>
> Why are the values for cookies the same as before? I thought expired
> cookies don't get sent by the browser anymore. But maybe I am mistaken and
> the CF server checks if cookies are expired?
>
If I remember correctly, the jSessionID/CFID/CFToken values are associated
with the browser instance, not the session instance. If you did this in IE,
then open up another browser and go to the same test page. You should see
that the jSession/CFID/CFToken values in your log file is now different.
> Why is the onSessionEnd handler not called? If I remove the ## stuff in
> onSessionEnd() so there's just text logged, it also does not appear in my
> log, suggesting it does not fire.
This is bad since I cannot rely on a sessionEnd e.g. handler to end a user
> session via <cflogout>
I have found this very confusing myself as well. However, the fact that
onSessionStart() gets called again indicates that it is indeed a new
session--that the previous session has ended. If you try the following code,
and go to the test page intermittently, you will see that every time
onSessionStart() gets called, the session scope (with the exception of
CFID/CFToken) values are empty. If I understand you correctly--you want to
use <CFLogout> to force login again after the user has been idle for 10
seconds or longer, correct? If that is the case, you can either do <cfset
THIS.loginStorage = "session"> in your application.cfc or put
idleTimeOut="10" in your <cflogin> tag. Both methods logs the user out when
they have been idle for at least 10 seconds. I'd go with the first method
because it is good to have session timeout value equal the login timeout.
Generally, you only need to use <CFlogout> when you want to give users the
option of manually expiring their own sessions before the session timeout
value is reached. Hope this helps!
*In your Application.cfc: *
<cfcomponent output="false">
<cfset THIS.name="Test onSessionEnd method">
<!--- Session times out every 10 seconds that the user is idle. --->
<cfset THIS.sessionTimeOut = "#CreateTimeSpan(0,0,0,10)#">
<!--- Application times out every 2 days (make sure the application timeout
value is bigger than session timeout.) --->
<cfset THIS.applicationTimeOut = "#CreateTimeSpan(2,0,0,0)#">
<cfset THIS.sessionManagement = "true">
<cffunction name="onRequestStart">
<!--- Set some session variables. --->
<cfset session.myCat="Furrs">
<cfset session.myDog="Chewbacca">
<cffile action="append"
file="#ExpandPath('/')#myTestLog.txt"
addnewline="true"
output="#TimeFormat(Now(),'HH:mm:ss')#: **onRequestStart**.">
<cfdump var="#session#" label="Session Scope in onRequestStart">
</cffunction>
<cffunction name="onSessionStart">
<cfdump var="#session#" label="Session Scope in onSessionStart!">
<cfoutput><b>I am a new session--put the user login form here!!<br
/></b></cfoutput>
<cffile action="append"
file="#ExpandPath('/')#myTestLog.txt"
addnewline="true"
output="#TimeFormat(Now(),'HH:mm:ss')#: **onSessionStart**
[#session.sessionId#-#session.URLToken#]">
</cffunction>
<cffunction name="onSessionEnd">
<cfargument name="SessionScope" required="True">
<cfargument name="ApplicationScope" required="False">
<cffile action="append"
file="#ExpandPath('/')#myTestLog.txt"
addnewline="true"
output="**onSessionEnd**
[#arguments.sessionscope.sessionId#-#arguments.sessionscope.URLToken#]">
</cffunction>
</cfcomponent>
*In your test file: *
Hello world, and the time now is: <cfoutput>#NOW()#</cfoutput>!
<!--- <cfinvoke component="application"
method="onSessionEnd"
sessionScope="#session#"> --->
<!--- <cfset variables.junkVar = structClear(session)> --->
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330859
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
