Are you using j2ee session variables? Don't those stay around while the browser is open? Are you sure your using cflogin with cookie based auth?
As for your question about protecting particular paths/pages - why not do the logic in onRequestStart? Ie, only force login if PATH == SOMETHING? That may get a bit tricky though - so you may want to move the logic of "Is This Page Protected" to a CFC, so your onRequestStart can simply do, <cfif isThisPageProtected()> On Fri, 11 Feb 2005 13:55:41 -0500, Pete Ruckelshaus <[EMAIL PROTECTED]> wrote: > Actually, I noticed last night that after leaving an IE window open > and untouched for > 2 hours, the Blackstone app that I am developing > that uses CFLOGIN didn't challenge me for a new log in. So, my guess > would be no. > > To expand this discussion on CFMX 7's cflogin, I was wondering how > people approach the following scenarios: > > * Allowing a "remember me" selection on the form that remembers a > user's login state for an extended period of time. I've done it in > the past with cookies, is there a more elegant approach to take in > cflogin? > * I'm using cflogin in the onRequestStart method of applicaiton.cfc; > the problem is, that makes a login required for the entire site. Is > there a way to be more selective and password protect individual > pages? I thought about setting a variable on the .cfm page, but of > course that would be processed after -- not before -- the > onRequestStart method. > > Thanks > > Pete > > On Fri, 11 Feb 2005 10:22:41 -0700, Paul <[EMAIL PROTECTED]> wrote: > > Great, thanks for the reply Ray. > > > > -----Original Message----- > > From: Raymond Camden [mailto:[EMAIL PROTECTED] > > Sent: Friday, February 11, 2005 9:03 AM > > To: CF-Talk > > Subject: Re: cflogin in v7 > > > > I'm 99% sure it does - but will ping Sarge when I see him to confirm. > > If I don't repost, then I was 100% right. (Or he may post here.) > > > > On Thu, 10 Feb 2005 22:27:28 -0700, Paul <[EMAIL PROTECTED]> wrote: > > > Does MX7 correct the 6.1 bug regarding cflogin not properly expiring > > > sessions? (OK I admit I could probably find this information but having > > > spent the past 2 hours realizing there was a bug with cflogin I'm not > > really > > > in the mood to look. Ironic that I now recall the cftalk list warning > > about > > > the cflogin bug. Too bad I didn't pay more attention to that thread.) > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:194324 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
