Best thing to do is to cflock the db action so that you can get a unique record. If the call to the cfc is what hands the entirety of the user authentication...put a lock around that call so that no other users are taking action until the first is done.
-----Original Message----- From: Eric Williams [mailto:e99...@gmail.com] Sent: Wednesday, February 01, 2012 9:44 AM To: cf-talk Subject: Re: Crossed Accounts Issue > > I have an issue that I am hoping one of you can help me out with. > The issue is caused when more than one user logs in > > with a few tenths of a second of each other. This happens maybe > once every few weeks on a high volume application. > > The problem is with user information getting mixed up when > authenticating. > > > > As you can see from the code below the authenticate component is > called right before setting the session username. > > The authenticate component does all the basic checks and returns the > user info. In these rare instances the > > session.RetAuth.username and all the info returned from the > component are for another user that is logging in at the same > > time. > > > > <CFSCRIPT> > > if(NOT IsDefined("APPLICATION.oUser")){ > > APPLICATION.oUser=CreateObject("component", > "#APPLICATION.G.CFC_PATH#User"); > > } > > APPLICATION.oUser.DSN=this.DSN; > > </CFSCRIPT> > > <CFSET session.RetAuth=APPLICATION.oUser.authenticate(form. > Login,form.Password)> > > <CFSET SESSION.UserName=FORM.Login> > > This is a race condition issue. You can solve it by implementing > locking, either around this code or perhaps within your component. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA > Schedule, and provides the highest caliber vendor-authorized > instruction at our Dave, I already have a lock in the component, I create a unique uuid on each request for the lock. Did not solve the problem. Might try a lock around the entire login code. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:349734 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
