> So considering the above - what, in theory, would be the exact > consequences in switching to J2EE sessions? I don't this there would be > that much code that would need to be changed. I'm simply checking that > session.isADMIN is true in my application file. I admittedly don't have > a super-technical understanding of exactly how things have changed > between CF8 and CF10.
If you're not directly referencing CFID and CFTOKEN in your code, and you're not relying on the default persistence of CF session cookies, you should be able to just enable that option. By "the default persistence of CF session cookies", I mean that CF's session cookies by default don't get deleted when the browser is closed. J2EE session cookies do. So, if a user logs into your app, closes the browser, then opens it back up, the user will have to log in again if you're using J2EE sessions even if the session would not have expired otherwise. Dave Watts, CTO, Fig Leaf Software 1-202-527-9569 http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357885 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
