SetClientCookies causes the CFIF/CFTOKEN cookies to be written to the browser but if your server is set to "Use j2ee session variables" in CFADMIN, then the cookie that is used to maintain sessions is the jsessionid, not cfid and cftoken. Setting SetClientCookies to yes has no effect on the actual sessionid used. Here's the doc reference: "When you enable the J2EE session variables, ColdFusion creates an identifier for each session and does not use the CFToken or CFID cookie value." Is your server not using j2ee session variables?
> Why do you have SetClientCookies to no? Shouldn't that be Yes? > > -----Original Message----- > From: Nick Cabell [mailto:[EMAIL PROTECTED] > Sent: Thursday, November 18, 2004 1:34 PM > To: CF-Talk > Subject: Re: What sets the domain in default CFID cookies? > > > Mark, I understand your recommendation - thinking about doing that > but it's not getting the core of the problem, I think. > So I reduced my testing environment so that anyone can now duplicate > the most basic part of the problem - dual sessionids in the same > bowser "session". It's quite bizarre. > > I have the simplest of cfapplication tags - and j2ee sessions are > enabled in CFADMIN. > <cfapplication name="mes" > clientmanagement="No" > loginstorage="Session" > sessionmanagement="Yes" > setclientcookies="no" > sessiontimeout="#CreateTimeSpan(0, 1, 1, 0)#"> > > Using Firefox, you can request for all browser cookies to be prompted > - I did this. > > Using this url --> http://localhost:8500/mes/testprog/ > returns me the mes\testprog\index.cfm home page, right? > BUT IT CAUSES TWO jsessionid cookies to be written. > My index.cfm page has nothing at all in it but some text. > > Now restart the browser (to flush the memory cookies) and > try the FULL url http://localhost:8500/mes/testprog/index.cfm > NOW IT ONLY WRITES ONLY A SINGLE jsessionid cookie. > > The reason this is a problem is that the session vars created in the > application.cfm are associated with the FIRST jsessionid, not with the > LAST one that is active when I need to use them. > > THe problem goes away if I refresh the browser, but that is not > acceptable and the client insists on letting users come to the home > page using http://host/path/ > > Any ideas how to have my session vars associated with the current > session? > > > Hi > > If that cflocation is changing your user's host name then I'd > suggest > > changing the cflocation, probably by removing the relative path > stuff > > and using either a path that starts with "/" (without http), or, to > be > > double-sure, putting the whole url there (http://#CGI. > > HTTP_HOST#/blah/blah). (This assumes that the host name is correct > on > > the page where the cflocation is. If it's already changed by then > > then this won't work.) > > > > I do suggest checking your logs to be really sure that the host name > > > switch is not happening earlier, maybe though a stray link or > > something on your site. > > > > Mark > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:184939 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
