> Yep, that would be nice to configure session behavior at the application > level. What sort of problems have you run into with J2EE sessions when a > site is coded for ColdFusion sessions? Is it just that CFID and CFTOKEN > are no longer available in the session scope? I'm pretty sure that they > are still available as client variables so an application could be > modified but that could take quite an effort.
We provide shared hosting and dedicated servers, so modifying code isn't always an option. When J2EE sessions are enabled, there are several changes to ColdFusion behavior. A lack of control over the session timeout is one. Missing CFID and CFTOKEN keys in the session scope is another. URL redirects contain ";JSESSIONID=?????". That can cause problems for some apps that manually parse the URL for whatever reason. Just to be clear, I'm not arguing against J2EE sessions or even using them in ColdFusion apps. However, it's important to note that using J2EE sessions on a shared server or even a dedicated server where you don't control all the code, is probably not a good idea because of the aforementioned session synchronization issues. In addition, that little checkbox can cause some backwards compatibility issues like those mentioned above. Ben Rogers http://www.c4.net v.508.240.0051 f.508.240.0057 ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). CFCDev is supported by New Atlanta, makers of BlueDragon http://www.newatlanta.com/products/bluedragon/index.cfm An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
