It is the same application (with the same name).. It is the same directory on the same server runnig under IIS 6. There are two site 'definitions' within IIS The first site runs (unsecured) on 1 ip and has has the application directory as it's home. The second site is on a diffrent ip but has my application mapped as a virtual directory... It's the same app on two different ip's. Thirdly which I didn't mention before..We have turned off socket pooling on IIS 6
> Gus, > The session variables would be specific to the application name on > the > server, not just the server. > > Some options: > Log into every application on the main login page by writing a > cfapplication tag, then set the session variables, then repeat for > every application. > Log into every application from the main login page using cfhttp to > call hidden secondary login pages. > Make every application name the same, which would mean they would > share session and application scopes. > You could make use of the server variable scope or the database to > pass information between the various applications. > > I would be surprised if it turned out to be cheaper to pay an > employee > to code a work-around then it would be to buy some SSL certs. If you > buy enough certs from a place like Thawte, they give you significant > discounts, or you could go to a discount certificate reseller. I > realize that many organizations pay employees and vendors out of > different budgets, which I'm guessing is the problem. > > Good luck, > Mike Chabot > > On Sat, Sep 20, 2008 at 12:57 AM, Gus Denton <[EMAIL PROTECTED]> > wrote: > > Here is my problem.. > > I am working in a uni and we have multiple sites (on the same > server) requiring authentication. We simmply cannot afford to purchase > a cert for each site (domain and separate IP), so my solution was to > created a single site with a cert which has the other sites available > as virtual directories, Authentication would be performed via ssl and > then the user would be redirected (using cflocation) back to the > insecure site along with the session (cfif, cftoken) appended to the > URL, however when I do this I cannot see the session variables > established during authentication even though the cfid and cftoken are > the same .... > > > > Any ideas how I can acheive this ? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312869 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
