Not really a case of best pratice here, they are all methods and have their uses in certain situations. The default timeout for CF Sessions is 20 minutes, you can control this easy enough and the timeout (20 minutes) will start counting down from the last page processed for that session. So you could set it to a few minutes. Mind how low you make it though.... If the application involves typing - some people are slow typers - and the session might expire for the legitimate user. Find the thing in your website that takes the longest to do (user experience) double it and make that your timeout.
BAT ------------------ Bruce Trevarthen ZeroOne (NZ) Limited -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Beattie, Barry Sent: Thursday, 13 November 2003 12:13 p.m. To: CFAussie Mailing List Subject: [cfaussie] RE: sessions won't go away Gary: thanx for the explain on what Steve's code does. that makes sence but is it the best way to do this (best practice) - to counteract the "stickyness"? I'm playing around with public access machines (eg: libraries, etc) where people forget to log out of the web apps. -----Original Message----- From: Gary Menzel [mailto:[EMAIL PROTECTED] Sent: Thursday, 13 November 2003 8:56 AM To: CFAussie Mailing List Subject: [cfaussie] RE: sessions won't go away > I don't know the intracacies of CFID and CFTOKEN enough to explain > why, but I'm sure someone will shed some light... The "how" and "why" is that Cold Fusion Sessions are sticky sessions (i.e. the cookie's are not set to never expire and are persisted by the browser). What you want (in most cases - to match ASP) is "Session" cookies (i.e. sessions that go away on disconnection). By resetting the cookie (with <CFCOOKIE>) using the original values you maintain the cookie that has been set by CF for the session but force it to expire immediately (because the default EXPIRE for <CFCOOKIE> is NOW). So, in fact, by the end of the call, the cookie has "technically" expired and is not persisted. So, when they shut their browser, the cookie no longer exists. Now, I could have this all wrong (and I am sure Vaughan will correct me when he comes into work) but that is basically the how and why of it. Gary Menzel Web Development Manager IT Operations Brisbane -+- ABN AMRO Morgans Limited Level 29, 123 Eagle Street BRISBANE QLD 4000 PH: 07 333 44 828 FX: 07 3834 0828 ************************************************************************ **** If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact ABN AMRO Morgans Limited immediately by returning the email to [EMAIL PROTECTED] and destroy the original. We will refund any reasonable costs associated with notifying ABN AMRO Morgans. This email is confidential and may contain privileged client information. ABN AMRO Morgans has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. Materials may also be transmitted without the knowledge of ABN AMRO Morgans. ABN AMRO Morgans Limited its directors and employees do not accept liability for the results of any actions taken or not on the basis of the information in this report. ABN AMRO Morgans Limited and its associates hold or may hold securities in the companies/trusts mentioned herein. Any recommendation is made on the basis of our research of the investment and may not suit the specific requirements of clients. Assessments of suitability to an individual's portfolio can only be made after an examination of the particular client's investments, financial circumstances and requirements. ************************************************************************ **** --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004 --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004 --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
