We have an application that's been working fine for 9+ years now (started on CF5, now CF8.01). Yesterday we started to receive some comments from users that they weren't able to log in. I could log into their accounts fine, but they could not. They were using correct info (a failed login attempt was not being logged). One was on Firefox, the other on IE. In both cases, exiting and restarting the browser did the trick.
Now this morning it started happening to me and I was able to dump the cookie and session info. What seemed to be happening was that the session variables to determine if a user was logged in, the user id, the login time etc. were being set correctly in the session, but when the user gets redirected via cflocation the session is reset. In Application.cfm (yes I know - it's not an easy conversion to cfc - trust me - we're rewriting from the ground up because it's easier!), we have: setclientcookies="Yes" setdomain cookies is not specified. We're setup in Admin to use JSESSIONID. We're not changing from www.host.com to host.com when the user logs in. Today I come in and see that our current users online is only 5 - it's normally about 20 at this time of day so I'm thinking this might be more widespread than originally thought. We also have a few support e-mails where users can't login and don't get any sort of login failed error message. No changes have been made to the server, application.cfm or login processes. The server was physically rebooted last night. I've seen a few other posts on the web about this behavior but no concrete answer that fits our situation. Thanks, ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:333182 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
