> I really didn't want to use any kind of cookie. I have data in the session > variables I don't want compromised in any way. I was just hoping the J2EE > solution would be a magic bullet.
Using J2EE session variables will, by default, prevent the session from persisting in the browser after the browser has been closed and reopened. So if that's all you want, you can do that. But in any case, YOU ARE ALREADY USING COOKIES. That's how both J2EE sessions and CF's "native" sessions work, by default. If you weren't using cookies, you'd have had to write enough code to keep sessions going that you wouldn't need to ask this question. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:343476 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
