Login code can be complicated, and it would be nice to have a better
run-down of the login/logout steps your application is going through before
making recommendations.
However, here are some thoughts.
1) Does the problem only occur when you login as a different user from the
same browser/box? If so, you may be passing the CFID/CFTOKEN on the URL
line during logout, and the new user is retaining the old user's CFID/CFTOKEN.
2) Or are you using different machines to emulate different end users?
3) In any case, do you really need to retain the client variables between
sessions? Just destroy them all on login, before creating the new user
session. If you really need to save user preferences indefinitely, you
should be saving them in your own user preferences database, and load them
to client vars at login. Client vars are purged at some interval set in
the CF admin, to keep the DB from growing uncontrollably, so you can't rely
on them for long term preference settings anyway.
4) Checkout the custom tag MOD_DISPLAY_VARIABLES (from the Allair Tag
Gallery) to display your cookie and client variables on every page, and
find out at what point the user is loosing their identity, and taking on
someone else's.
At 11:32 AM 2/9/01, David Thomas wrote:
>I've recently created a new application using fusebox methodology and tags,
>and I like very much the programming architecture as it has evolved.
>However, I'm having a problem with the log-in functionality. I assign users
>client variables for both user_id and user_groups, and a single user moves
>through the application very cleanly. In alpha testing with several
>concurrent users, though, a new user logging in will actually change one or
>more on-line users to his or her own user_id and user_groups. If I log on,
>for instance, Jane (who is already working on-line) suddenly finds herself
>with my client.user_id and client.user_groups (even my cfid, etc. is now
>appended to her URL). Cookies are enabled, and the storage of client
>variables is hosted on our own SQL Server, and those variables remain
>intact. Any insight into the problem would be helpful.
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
