A quick fix _might_ be to force your server to single-threaded requests in your CF admin ... definitely a performance hit but (with my very limited cf experience) I understand that each page (template) will be fully locked until served ... maybe this'll buy you the time to plug in those cflock(s).
This "generic cookie" (again, I may be exposing my ignorance) is actually 2 vars CFID & CFTOKEN. When using session.vars, CF sends the id & token to the client browser to uniquely identify the "session". If cookies are disabled on the client-side, then session management will fail UNLESS you append the id & token to the end of your URL for each page request --- a big security hole as crackers can hijack your session ... more below ... "Harper, Laura" wrote: > Fellow listers: > > I'm sure my question has been asked before but I don't see anything in the > archives that I need. www.allaire.com -> cold fusion -> look for tech note on importance of session mngt.on main cf page > > What happens exactly to session variables if users are forced to go through > a proxy server? Or, put another way, what does a proxy server do to session > variables? dunno, but maybe cookies are intercepted(?!) > My company instituted a mandate that evey user must go through a proxy which > screwed up my session variables which I use for security reasons. Now users > from one region can see data from another region. What a mess!! And I must > admit that I'm not using <cflock> on the session vars. Would <cflock> > correct the problem? sounds like your session ids & tokens are getting stripped > My network guy insists that "It my understanding that ColdFusion hides the > burden of state management from the developer by using a generic cookie. > ColdFusion passes cookies to the workstation with a single filename and all > the information that server needs is passed back on that same cookie to the > workstation." Some facts would be appreciated. check yesterday's postings ... someone posted an eloquent (textbook) explanation of session vars ... I'm just parroting things I've learned (and struggled with) over the last few weeks. good luck, Mike ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
