> Yeah, you're pretty much dead on there as far as I know. If you use the > UUID token value and set the non-persistent cookies then the way the > application behaves is exactly the same from what I've seen. It's just a > little easier out of the box with j2ee session variables because you don't
> have to mess with that other stuff. It seems to me that it's the same trouble either way. Neither option is a default, and both options are checkboxes in the ColdFusion Administrator. I guess there is the matter of the cookie, but you're going to need code to initialize your session scope either way. > I do control my own server so that puts me at an advantage I guess. :-) We control all the servers. We just don't control all the code. :) I ran into a few other issues with J2EE sessions. If you enable J2EE sessions, cfid and cftoken are no longer available in the session scope (if memory serves). If you're coding an app from scratch, that's not a problem, however, many third part apps, have been designed to use ColdFusion sessions. Personally, I would really like to see J2EE sessions configurable at the application level. Without that, they are pretty much useless to me. Ben Rogers http://www.c4.net v.508.240.0051 f.508.240.0057 ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). CFCDev is supported by New Atlanta, makers of BlueDragon http://www.newatlanta.com/products/bluedragon/index.cfm An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
