How many of you, in either your application.cfm or application.cfc, set your loginStorage = session and how many set it to cookie (or leave it off, which defaults to cookie). I am having a discussion with a co-worker about the two options. I read in different places about how specifying session for this is preferred and it even says to specify session in the CF8 Best Practices whitepaper. <http://www.adobe.com/devnet/coldfusion/articles/dev_security/coldfusion_sec urity_cf8.pdf> http://www.adobe.com/devnet/coldfusion/articles/dev_security/coldfusion_secu rity_cf8.pdf My question is...what specific values don't get written to cookie if you specify session? Oh, and this is all using J2EE session mgmt. Thanks Mark
-- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en
