I've never heard of a lab setup like this, but certainly
don't doubt it. Is there some reasoning behind the
configuration?
Session variables, by default, use cookies to maintain
identity. You can disable this by using the
SetClientCookies=No in the CFAPPLICATION tag. If you do
this, you'll have to be VERY careful to pass the CFID and
CFToken (two elements to identify every user) in every
single URL and Form. If you forget a link someplace, a new
session will be started when the user clicks the link. I
believe there are examples of this type of setup in Ben
Forta's books.
This is also the approach to take when working with users
that have cookies disabled, as their sessions will die
after every page request, since the cookie deletes itself.
Norman Elton
Quoting Pete Miller <[EMAIL PROTECTED]>:
> We have an application that uses cookies to track
> the identity of a user
> after logging in. In a beta test performed at a
> university lab, this
> model failed because the browsers were set up to
> share the same
> cookies. In this case, all users had access to the
> information of the
> last user to log in. Is this a common configuration
> in networks? Would
> switching to session variables eliminate this
> problem in such an
> environment or could there still be issues with
> this, depending on their
> configuration?
>
> -Pete
>
> Archives:
> http://www.mail-archive.com/[email protected]/
> Unsubscribe:
> http://www.houseoffusion.com/index.cfm?sidebar=lists
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
