have run a separate small test of the session variables on this server and
they expire as expected. So, to take this question from a different
direction.....
Suppose for some reason that I wanted to have session variables not ever
expire. How would I go about attempting to do that with code only - no
changes to the administrator or anything else?
Thanks for any pointers.
-- Jeff
_____
From: Jeff Chastain [mailto:[EMAIL PROTECTED]
Sent: Monday, May 31, 2004 9:32 AM
To: CF-Talk
Subject: RE: Application Security Confusion
The code is a complete FB4 application, so I am not sure how to post it
here.
I stripped out the cfapplication tags etc from the application.cfm file, put
them in a stand alone app and the variables timeout as expected. There is
only one cfapplication tag in this application, so what could possibly cause
the session to be retained?
There is no code in the application that refreshes the page if that is what
you are asking. All pages are just a simple request.
Thanks
-- Jeff
_____
From: Pascal Peters [mailto:[EMAIL PROTECTED]
Sent: Monday, May 31, 2004 9:17 AM
To: CF-Talk
Subject: RE: Application Security Confusion
Your code? Did you try my suggestion and dump the session scope right
after the cfapplication tag?
Do you have any other cfapplication tags with the same name? (change the
name maybe)
Is there some code in there that makes requests without you seeing it?
...
Pascal
> -----Original Message-----
> From: Jeff Chastain [mailto:[EMAIL PROTECTED]
> Sent: maandag 31 mei 2004 16:08
> To: CF-Talk
> Subject: RE: Application Security Confusion
>
> Okay, Hal's tutorial fixed the browser close issue.
>
> However, I still cannot get the session variables to timeout when the
> browser is still open. I even set the seesionTimeout attribute to 15
> seconds and I can still navigate the application all day long
> without being required to re-login.
>
> Any thoughts on what might cause this?
>
> Thanks
> -- Jeff
_____
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
