> sorry to resurrect an old thread, but I think I have something to add to > it... > > the same issue has manifested itself on one of my sites about 2 days ago > all of a sudden. my error handler started flooding my inbox with > "Session is invalid" error reports at a rate of about 80-110 a day.
There were a couple of things that I did that sorted this out completely. 1. Double checked the server was using J2EE sessions. 2. Set the maximum timeouts to the same values as the default timeouts in the CF Admin. 3. Set the session-timeout in the web.xml file to a little more than the settings in CF Admin (I added 5 mins). 4. (This is the bit I was missing). Set the setClientCookies var in the application cfc/cfm to false. Because I was missing the last piece, the CFID and CFTOKEN cookies were being issued as well as JSESSIONID. This was causing clients to hold onto the CFID/CFTOKEN combination (sent to the client) when the JSESSIONID (held in server memory) had long since expired. CF was trying its best to reconcile both the CFID/CFTOKEN combination with a valid J2EE session and was failing as the J2EE session no longer existed and was null... hence the error "Session is invalid null" HTH Paul ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325168 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
