This is my current application.cfc..is this all I need ?
<cfcomponent output="no">
<cfset this.name = "my_app">
<cffunction name="onApplicationStart" output="no">
<cfset this.applicationTimeout = createTimeSpan( 7, 0, 0, 0 ) />
</cffunction>
</cfcomponent>
Your line:
<cfset this.applicationTimeout = createTimeSpan( 7, 0, 0, 0 ) />
should not be inside the onApplicationStart function. It should be right next to where you set the application name.
Catching up on the thread from above, your timeclock "application" is sort of a module of the main "application" or site. You don't want users to be logged out after your 4-hour session timeout.
Charlie has done an excellent job explaining session and client variables and the appropriateness of use in this case. Keep in mind that the session timeout counter will reset each time a call is made to the server (either by browsing to a page or any AJAX calls to the server). So as long as the user is doing something periodically, you probably won't hit the session timeout. However, if you want sessions to survive overnight or throughout the week, that is not really how sessions are intended to work (as Charlie stated above).
Do people in your organization leave their browsers open and their computers logged in overnight or continuously throughout a week? (If so, that's probably not optimal behavior from a security standpoint).
There are probably a number of ways to keep users "logged in" via client variables (if you choose to use client variables to solve this, please use a database and DO NOT use the registry - that's the path to serious problems).
AdChoices