Maybe switching to UUID just cleaned out the old values.
-Adam
On Tue, 28 Sep 2004 15:27:46 -0400, Adrocknaphobia
<[EMAIL PROTECTED]> wrote:
> I ran into a similar issue with one of our intranets here. If you
> aren't already use UUID for cftoken. We were only seeing this issue in
> teh training labs when a bunch of people were logged in on the same
> part of the network and UUID seemed to prevent the SESSION steals.
>
> -Adam
>
>
>
>
> ----- Original Message -----
> From: Burns, John D <[EMAIL PROTECTED]>
> Date: Tue, 28 Sep 2004 13:56:25 -0400
> Subject: Session swapping
> To: CF-Talk <[EMAIL PROTECTED]>
>
> We have an internet application running on CFMX hosted locally. Our
> clients (on a Navy base) are running machines that are restricted by
> NMCI (Navy-Marine Corps Intranet) and they're using a NAT Proxy Server
> that all of the users are behind. They just recently got moved to this
> new system and we noticed an odd problem with this application. Two
> users sitting at separate machines will pull up the website and go to
> the login page. Once logged in, they will suddenly both be logged in as
> the same person and the CFID and CFTOKEN in the URL are the same. We're
> trying to figure out what's causing this problem and how to fix it.
> We're meeting with the network team in charge of the NAT Proxy but we're
> all expecting an "it's not our problem" response. Can anyone give more
> info on how CF assigns CFID and CFTOKEN and how we might be able to code
> against this? Any users with experience with NMCI issues would be
> especially helpful. Thanks for your time.
>
> John Burns________________________________
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
