RE: "Session is invalid" on CFMX
If anyone cares, here's a possible solution from Macromedia. Here's the information I found out with regards to the session invalid error message fix: The below would need to be added to the web.xml file. This is the path to where my web.xml file for my Coldfusion server is located in JRun. C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF - Insert this code snippet after the last and before the - Change the time to be the same or greater than what you have set in the Application.cfm. The "30" = 30 minutes. 30 -Original Message- From: Kwang Suh [mailto:[EMAIL PROTECTED] Sent: November 3, 2003 11:24 AM To: CF-Talk Subject: RE: "Session is invalid" on CFMX Oh bloody hell. Anyhow, I just got hit by this bug. I'm using CFMX on J2EE (JRun). Does anyone know which of the many copious web.xml files are supposed to be changed? TIA! -Original Message- From: Benoit Hediard [mailto:[EMAIL PROTECTED] Sent: November 3, 2003 1:44 AM To: CF-Talk Subject: Re: "Session is invalid" on CFMX >Has anyone found a solution to this? It's logged as bug 53143 with >Macromedia, but we're seeing this hundreds of times a day. Any >workarounds? > Looks like we got a fix: http://webforums.macromedia.com/coldfusion/messageview.cfm?catid=10 d> &threadid =669435#2598160 _ _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: "Session is invalid" on CFMX
Oh bloody hell. Anyhow, I just got hit by this bug. I'm using CFMX on J2EE (JRun). Does anyone know which of the many copious web.xml files are supposed to be changed? TIA! -Original Message- From: Benoit Hediard [mailto:[EMAIL PROTECTED] Sent: November 3, 2003 1:44 AM To: CF-Talk Subject: Re: "Session is invalid" on CFMX >Has anyone found a solution to this? It's logged as bug 53143 with >Macromedia, but we're seeing this hundreds of times a day. Any >workarounds? > Looks like we got a fix: http://webforums.macromedia.com/coldfusion/messageview.cfm?catid=10 d> &threadid =669435#2598160 _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: "Session is invalid" on CFMX
>Has anyone found a solution to this? It's logged as bug 53143 with >Macromedia, but we're seeing this hundreds of times a day. Any >workarounds? > Looks like we got a fix: http://webforums.macromedia.com/coldfusion/messageview.cfm?catid=10&threadid =669435#2598160 [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: "Session is invalid" on CFMX
Benoit, When do expect your site, Benorama to back up? It has lots of useful info. Thanks, Brad Fetter [EMAIL PROTECTED] -Original Message- From: Benoit Hediard [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 12:08 AM To: CF-Talk Subject: RE: "Session is invalid" on CFMX You're right Jim. You have to setClientCookies to "no" in , and then you don't get any CFID/CFTOKEN cookies anymore. I've also explicitly added the session timeout in to see if it solves my "problem/bug". I'll keep you informed! Thanks. Benoit Hediard www.benorama.com > -Message d'origine- > De : Jim Davis [mailto:[EMAIL PROTECTED] > Envoyé : lundi 28 juillet 2003 03:48 > À : CF-Talk > Objet : RE: "Session is invalid" on CFMX > > > > -Original Message- > > From: Sean A Corfield [mailto:[EMAIL PROTECTED] > > Sent: Sunday, July 27, 2003 9:31 PM > > To: CF-Talk > > Subject: Re: "Session is invalid" on CFMX > > > > On Sunday, Jul 27, 2003, at 16:51 US/Pacific, Jim Davis wrote: > > >> From what I can tell it doesn't create them if J2EE session > > >> management is > > > enabled. However they still ARE created for CF Client Management > > > (Client > > > Scope). That may be where the confusion is. > > > > > > Basically if you enable J2EE sessions and disable clientmanagement the > > > cookies don't look like they're being set. > > > > Ah, thanx for that clarification Jim. That makes a lot of sense really. > > Although I have client variables turned off in the admin but still see > > the cookies. I guess I need to explicitly disable client management in > > my cfapplication tag? > > I'm really not sure... I know I had specific problems due to this > (CFTOKEN/CFID not existing when J2EE sessions were enabled) and > that's when > I sorted it all out. > > However that was the original MX release. If things are different now > perhaps it's an Updater change? > > Jim Davis > > > ~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Get the mailserver that powers this list at http://www.coolfusion.com
RE: "Session is invalid" on CFMX
... Problem not solved, even with : - only JSESSIONID cookie (there isn't any CFID/CFTOKEN cookies), - sessiontimeout defined in tag, - clientmanagement disabled. I just got the "Session is invalid" error message on our production server (under beta testing...). It doesn't want to pass the tag on anothersub.domain.com (which was working few minutes ago) and it works fine under www.domain.com. I really start to think that this is a bug. We are probably going to force the user to close its browser with javascript when we trap this error... (pretty violent workaround, isn't it?). Benoit Hediard #affinitiz.com > -Message d'origine- > De : Benoit Hediard [mailto:[EMAIL PROTECTED] > Envoyé : lundi 28 juillet 2003 09:08 > À : CF-Talk > Objet : RE: "Session is invalid" on CFMX > > > You're right Jim. > You have to setClientCookies to "no" in , and then > you don't > get any CFID/CFTOKEN cookies anymore. > > I've also explicitly added the session timeout in > to see if > it solves my "problem/bug". > > I'll keep you informed! > > Thanks. > > Benoit Hediard > www.benorama.com > > > -----Message d'origine- > > De : Jim Davis [mailto:[EMAIL PROTECTED] > > Envoyé : lundi 28 juillet 2003 03:48 > > À : CF-Talk > > Objet : RE: "Session is invalid" on CFMX > > > > > > > -Original Message- > > > From: Sean A Corfield [mailto:[EMAIL PROTECTED] > > > Sent: Sunday, July 27, 2003 9:31 PM > > > To: CF-Talk > > > Subject: Re: "Session is invalid" on CFMX > > > > > > On Sunday, Jul 27, 2003, at 16:51 US/Pacific, Jim Davis wrote: > > > >> From what I can tell it doesn't create them if J2EE session > > > >> management is > > > > enabled. However they still ARE created for CF Client Management > > > > (Client > > > > Scope). That may be where the confusion is. > > > > > > > > Basically if you enable J2EE sessions and disable > clientmanagement the > > > > cookies don't look like they're being set. > > > > > > Ah, thanx for that clarification Jim. That makes a lot of > sense really. > > > Although I have client variables turned off in the admin but still see > > > the cookies. I guess I need to explicitly disable client management in > > > my cfapplication tag? > > > > I'm really not sure... I know I had specific problems due to this > > (CFTOKEN/CFID not existing when J2EE sessions were enabled) and > > that's when > > I sorted it all out. > > > > However that was the original MX release. If things are different now > > perhaps it's an Updater change? > > > > Jim Davis > > > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: "Session is invalid" on CFMX
You're right Jim. You have to setClientCookies to "no" in , and then you don't get any CFID/CFTOKEN cookies anymore. I've also explicitly added the session timeout in to see if it solves my "problem/bug". I'll keep you informed! Thanks. Benoit Hediard www.benorama.com > -Message d'origine- > De : Jim Davis [mailto:[EMAIL PROTECTED] > Envoyé : lundi 28 juillet 2003 03:48 > À : CF-Talk > Objet : RE: "Session is invalid" on CFMX > > > > -Original Message- > > From: Sean A Corfield [mailto:[EMAIL PROTECTED] > > Sent: Sunday, July 27, 2003 9:31 PM > > To: CF-Talk > > Subject: Re: "Session is invalid" on CFMX > > > > On Sunday, Jul 27, 2003, at 16:51 US/Pacific, Jim Davis wrote: > > >> From what I can tell it doesn't create them if J2EE session > > >> management is > > > enabled. However they still ARE created for CF Client Management > > > (Client > > > Scope). That may be where the confusion is. > > > > > > Basically if you enable J2EE sessions and disable clientmanagement the > > > cookies don't look like they're being set. > > > > Ah, thanx for that clarification Jim. That makes a lot of sense really. > > Although I have client variables turned off in the admin but still see > > the cookies. I guess I need to explicitly disable client management in > > my cfapplication tag? > > I'm really not sure... I know I had specific problems due to this > (CFTOKEN/CFID not existing when J2EE sessions were enabled) and > that's when > I sorted it all out. > > However that was the original MX release. If things are different now > perhaps it's an Updater change? > > Jim Davis > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: "Session is invalid" on CFMX
> -Original Message- > From: Sean A Corfield [mailto:[EMAIL PROTECTED] > Sent: Sunday, July 27, 2003 9:31 PM > To: CF-Talk > Subject: Re: "Session is invalid" on CFMX > > On Sunday, Jul 27, 2003, at 16:51 US/Pacific, Jim Davis wrote: > >> From what I can tell it doesn't create them if J2EE session > >> management is > > enabled. However they still ARE created for CF Client Management > > (Client > > Scope). That may be where the confusion is. > > > > Basically if you enable J2EE sessions and disable clientmanagement the > > cookies don't look like they're being set. > > Ah, thanx for that clarification Jim. That makes a lot of sense really. > Although I have client variables turned off in the admin but still see > the cookies. I guess I need to explicitly disable client management in > my cfapplication tag? I'm really not sure... I know I had specific problems due to this (CFTOKEN/CFID not existing when J2EE sessions were enabled) and that's when I sorted it all out. However that was the original MX release. If things are different now perhaps it's an Updater change? Jim Davis ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: "Session is invalid" on CFMX
On Sunday, Jul 27, 2003, at 16:51 US/Pacific, Jim Davis wrote: >> From what I can tell it doesn't create them if J2EE session >> management is > enabled. However they still ARE created for CF Client Management > (Client > Scope). That may be where the confusion is. > > Basically if you enable J2EE sessions and disable clientmanagement the > cookies don't look like they're being set. Ah, thanx for that clarification Jim. That makes a lot of sense really. Although I have client variables turned off in the admin but still see the cookies. I guess I need to explicitly disable client management in my cfapplication tag? Sean A Corfield -- http://www.corfield.org/blog/ "If you're not annoying somebody, you're not really alive." -- Margaret Atwood ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: "Session is invalid" on CFMX
> -Original Message- > From: Sean A Corfield [mailto:[EMAIL PROTECTED] > Sent: Sunday, July 27, 2003 7:35 PM > To: CF-Talk > Subject: Re: "Session is invalid" on CFMX > > > But are you sure that it does not write CFID/CFTOKEN even if you use > > J2EE > > sessions? > > Well, I'm not *sure* no. I originally assumed in fact that it did > create CFID/CFTOKEN but several people said on various lists that > wasn't the case. I accepted what they said without actually testing it. >From what I can tell it doesn't create them if J2EE session management is enabled. However they still ARE created for CF Client Management (Client Scope). That may be where the confusion is. Basically if you enable J2EE sessions and disable clientmanagement the cookies don't look like they're being set. Jim Davis ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: "Session is invalid" on CFMX
> You've changed the default timeout in the CF Admin (from 20 minutes up > to 60 minutes), I assume? Are both domains using the same CF install or > do they have separate CF Admins? (i.e., is it a CFMX for J2EE setup?) Yes, settings have been set on CF Admin (from 20 minutes up to 60 minutes). It is CFMX Pro Standalone (so one CF Admin). I'm going to try to define the session timeout in the tag, it might solve the problem. Benoit Hediard ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: "Session is invalid" on CFMX
On Sunday, Jul 27, 2003, at 15:50 US/Pacific, Benoit Hediard wrote: > We do not refer to CFID/CFTOKEN on our application, we only use > JSESSIONID, > especially to maintain the session between CFMX/FlashCom. OK, cool. > But are you sure that it does not write CFID/CFTOKEN even if you use > J2EE > sessions? Well, I'm not *sure* no. I originally assumed in fact that it did create CFID/CFTOKEN but several people said on various lists that wasn't the case. I accepted what they said without actually testing it. > I just closed all my browsers, deleted all my cookies, re-opened a new > browser and on my first CF request, it creates again the persistent > CFID/CFTOKEN cookie. It shouldn't? Yes, and I just confirmed it here on two systems. Interesting. So my original assumption was correct! > The session timeout is set to 60 minutes so it looks like a bug to me, > no? > Am I the only one to have this "Session is invalid" message? You've changed the default timeout in the CF Admin (from 20 minutes up to 60 minutes), I assume? Are both domains using the same CF install or do they have separate CF Admins? (i.e., is it a CFMX for J2EE setup?) Sean A Corfield -- http://www.corfield.org/blog/ "If you're not annoying somebody, you're not really alive." -- Margaret Atwood ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: "Session is invalid" on CFMX
Thanks Sean. We do not refer to CFID/CFTOKEN on our application, we only use JSESSIONID, especially to maintain the session between CFMX/FlashCom. But are you sure that it does not write CFID/CFTOKEN even if you use J2EE sessions? I just closed all my browsers, deleted all my cookies, re-opened a new browser and on my first CF request, it creates again the persistent CFID/CFTOKEN cookie. It shouldn't? Why when I go to http://www.ourdomain.com/test.cfm and http://subdomain.ourdomain.com/test.cfm : - I got the same value for JSESSIONID for both request. - then I stop surfing, I come back 30 minutes later, then I got a new JSESSIONID for subdomain.ourdomain.com (but I still have the old JSESSIONID for www.ourdomain.com)? The session timeout is set to 60 minutes so it looks like a bug to me, no? Am I the only one to have this "Session is invalid" message? (I did not find it anywhere else on forum or bugs db) Benoit Hediard www.benorama.com > -Message d'origine- > De : Sean A Corfield [mailto:[EMAIL PROTECTED] > Envoyé : dimanche 27 juillet 2003 20:41 > À : CF-Talk > Objet : Re: "Session is invalid" on CFMX > > > On Sunday, Jul 27, 2003, at 09:04 US/Pacific, Benoit Hediard wrote: > > When I got the problem, I looked at the cookie values : > > - CFID&CFTOKEN have the same values under www.ourdomain and > > subdomain.ourdomain.com pages, > > - JSESSIONID have different values under www.ourdomain and > > subdomain.ourdomain.com page. > ... > > I'm going to disable the J2EE session variables to see if it solves the > > problem. > > Ah, it sounds like your code is assuming CFID/CFTOKEN? If you have J2EE > Session Variables enabled, I believe that you must not refer to > CFID/CFTOKEN anywhere in your code. Once J2EE Session Variables are > enabled, CFMX will use jsessionid *instead* of CFID/CFTOKEN. If your > code accesses the CFID/CFTOKEN values, they'll be whatever persistent > values were last stored on your client computer - and would not be > valid. jsessionid, by contrast, is an in-memory cookie and does not > persist to disk. > > Sean A Corfield -- http://www.corfield.org/blog/ > > "If you're not annoying somebody, you're not really alive." > -- Margaret Atwood > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: "Session is invalid" on CFMX
On Sunday, Jul 27, 2003, at 09:04 US/Pacific, Benoit Hediard wrote: > When I got the problem, I looked at the cookie values : > - CFID&CFTOKEN have the same values under www.ourdomain and > subdomain.ourdomain.com pages, > - JSESSIONID have different values under www.ourdomain and > subdomain.ourdomain.com page. ... > I'm going to disable the J2EE session variables to see if it solves the > problem. Ah, it sounds like your code is assuming CFID/CFTOKEN? If you have J2EE Session Variables enabled, I believe that you must not refer to CFID/CFTOKEN anywhere in your code. Once J2EE Session Variables are enabled, CFMX will use jsessionid *instead* of CFID/CFTOKEN. If your code accesses the CFID/CFTOKEN values, they'll be whatever persistent values were last stored on your client computer - and would not be valid. jsessionid, by contrast, is an in-memory cookie and does not persist to disk. Sean A Corfield -- http://www.corfield.org/blog/ "If you're not annoying somebody, you're not really alive." -- Margaret Atwood ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
