After a user logs in, the ColdFusion user authorization and authentication
information remains valid until any of the following happens:
1. The login times out. This happens if the user does not request a new page
for the idleTimeout period.
2. The application uses a cflogout tag to log out the user, usually in
response to the user clicking a logout link or button.
3. The user closes the browser.
What happens to any session variables that are created along with
cfloginuser? If, after I login a user, I create a structure and assign it
various values at login, what are my best ways to ensure that the session
variables mimic the behavior above? Keep in mind that I'm using default
cflogin values, so the idleTimeout value is defaulted to 30 minutes. Do I
have to make sure that my sessions only last 30 minutes? And if I set my
sessions to timeout at 30 minutes to match the idleTimeout setting on the
cflogin, is there any way they can get "out of synch", leaving a hole? I
just want to make sure that I'm clear on the differences between "session"
variables, and a "session" that's created by cfloginuser, and the livedocs
can get confusing sometimes...
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
