cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

deauthenticate?

Guest
Nov 16, 2009 Nov 16, 2009

We want a user to have to relog in after session variable times out. We can get that to work but the user is still authenticated when returned to the login page.

Is there a way to deauthenticate the user by the time they get to the login page ?

549
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 3 Replies 3
latest latest Jump to latest reply
whoisit28
New Here ,
Nov 16, 2009 Nov 16, 2009

can't you just structdelete those on the login page before you do anything else?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Nov 17, 2009 Nov 17, 2009
In Response To whoisit28

Sorry I don't understand. Will deleting the session struture deauthenticate the user?

The session structure has a timeout set in the cfapplication tag -  sessionmanagement="yes" and createtimespan(0,0,30,0).

The first template after the login page assigns the structure's 1 key to a value and then every other template starts out by checking if structkeyexists(session,"thestruct.thekey"). If it returns true, the assignement is refreshed and if it returns false, the user is cflocated to the login page. The user is still authenticated when cflocated and am being told this is a security problem.

DOes cflogout deauthenticate the user ????           I have been told not to try it since the tag might be "destructive" and we have no test area right now.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Daverms
Advocate ,
Nov 17, 2009 Nov 17, 2009
LATEST
In Response To Deleted User

Hi lwfg,

You need to use the StructClear function in that case.

You can terminate the login session like this (before using the <cflocation> tag),

<cfset StructClear(session)>

HTH

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices