If I'm not mistaken, *authorization* (not authentication) can't work across multiple CF servers -- clustered or not -- because there's no mechanism for specifying *roles* on any computer other than the one on which CFLOGINUSER was executed.
It doesn't matter whether you're using cookies or session (with proper session syndication in place) because the cookie contains only the username, password, and application name -- no roles. Which is another reason why you want to use loginStorage="Session", as the cookie is not encrypted (it's only Base64 encoded). BlueDragon, however, *does* handle all authentication and authorization properly across servers with the CFLOGIN framework. Respectfully, Adam Phillip Churvis Certified Advanced ColdFusion MX 7 Developer BlueDragon Alliance Founding Committee Get advanced intensive Master-level training in C# & ASP.NET for ColdFusion Developers at ProductivityEnhancement.com ----- Original Message ----- From: wolf2k5 To: CF-Talk Sent: Friday, March 24, 2006 4:26 PM Subject: Re: cflogin and load balancing On 3/23/06, Adam Churvis <[EMAIL PROTECTED]> wrote: > ColdFusion Server is broken with respect to the CFLOGIN security framework > working on a clustered system with failover. The reason is that the > authentication cookie contains the authentication information but not any > authorization (roles) information. The authorization information is stored > locally only on the server on which CFLOGINUSER was called, but not in the > Session scope, so this information never gets synidcated to the other > machines. Setting cflogin to use cookies appears to work fine with multiple non clustered CF servers. Cheers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236192 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
