CFLOGIN Cache Problem with User Roles
Posted on 2004-09-30
I've built a login framework using CFLOGIN. I'm having a problem (as are many people I've seen) where even though the user has logged out <CFLOGOUT>, they're roles seem to be cached the next time even though they're prompted to log back in. I've been researching this for 3 days and have tried every combination. Could someone look at my cfapplication tag and logout.cfm code and give me feedback? I think I'm confident in what is in the CFLOGIN, pretty basic, and I didn't want to take up too much space by entering everything here but if you need more information please let me know.
How do you test what information is cached in HTTP Header?
Is it true that CFLOGOUT only clears what is entered in CFLOGINUSER?
<!--- used 2 minutes here for testing purposes only --->
<cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
<cfcookie name="CFID" value="#localCFID#">
<cfcookie name="CFTOKEN" value="#localCFTOKEN#">
<cflock timeout=20 scope="Session" type="Exclusive">
<cfset session.isloggedin = "no">
<cfset StructDelete(session, "CFID")>
<cfset StructDelete(session, "CFTOKEN")>
<cfset StructDelete(session, "URLToken")>
<cfset StructDelete(session, "SessionID")>
<cfset StructDelete(session, "UserLogin")>
<cfset StructDelete(session, "UserPassword")>
<cfset StructDelete(session, "emp_id")>