WestCoast_BC
asked on
Can someone explain to me how session variables work
I have created a website using Coldfusion. I use a session variable to store information about a user when they login. My application.cfc has sessionmanagement set to true.
I am finding that sometimes (and it is intermittent) that when a user navigates to a different page within the same website that they are automatically logged out. It seems to me that the session variables is reset. I am struggling to figure out what is going on. Any advice regarding what to look for is appreciated.
I am finding that sometimes (and it is intermittent) that when a user navigates to a different page within the same website that they are automatically logged out. It seems to me that the session variables is reset. I am struggling to figure out what is going on. Any advice regarding what to look for is appreciated.
ASKER
My sessiontimeout is set to 20.
You are right, my problem does not occur from timing out. It is happening while a user is navigating to various pages. For example, the first time a user goes to a page it will work fine but then the next time the user goes to the same page they are suddenly not logged in.
Please note that I am not using CFLogin but instead wrote my own login code.
I have not been very good about surrounding my code that reads/writes session variables with CFLock. Could this be my problem? I will add CFLock everywhere I access session variables.
You are right, my problem does not occur from timing out. It is happening while a user is navigating to various pages. For example, the first time a user goes to a page it will work fine but then the next time the user goes to the same page they are suddenly not logged in.
Please note that I am not using CFLogin but instead wrote my own login code.
I have not been very good about surrounding my code that reads/writes session variables with CFLock. Could this be my problem? I will add CFLock everywhere I access session variables.
You only need cflock around session vars when setting them not reading them.
can you post your login and session setting code please?
can you post your login and session setting code please?
ASKER
Is the requirement to only need cflock around setting session variables new? I was reading: CFLock Article and it seems to me that I need to surround session variable read and writes with CFLock. Am I incorrect?
My login is just a form where the user enters their user name and password. If the login information is correct I do:
<cfset session.userid = getUser.userid>
getUser is a query into my database that retrieves the logged in user's id value.
My login is just a form where the user enters their user name and password. If the login information is correct I do:
<cfset session.userid = getUser.userid>
getUser is a query into my database that retrieves the logged in user's id value.
ASKER
Also, if I use CFLocation with AddToken="false" could this also cause my problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am using CFLocation in some of my code. I don't think it is used in the times when I have experienced my problem. I am thinking that I may have some sort of race condition and I am hoping that by surrounding my setting of session variable with <cflock timeout=20 scope="Session" type="Exclusive"> .. </cflock> that my problem will be solved.
So post again if you continue to experience the problem.
Good luck ...
Good luck ...
But it seems like you mean something else from that like it logs out right in the middle of navigating to various pages.
Also, you could always check the sessiontimeout in your settings. If you don't have a setting I believe the default in the CF Administrator is 20 minutes.
Review this link in the docs to make sure you are doing everything you should be doing.
https://helpx.adobe.com/coldfusion/developing-applications/developing-cfml-applications/using-persistent-data-and-locking/configuring-and-using-session-variables.html
Good luck ...