Definitely look into the www.mysite.com versus mysite.com (no www) issue. This can cause the problems you're having.
-- Josh ----- Original Message ----- From: "Jason Dunaway" <[EMAIL PROTECTED]> To: "CF-Talk" <[email protected]> Sent: Thursday, April 05, 2007 5:40 AM Subject: Session timeout problems > Hi all, > > I'm having trouble with sessions timing out randomly. I have 2 days to > get a fix together for this problem so any help is greatly appreciated. > Here are the specifics: > > The website in question is heavily based upon user information. We > designed a "user" component that is loaded in the session scope when the > user logs in. This component contains all of the user's information as > well as methods dealing with the user's information. > > In the site's main application.cfm, we are checking to verity that > "session.userdata" is defined in order to access any page. If that > variable is not defined, then we direct the user to a "session timeout" > page that requires them to log back in. Our goal is to have the session > timeout be set at 2 hours. We've made sure that, on the coldfusion server > admin end, everything is setup to 2hrs. In the application.cfm page, > we're setting the application up like this: > > <cfapplication name="test" sessionmanagement="yes" > sessiontimeout="#CreateTimeSpan(0,2,0,0)#" setclientcookies="yes"> > > OK, so in theory this should be fine. Well, not so much. Most (like 90% > or more) of our users DO NOT have any issues. They stay logged in for the > 2 hours without any problems. In fact, we are unable to duplicate the > problem but have confirmed that it's happening with some users. Every > time the view a page the timer is reset and all is well. Well for quite a > few users we are seeing that their sessions are timed out randomly, > ranging from 3 minutes all the way to 117 minutes! It is very strange. > > The site is on a cluster (2 servers), so we assumed that the "sticky" is > not working correctly. Proxy server stuff also has been considered. > We've taken all of the steps necessary to eliminate both > possibilities.....we're now running on 1 server and making sure that no > pages are cached by remote proxies. > > I've been researching how coldfusion manages sessions. We are gathering > as much data as we can when the timeout occurs. From what we've found, > the CFID, CFTOKEN, and JSESSIONID are all still valid cookies on the user > side. For whatever reason the session scope variables are being wiped out > randomly. There has been no pattern to this, it's completely random and > the data collected is not pointing in any one direction. > > If you have any advice, please respond. I've spent a lot of time recently > trying to chase down this problem and I'm getting very annoyed by it. I > would sincerely appreciate any input. We are using CFMX 6.1. > > Any questions about what I've posted please let me know and I'll do my > best to answer. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:274610 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
