[cfaussie] Re: JSessionID and domain cookies

[Peter Daams]

Hi Phil,� Thanks for your help.� It's been set to use jsessionids for over a year already and has been restarted numerous times and even moved servers recently. From what I understand, what is happening shouldn't be happening. It just doesn't make any sense to me that a) the CFID and CFTOKEN cookies are still being set (in addition to the session.sessionid) and b) the jsessionid cookie is not a domain cookie .. grrr .. I'm guessing the two are connected though. Might help in the hunt for a solution.� I might have to resort to setting my own cookie as you suggest though. I have played around with that and got it to work, but I'd rather use what *should* work out of the box in Coldfusion.� Cheers, Peter Hi Peter, Have you restarted your coldfusion service? After setting the Jsessionid box� in the CF administrator you will need to restart CF for the settings to take� effect. After a restart you should no longer have a session.CFID and� session.CFTOKEN at all, but instead have your new jsessionid value set in� the session.SESSIONID variable. You will also be able to use the� session.URLTOKEN variable which now appends the jsessionid onto the end of� it. With regard to domain cookies we have played around with setting a cookie in� the application.cfm equal to the jsessionid value and then putting in a� domain attribute of domain=".yourdomain.com" to enable the jsessionid to� work across subdomains. This works fine except when using HTTPS subdomains� which seems to cause the session to be lost. Hope this helps, Phil Queensland Holiday Xperts www.qhx.com.au --- You are currently subscribed to cfaussie as: archive@mail-archive.com To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/