Re: Logging out on session expiration under MX

2003-12-17 Thread S . Isaac Dealey
strange... dunno, I'm stumped at this point -- although I'd be willing
to take a look personally if you'd like to have a 2nd set of eyes on
it. Just shoot me a private email if so.

> No, it doesn't seem to be that. I am really baffled at
> what's going on.

> This app is based on modded version of FB 2.

> My index.cfm includes app_globals.cfm

> app_globals.cfm has this block:

> 
>  
> 

> _login.cfm has the security validation stuff.

> I set the session expiration to be really low, 3 minutes.

> When I refresh the page or do anything else in the app
> instead of being
> redirected to the login screen I get errors related to
> missing session
> variables, as they had expired - which should be caught in
> the
> app_globals.cfm (as the session.loggedin var has expired
> as well),  but it
> isn't.

> - Original Message -
> From: S. Isaac Dealey

> Hi Stas,

> Make sure your mx server isn't using a uuid for
> cfid/cftoken... I
> believe when this is the case it only uses the one
> variable, and so
> your cfif statement would return false when either one of
> the
> isdefined() returns false and your cookies wouldn't get
> reset to log
> the user out when the browser closes.

> That's the only thing that comes to mind for me at the
> moment.

> hth

>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]




Re: Logging out on session expiration under MX

2003-12-17 Thread stas
No, it doesn't seem to be that. I am really baffled at what's going on.

This app is based on modded version of FB 2.

My index.cfm includes app_globals.cfm

app_globals.cfm has this block:


 


_login.cfm has the security validation stuff.

I set the session expiration to be really low, 3 minutes.

When I refresh the page or do anything else in the app instead of being
redirected to the login screen I get errors related to missing session
variables, as they had expired - which should be caught in the
app_globals.cfm (as the session.loggedin var has expired as well),  but it
isn't.

- Original Message -
From: S. Isaac Dealey

Hi Stas,

Make sure your mx server isn't using a uuid for cfid/cftoken... I
believe when this is the case it only uses the one variable, and so
your cfif statement would return false when either one of the
isdefined() returns false and your cookies wouldn't get reset to log
the user out when the browser closes.

That's the only thing that comes to mind for me at the moment.

hth
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]




Re: Logging out on session expiration under MX

2003-12-16 Thread S . Isaac Dealey
Hi Stas,

Make sure your mx server isn't using a uuid for cfid/cftoken... I
believe when this is the case it only uses the one variable, and so
your cfif statement would return false when either one of the
isdefined() returns false and your cookies wouldn't get reset to log
the user out when the browser closes.

That's the only thing that comes to mind for me at the moment.

hth

s. isaac dealey    214-823-9345

team macromedia volunteer  http://www.macromedia.com/go/team

chief architect, tapestry cms  http://products.turnkey.to

onTap is open source   http://www.turnkey.to/ontap

> I am porting our application to MX 6.1. We are not
> refactoring anything yet,
> simply re-deploying. However, I decided to redo the login
> mechanism using
>  architecture.

> In my Application.cfm I have:

> 
>  
> 

> _login.cfm, among other things, instantiates
> session.loggedin var.

> What I am experience is that upon session expiration the
> above  block
> in Application.cfm doesn't get prevent the application to
> execute further.
> What am I missing?

> We are not using J2EE session variables, but I have this
> in my
> application.cfm:

> 
> isdefined('cookie.cftoken')>
>  
>  
>  
>  
> 

> Thanks for any tips!

> Stas
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]




Logging out on session expiration under MX

2003-12-16 Thread stas
I am porting our application to MX 6.1. We are not refactoring anything yet,
simply re-deploying. However, I decided to redo the login mechanism using
 architecture.

In my Application.cfm I have:


 


_login.cfm, among other things, instantiates session.loggedin var.

What I am experience is that upon session expiration the above  block
in Application.cfm doesn't get prevent the application to execute further.
What am I missing?

We are not using J2EE session variables, but I have this in my
application.cfm:


 
 
 
 


Thanks for any tips!

Stas
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]