > > >> >> > > >> >> > Try passing the cfid and cftoken back from the third party server > >> to > >> >> cf > >> >> > over the URL. > >> >> > > >> >> > Regards, > >> >> > Steve Drucker > >> >> > Founder > >> >> > Fig Leaf Software > >> >> > http://www.figleaf.com > >> >> > http://training.figleaf.com > >> >> > > >> >> > > >> >> > > >> >> > On Jun 17, 2009, at 9:00 PM, sravan kumar <erk...@hotmail.com> > >> wrote: > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > Hi, > >> >> > > >> >> > We are converting our applications from CF5 to CF8.0. Yes, we are > >> >> still in > >> >> > CF5.0 for various reasons :-) > >> >> > > >> >> > We have a application in CF5 in production that integrates with a > >> >> third > >> >> > party application. When a user clicks a link on our application, we > >> >> will > >> >> > post an action page to third party site with session info (like > >> >> encrypted > >> >> > cookie, cfid and cftoken etc). Third party makes an internal > >> request > >> >> from > >> >> > their app to our site to get some xml data using the session > >> >> identifiers > >> >> > provided using a https GET request. This works fine. however when > >> they > >> >> > make an internal request to our site using https POST method, our > >> CF8 > >> >> > server is generating a new session for some reason. > >> >> > > >> >> > does anybody have seen this behaviour? This app works great in > >> CF5.0 > >> >> > though. > >> >> > > >> >> > Any insight is greatly appreciated. > >> >> > > >> >> > thanks > >> >> > Sravan > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > Lauren found her dream laptop. Find the PC that’s right for you. > >> >> > ------------------------------------------------------------- > >> >> > To unsubscribe from this list, manage your profile @ > >> >> > http://www.acfug.org?fa=login.edituserform > >> >> > > >> >> > For more info, see http://www.acfug.org/mailinglists > >> >> > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > >> >> > List hosted by FusionLink > >> >> > ------------------------------------------------------------- > >> >> > _________________________________________________________________ > >> >> > Bing™ brings you maps, menus, and reviews organized in one place. > >> Try > >> >> > it now. > >> >> > http://www.bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TEXT_MLOGEN_Core_tagline_local_1x1 > >> >> > > >> >> > > >> >> > ------------------------------------------------------------- > >> >> > > >> >> > To unsubscribe from this list, manage your profile @ > >> >> > > >> >> > http://www.acfug.org?fa=login.edituserform > >> >> > > >> >> > > >> >> > > >> >> > For more info, see http://www.acfug.org/mailinglists > >> >> > > >> >> > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > >> >> > > >> >> > List hosted by http://www.fusionlink.com > >> >> > > >> >> > ------------------------------------------------------------- > >> >> > > >> >> > > >> >> > > >> >> > >> >> > >> >> > >> >> ------------------------------------------------------------- > >> >> To unsubscribe from this list, manage your profile @ > >> >> http://www.acfug.org?fa=gin.edituserform > >> >> > >> >> For more info, see http://www.acfug.org/mailinglists > >> >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > >> >> List hosted by http://www.fusionlink.com > >> >> ------------------------------------------------------------- > >> >> > >> >> > >> >> > >> > > >> > _________________________________________________________________ > >> > Insert movie times and more without leaving Hotmail®. > >> > http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009 > >> > > >> > > >> > ------------------------------------------------------------- > >> > > >> > To unsubscribe from this list, manage your profile @ > >> > > >> > http://www.acfug.org?fa=login.edituserform > >> > > >> > > >> > > >> > For more info, see http://www.acfug.org/mailinglists > >> > > >> > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > >> > > >> > List hosted by http://www.fusionlink.com > >> > > >> > ------------------------------------------------------------- > >> > > >> > > >> > > >> > >> > >> > >> ------------------------------------------------------------- > >> To unsubscribe from this list, manage your profile @ > >> http://www.acfug.org?fa=gin.edituserform > >> > >> For more info, see http://www.acfug.org/mailinglists > >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > >> List hosted by http://www.fusionlink.com > >> ------------------------------------------------------------- > >> > >> > >> > > > > _________________________________________________________________ > > Insert movie times and more without leaving Hotmail®. > > http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009 > > > > > > ------------------------------------------------------------- > > > > To unsubscribe from this list, manage your profile @ > > > > http://www.acfug.org?fa=login.edituserform > > > > > > > > For more info, see http://www.acfug.org/mailinglists > > > > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > > > > List hosted by http://www.fusionlink.com > > > > ------------------------------------------------------------- > > > > > > > > > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=gin.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by http://www.fusionlink.com > ------------------------------------------------------------- > > > _________________________________________________________________ Bing™ brings you maps, menus, and reviews organized in one place. Try it now. http://www.bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TEXT_MLOGEN_Core_tagline_local_1x1 ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
