Skip to main content
D
douglas_t
Participating Frequently
September 14, 2018
Question

CF2018 - cflogin or cfthread logging user out

  • September 14, 2018
  • 1 reply
  • 848 views

I upgraded to CF2018 from CF2016, running on a Windows 2016 Server with IIS. I am using subdomains.  Example: A user logs into app.mydomain.com using cflogin and they click a button to create a batch of work to do.  The button click launches an ajax remote call to job.mydomain.com to setup a job queue in the database sets a task in the CF Scheduler.

The scheduler launches the job page on job.mydomain.com that queries the job info.  It knows what subdomain it was from and what user created it, so within a cfthread it executes a remote call to app.mydomain.com and does a cflogin allowconcurrent=true for the userid that was sent.  This way it can know the permissions and whether this user can process it.

In CF 2016 it works great.  Upon upgrading to CF 2018 it logs the user out as soon as the scheduler runs and does the cflogin within the thread.

Does anyone have any idea what might have changed from 2016 to 2018 that may have broken this?  Or any ideas how I can implement so it will work again?

This topic has been closed for replies.

1 reply

D
douglas_tAuthor
Participating Frequently
September 14, 2018

So I found that if I add a unique name to cflogin, then it works as desired.  It is like the allowConcurrent stopped working.  I will have to do some tests to see if that is correct or if something else is going on.

BKBK
Community Expert
BKBKCommunity Expert
Community Expert
September 16, 2018

What do you mean by "add a unique name to cflogin"? What value do you use for the cookie domain attribute?

D
douglas_tAuthor
Participating Frequently
September 19, 2018

Two suggestions:

1) use the cookieDomain attribute, <cflogin cookiedomain="mydomain.com">

2) redesign as follows:

<cflogin><cfloginuser name="email@email.com" permissions="x"></cflogin>

<cfif getAuthUser() is "email@email.com">

<cfthread>

<!--- Business code here --->

</cfthread>

</cfif>


That won't work as the job queue is a totally separate process run on the server and it sends a call to the other domain to run a certain chunk of a task or process.  Each task sets up that user and the permissions so that it knows that they really have permission to do the task.  Anyway, the getAuthUser would always be false.  That is why it was so strange to see the problem.  The client only executes a call to the other domain to let it know that it has an item in the queue to work on, but it starts immediately on it and then logs the client out because it made the call in the thread behind the scenes.  It works totally fine on CF2016, but 2018 it didn't work on development or production, so something changed.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices