We use server side session management and storage of session variables.
Kier Simmons Manager of Application Development [cid:[email protected]]<http://www.giveblood.org/> Phone: 713-791-6619 Toll Free: 1-888-482-5663 Fax: 713-791-6681 www.giveblood.org<http://www.giveblood.org> P Please consider the environment before printing this e-mail. From: Mark Davis [mailto:[email protected]] Sent: Wednesday, December 02, 2009 12:37 PM To: [email protected] Subject: [Possible SPAM] [houcfug] loginStorage for apps Importance: Low How many of you, in either your application.cfm or application.cfc, set your loginStorage = session and how many set it to cookie (or leave it off, which defaults to cookie). I am having a discussion with a co-worker about the two options. I read in different places about how specifying session for this is preferred and it even says to specify session in the CF8 Best Practices whitepaper. http://www.adobe.com/devnet/coldfusion/articles/dev_security/coldfusion_security_cf8.pdf My question is...what specific values don't get written to cookie if you specify session? Oh, and this is all using J2EE session mgmt. Thanks Mark -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en
<<inline: image001.gif>>
