Ending a J2EE session on the server

Forum|Forum|14 years ago
June 20, 2011
1 reply
765 views

When using J2EE Session Management in Cold Fusion 9.0.1, does the function getPageContext().getSession().invalidate() completely end the current session on the server?The documentation is ambiguous. I want to be absolutely certain to prevent a session being hijacked or reused.

This topic has been closed for replies.

12Robots

Participating Frequently

That's the only way it works. It will not end CF Sessions. Only JEE Sessions, and yes, it ends the session. If you try to revist with those same session tokens you will get an "invalid Session" error.

M

mkane1Author

Inspiring

Thanks, 12Robots. I was reasonably sure, but the documentation seemed ambiguous enough for me to want to verify. Presumably, one of the Adobe team would jump in if this is not correct!

Owainnorth

Inspiring

Presumably, one of the Adobe team would jump in if this is not correct!

Afraid not, Adobe don't really have an active presence on these forums, somewhat oddly.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded