liltyga
asked on
Element CFID is undefined in SESSION
I have an application that has been working for the past 5 months now with no problem. All of the sudden, after I log out and attempt to log back in, I get the following error:
Element CFID is undefined in SESSION.
This is the pertinent code in the application.cfm file:
<!---application tag--->
<cfapplication name="RMCI"
SessionManagement="yes"
SETCLIENTCOOKIES="NO">
<cfset CookieDomain=".domain.com" >
<!---name application, and enable Session and Application variables--->
<CFAPPLICATION NAME="Security_Test"
SESSIONMANAGEMENT="YES"
SESSIONTIMEOUT=#CreateTime span(0,0,1 5,0)#
SETCLIENTCOOKIES="NO">
<CFLOCK SCOPE="SESSION" TYPE="READONLY" TIMEOUT="5">
<CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
<CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
</CFLOCK>
use cf_sessionWatch to warn users when they are about to timeout --->
<cf_sessionWatch launchTime="15">
This is the information from the logout.cfm file - When I commented this out; the error went away, but the session never dies:
<cfset user=session.Username>
<!--- <cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
Any ideas as to how to resolve this issue?
Element CFID is undefined in SESSION.
This is the pertinent code in the application.cfm file:
<!---application tag--->
<cfapplication name="RMCI"
SessionManagement="yes"
SETCLIENTCOOKIES="NO">
<cfset CookieDomain=".domain.com"
<!---name application, and enable Session and Application variables--->
<CFAPPLICATION NAME="Security_Test"
SESSIONMANAGEMENT="YES"
SESSIONTIMEOUT=#CreateTime
SETCLIENTCOOKIES="NO">
<CFLOCK SCOPE="SESSION" TYPE="READONLY" TIMEOUT="5">
<CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
<CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
</CFLOCK>
use cf_sessionWatch to warn users when they are about to timeout --->
<cf_sessionWatch launchTime="15">
This is the information from the logout.cfm file - When I commented this out; the error went away, but the session never dies:
<cfset user=session.Username>
<!--- <cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
Any ideas as to how to resolve this issue?
Hi liltyga,
my team mate asking if you are using same browser for login and logout? This may sound not stupid but just making sure.
Regards,
---Pinal
my team mate asking if you are using same browser for login and logout? This may sound not stupid but just making sure.
Regards,
---Pinal
Hi liltyga,
sorry for spamming, I should have my all the thoughts together in one post...I am not sure if following post is any applicable but I found saved on my archive. If this confuses you just ignore it ... may be it is the reason.
The CFRegistry tag was recently disabled. On CFMX this affects the CFApplication tag *if* client storage is left to it's default or set to "Registry".
At default, the CFApplicaiton tag has a parameter of clientstorage with a default value of Registry. By disabling the CFRegisty tag, this creates a conflit. To resolve the problem, the CFApplicaiton tag MUST include the clientstorage="Cookie" or clientstorage="Datasource_ Name" to ensure that CFMX does not try to access the registry.
Here is an example of a good CFApplication tag.
<cfapplication name="Your_App_Name"
clientmanagement="yes"
sessionmanagement="yes"
setclientcookies="yes"
setdomaincookies="yes"
sessiontimeout="#createTim eSpan(0,8, 0,0)#"
applicationtimeout="#creat eTimeSpan( 0,8,0,0)#"
Clientstorage="Cookie"
loginstorage="session">
Regards,
---Pinal
sorry for spamming, I should have my all the thoughts together in one post...I am not sure if following post is any applicable but I found saved on my archive. If this confuses you just ignore it ... may be it is the reason.
The CFRegistry tag was recently disabled. On CFMX this affects the CFApplication tag *if* client storage is left to it's default or set to "Registry".
At default, the CFApplicaiton tag has a parameter of clientstorage with a default value of Registry. By disabling the CFRegisty tag, this creates a conflit. To resolve the problem, the CFApplicaiton tag MUST include the clientstorage="Cookie" or clientstorage="Datasource_
Here is an example of a good CFApplication tag.
<cfapplication name="Your_App_Name"
clientmanagement="yes"
sessionmanagement="yes"
setclientcookies="yes"
setdomaincookies="yes"
sessiontimeout="#createTim
applicationtimeout="#creat
Clientstorage="Cookie"
loginstorage="session">
Regards,
---Pinal
ASKER
Not a problem Pinal, I appreciate your response. Yest the same browser is being used for login and logout. It didn't start happening until yesterday. The error doesn't show up unti you login, logout, and try to login again or refresh the page. If I close the browser and open it again, it is fine until I try to login, logout, and login again. I had found the same "good CFApplication tag" code through Google, and made some mods to the application.cfm file before I posted this query, but the changees were to no avail.
Hi liltyga,
hum... this sounds like that your application does not have much of the problem except with sessions. When you login it works and when you logout it may be creating some problem ... and when you try to login again it is conflicting with old session ( should not be) but when you start new browser it is opening new session for sure and there is no previous data so it works fine...
okey this could be happening when you delete the session it may not be deleting them right or may be it is deleting only partially ( cfid ) or something... I was wondring if this is not working correct...
<!--- <cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
how about if we try to use structclear(session)
let me knwo what is the output in that case...
Regards,
---Pinal
hum... this sounds like that your application does not have much of the problem except with sessions. When you login it works and when you logout it may be creating some problem ... and when you try to login again it is conflicting with old session ( should not be) but when you start new browser it is opening new session for sure and there is no previous data so it works fine...
okey this could be happening when you delete the session it may not be deleting them right or may be it is deleting only partially ( cfid ) or something... I was wondring if this is not working correct...
<!--- <cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
how about if we try to use structclear(session)
let me knwo what is the output in that case...
Regards,
---Pinal
ASKER
I tried it, but unfortunately that didn't work either - I got the same CFID is undefined in Session error when I refreshed the page after logging out, or trying to access the page directly again. It's so strange - I didn't do anything to this app for so many months, and all the sudden it is doing this.
hi lityga,
I am sorry to here that... may be this is due to some other reasons...
may be this is not apropriate but can we see that error or having test account for 10 min or something?
Regards,
---Pinal
I am sorry to here that... may be this is due to some other reasons...
may be this is not apropriate but can we see that error or having test account for 10 min or something?
Regards,
---Pinal
ASKER
It's actually internal, so I can't send a link, but I can provide more code if needed - all I know is that when I comment out the <cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
the error goes away, but the session is not terminated. Is there a better way to terminate the session?
<cfset StructDelete(session,i)>
</cfloop>
the error goes away, but the session is not terminated. Is there a better way to terminate the session?
structclear(session) is also creating problem for you... so ... hum...
okey... if you use
structclear(session)
instead of this...
<cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
and it is not working ... am I understanding that correct.
If this works once and does not work second time... is just confusing me...
i use structclear to delete them... complitely.....
Regards,
---Pinal
okey... if you use
structclear(session)
instead of this...
<cfloop collection=#session# item="i">
<cfset StructDelete(session,i)>
</cfloop>
and it is not working ... am I understanding that correct.
If this works once and does not work second time... is just confusing me...
i use structclear to delete them... complitely.....
Regards,
---Pinal
Hi liltyga,
I will go home after 45 min. So I was thinking to solve this issue before that if possible.
Regards,
---Pinal
I will go home after 45 min. So I was thinking to solve this issue before that if possible.
Regards,
---Pinal
ASKER
Thanks, I tried that and still get this error when logging in:
Element CFID is undefined in SESSION.
The error occurred in (directory path): line 24
22 :
23 : <CFLOCK SCOPE="SESSION" TYPE="READONLY" TIMEOUT="5">
24 : <CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
25 : <CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
26 : </CFLOCK>
Element CFID is undefined in SESSION.
The error occurred in (directory path): line 24
22 :
23 : <CFLOCK SCOPE="SESSION" TYPE="READONLY" TIMEOUT="5">
24 : <CFCOOKIE NAME="CFID" VALUE="#SESSION.CFID#">
25 : <CFCOOKIE NAME="CFTOKEN" VALUE="#SESSION.CFTOKEN#">
26 : </CFLOCK>
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
let me know if any of this is usuful to you.
Regards,
---Pinal
Regards,
---Pinal
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all your help!
glad to help you and Anadkp that link is good one.
Regards,
---Pinal
Regards,
---Pinal
okey. I think you might have tried this but, once someone login they usually get CFID and CFTOKEN
so, due to any reason they got deleted by another page or session while some one is logged in ...when they try to logout this is what happens.
So, close everything and try to login from the beginning and also make sure that no body else is using system and only you (one user) is using this system.
AFter that, if this happens it means that due to some code or some reason the session is getting deleted.
we had same problem once... due to some reason on our dev server all the sessions were deleted by the code of our API division and we Research division was really researching this problem for long time...
Regards,
---Pinal