The application can rely on cookies (to a point), but some load balancers can use cookies to manage sticky sessions. Basically, a user coming in from AOL may change IP addresses mid stream, but the load balancer will check the user's cookie and forward to the same session on the same server. This isn't always 100% effective, and most load balancers have ways of setting up precedence rules, whereby a) if cookie check fails then go by their IP, b) if the IP has changed then do x, c) etc., etc.
Steve "Cutter" Blades Adobe Certified Professional Advanced Macromedia ColdFusion MX 7 Developer _____________________________ http://blog.cutterscrossing.com Peterson, Chris wrote: > Mark, > > What did you do to handle this? We have the exact same scenario, 2 > servers behind a Cisco CSS with sticky sessions based on IP. > > Chris > > -----Original Message----- > From: Gaulin, Mark [mailto:[EMAIL PROTECTED] > Sent: Thursday, April 19, 2007 1:56 PM > To: CF-Talk > Subject: RE: Cookies, Session Scope, and the AOL Browser > > I have seen where a single visit from an AOL person can come from > different IP addresses. We use a load balancer with "sticky sessions" > that sends the same IP to the same server (within a given time limit, > and only if that server is up) so that they will get the same session > state on each hit. When AOL users change IP the load balancer would > sometimes send them to a different server and the session on that server > would not show them as logged in... they end up with two "sessions". > (We don't use any kind of session replication.) > > FYI > > Mark > > -----Original Message----- > From: Josh Nathanson [mailto:[EMAIL PROTECTED] > Sent: Thursday, April 19, 2007 1:01 PM > To: CF-Talk > Subject: Re: Cookies, Session Scope, and the AOL Browser > > >>What does AOL do that would make a user unable to log in? Does it >>block all cookies? Do sessions just not work? Anyone with experience > > >>coding for AOL, please toss me a bone here! =) I don't specifically >>write a cookie, but this is the top of my application.cfc: > > > Chris, AOL doesn't block cookies by default, so your sessions should > work the same (unless you send the cfid and cftoken in every url, your > session depends on the cookie to know which session to refer to). I > keep a copy of AOL Explorer around for testing purposes. Something else > must be going on there, but your Application.cfc code looks fine to me. > > -- Josh > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275879 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
