Bryan, Are these apps running on the same domain or different domains, if they are on the same domain then you will need to specify the path in your session cookies so they don't invalidate each other (this relatively new behavior due to the session fixation security hotfix APSB11-04 released in Feb).
Also if you are experiencing a cookie problem on one browser but not another make sure you have cleared cookies first. -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http://petefreitag.com/ - My Blog http://hackmycf.com - Is your ColdFusion Server Secure? On Thu, Dec 15, 2011 at 12:22 PM, Bryan Stevenson <[email protected]> wrote: > > Hey All, > > Can't say that I've bumped into this before..... > > 1) 2 apps are involved and both use SESSION vars to store user details > once they login. > > 2) Both apps are set to setClientCookies in CFAPPLICATION > > 3) App 1 uses a standard login form where credentials are verified and > the SESSION vars are set if successful > > 4) App 2 uses Windows Integrated Authentication to grab the user's ID > off the network and use that as part of the authentication process - > when successful...SESSION vars are set as in app 1 > > 5) Both apps have a different name in CFAPPLICATION ;-) > > 6) both apps reside on the same server running CF 8 against Oracle 10G > > Here's what happens on WinXP Pre SP 3 with IE 7: > ---------------------------------------------------------------------------------------------------- > 1) Open new IE7 window and log in to app1 > > 2) Open new IE7 window and log in to app 2 > > 3) Go back to the browser with app 1 and try to navigate through app - > get kicked to session expired screen > ---------------------------------------------------------------------------------------------------- > > This was tested by another user on XP with IE8 and the issue did not > occur. > > So I'm pretty sure this is an IE7 issue, but I'm a tad lean on things to > check....any ideas? > > TIA > > Cheers > -- > > > Bryan Stevenson B.Comm. > VP & Director of E-Commerce Development > Electric Edge Systems Group Inc. > phone: 250.480.0642 > fax: 250.480.1264 > cell: 250.920.8830 > e-mail: [email protected] > web: www.electricedgesystems.com > > Notice: > This message, including any attachments, is confidential and may contain > information that is privileged or exempt from disclosure. It is intended > only for the person to whom it is addressed unless expressly authorized > otherwise by the sender. If you are not an authorized recipient, please > notify the sender immediately and permanently destroy all copies of this > message and attachments. > Please consider the environment before printing this e-mail > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:349171 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
