Strange how people reply to other peoples posts, and confuse future people who may end up reading these threads.
For anyone else who may read this later it was the OP who does the WDDX not me. -- Regards, Andrew Scott WebSite: http://www.andyscott.id.au/ Google+: http://plus.google.com/108193156965451149543 On Wed, May 16, 2012 at 5:14 AM, Russ Michaels <[email protected]> wrote: > > your WDDX method has always worked well for me too, and I have used the > same method for saving sessions as well. Just dump the entire session scope > to WDDX and save it to the users record between page loads, then load it > back it in later, such as after login or when switching to https. > > On Tue, May 15, 2012 at 7:54 PM, Andrew Scott <[email protected] > >wrote: > > > > > As you would be aware going from non SSL to SSL will be seen as a new > > session by the browser, the one thing that you would need to do is > remember > > to keep your session variables to a minimum. The more you keep in here > the > > more it may end up costing you. > > > > What I mean by that is that you will need to way up the cost of growing > in > > relation to how much memory you waste to a user being connected, the more > > users the more memory. Which means that in time you may find yourself > > having to go to more servers (clustered) quicker than you may need too. > > > > Now you may not be in a situation where that is going to affect you, but > > you should take that into consideration when deciding your longer plan > for > > the life of your application. > > > > > > -- > > Regards, > > Andrew Scott > > WebSite: http://www.andyscott.id.au/ > > Google+: http://plus.google.com/108193156965451149543 > > > > > > > > On Wed, May 16, 2012 at 4:43 AM, Nick Gleason <[email protected] > > >wrote: > > > > > > > > Hi folks, > > > > > > > > > > > > With our CMS / CRM application, we are looking at moving from a > reliance > > on > > > client variables towards more reliance on session variables, including > as > > > it > > > relates to logins. One challenging scenario happens when a client is > > using > > > SSL for ecommerce transactions. If a user logs in, using session > > variables > > > for persistence, then goes to a page that is not in https and then goes > > to > > > a > > > page (e.g. an ecommerce screen) that uses https, sessions are dumped > when > > > the site goes into https and the login can be lost. > > > > > > > > > > > > We are probably going to solve that problem by just requiring the whole > > > site > > > to go into https. However, I wanted to know if there are other good > ways > > > to > > > solve this. > > > > > > > > > > > > We have solved that kind of problem in a related scenario (with > attribute > > > scoped variables that need to survive https) by using wddx to store > > > variables in the client scope and then get them back from there after > > > moving > > > into https. That has worked pretty well, but feels a bit complex. > > > > > > > > > > > > As we look at expanding our use of sessions, it seems like a good time > to > > > look at other options. So, are there other or better ways to keep > > session > > > variables alive when a logged in user goes to an https encrypted page? > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > Nick > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351176 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
