hidden frame that posts regularly to the app. This way, session will not
time out as long as the app is loaded in the browser.
> -----Original Message-----
> From: Jeff Chastain [mailto:[EMAIL PROTECTED]
> Sent: maandag 31 mei 2004 19:59
> To: CF-Talk
> Subject: RE: Application Security Confusion
>
> Okay, from more tests, it appears the problem is in the code
> somewhere. I have run a separate small test of the session
> variables on this server and
> they expire as expected. So, to take this question from a different
> direction.....
>
> Suppose for some reason that I wanted to have session
> variables not ever
> expire. How would I go about attempting to do that with
> code only - no
> changes to the administrator or anything else?
>
> Thanks for any pointers.
> -- Jeff
>
> _____
>
> From: Jeff Chastain [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 31, 2004 9:32 AM
> To: CF-Talk
> Subject: RE: Application Security Confusion
>
>
> The code is a complete FB4 application, so I am not sure how
> to post it
> here.
>
>
> I stripped out the cfapplication tags etc from the
> application.cfm file, put
> them in a stand alone app and the variables timeout as
> expected. There is
> only one cfapplication tag in this application, so what could
> possibly cause
> the session to be retained?
>
>
> There is no code in the application that refreshes the page
> if that is what
> you are asking. All pages are just a simple request.
>
>
> Thanks
> -- Jeff
>
> _____
>
> From: Pascal Peters [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 31, 2004 9:17 AM
> To: CF-Talk
> Subject: RE: Application Security Confusion
>
> Your code? Did you try my suggestion and dump the session scope right
> after the cfapplication tag?
>
> Do you have any other cfapplication tags with the same name?
> (change the
> name maybe)
>
> Is there some code in there that makes requests without you seeing it?
>
> ...
>
> Pascal
>
> > -----Original Message-----
> > From: Jeff Chastain [mailto:[EMAIL PROTECTED]
> > Sent: maandag 31 mei 2004 16:08
> > To: CF-Talk
> > Subject: RE: Application Security Confusion
> >
> > Okay, Hal's tutorial fixed the browser close issue.
> >
> > However, I still cannot get the session variables to
> timeout when the
> > browser is still open. I even set the seesionTimeout
> attribute to 15
> > seconds and I can still navigate the application all day long
> > without being required to re-login.
> >
> > Any thoughts on what might cause this?
> >
> > Thanks
> > -- Jeff
> _____
> _____
>
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
