Solved

Roles don't refresh after log out

Posted on 2004-05-03
5
164 Views
Last Modified: 2013-12-24
I have a cflogin-based application.  I have a typical setup with the suggested cflogin structure in the web application construction kit and in the CFdocs.  I have a user interface that allows an admin to update a user's roles.  The problem is that when a user logs in after the roles have been updated, they still have access to all the pages they did before.  How can I make the CF application server requery roles every time a user logs in?  
0
Comment
Question by:OmegaProgrammer
5 Comments
 
LVL 17

Expert Comment

by:anandkp
ID: 10977019
well i guess this is a browser cache issue

purge ur browser cache & chk again - it shld !
0
 
LVL 35

Expert Comment

by:mrichmon
ID: 10978707
If you are storing the information in  cookies then you may need to clear the user cookies and re-write them.
0
 

Author Comment

by:OmegaProgrammer
ID: 10980967
Well I'm storing the login information in the cfloginuser structure and using the IsUserInRole function.  I assumed that when I ran the cflogout command that it would clear it, but apparently it doesn't.  Any suggestions?
0
 
LVL 35

Accepted Solution

by:
mrichmon earned 500 total points
ID: 10981376
From the cold fusion web app construction kit:

"Behind the scenes the <cflogin> framework sets a cookie on the browser machine to remember the user has logged in"

So it is possible that the cookie is not getting cleared.

Additionally you may want to try using the optional attribute IDLETIMEOUT="seconds"

The default is 1800 seconds (30 min).  You could try setting this to 300 (5 min) and see what happens....
0
 
LVL 2

Expert Comment

by:LeaperJPD
ID: 10991334
I think this would be related to the session variables / etc. that coldfusion uses.  Stuff this code into the onrequestend.cfm template for the application in question.

 <cfif IsDefined("cookie.CFID")>
 <cfcookie name="CFID" value="#cookie.CFID#">
</cfif>
<cfif IsDefined("cookie.CFToken")>
 <cfcookie name="CFToken" value="#cookie.CFToken#">
</cfif>

or just put that code at the end of each page where you expect the user to log out, but DO NOT use it after a cflocation or it won't work.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This is a guide to setting up a new WHM/cPanel Server to be used for web hosting accounts. It is intended for web hosting company administrators and dedicated server owners. For under $99 per month (considering normal rate of Big Data Cetnters like …
Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now