Solved

Roles don't refresh after log out

Posted on 2004-05-03
5
169 Views
Last Modified: 2013-12-24
I have a cflogin-based application.  I have a typical setup with the suggested cflogin structure in the web application construction kit and in the CFdocs.  I have a user interface that allows an admin to update a user's roles.  The problem is that when a user logs in after the roles have been updated, they still have access to all the pages they did before.  How can I make the CF application server requery roles every time a user logs in?  
0
Comment
Question by:OmegaProgrammer
5 Comments
 
LVL 17

Expert Comment

by:anandkp
ID: 10977019
well i guess this is a browser cache issue

purge ur browser cache & chk again - it shld !
0
 
LVL 35

Expert Comment

by:mrichmon
ID: 10978707
If you are storing the information in  cookies then you may need to clear the user cookies and re-write them.
0
 

Author Comment

by:OmegaProgrammer
ID: 10980967
Well I'm storing the login information in the cfloginuser structure and using the IsUserInRole function.  I assumed that when I ran the cflogout command that it would clear it, but apparently it doesn't.  Any suggestions?
0
 
LVL 35

Accepted Solution

by:
mrichmon earned 500 total points
ID: 10981376
From the cold fusion web app construction kit:

"Behind the scenes the <cflogin> framework sets a cookie on the browser machine to remember the user has logged in"

So it is possible that the cookie is not getting cleared.

Additionally you may want to try using the optional attribute IDLETIMEOUT="seconds"

The default is 1800 seconds (30 min).  You could try setting this to 300 (5 min) and see what happens....
0
 
LVL 2

Expert Comment

by:LeaperJPD
ID: 10991334
I think this would be related to the session variables / etc. that coldfusion uses.  Stuff this code into the onrequestend.cfm template for the application in question.

 <cfif IsDefined("cookie.CFID")>
 <cfcookie name="CFID" value="#cookie.CFID#">
</cfif>
<cfif IsDefined("cookie.CFToken")>
 <cfcookie name="CFToken" value="#cookie.CFToken#">
</cfif>

or just put that code at the end of each page where you expect the user to log out, but DO NOT use it after a cflocation or it won't work.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In our day to day coding, how many times have we come across a necessity to check whether a URL is a broken link or not? For those of you that answered countless and are using ColdFusion like myself, then this article is for you.  It will show yo…
One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question