Managgin sessions

Suppose you log users in using the formula

<cflogin>
<cfloginuser>
</cflogin>

Suppose also that, in your Application file, you enabled session management and set loginStorage to Sessions. Then, throughout the user's session, the functions getAuthUser() and isUserInRole("role_name") will return values that match, respectively, the name and roles attributes of the cfloginuser tag. You could then implement the following kinds of filter on any page:

<cfif Len(getAuthUser()) NEQ 0>
<!--- code/functionality that requires that user be logged in --->
</cfif>

<cfif getAuthUser() is "Jack">
<!--- code/functionality meant for Jack --->
</cfif>

<cfif Len(getAuthUser()) NEQ 0 and isUserInRole("admin")>
<!--- code/functionality meant for admin users. Assumes that roles
attribute of cfloginuser tag has value that includes admin, for example,
"admin" or "admin,user". --->
</cfif>

Hi,

After your successful login please keep the login information in the session and validate that the login user has the permission to view the link

Ayuso_15 wrote:
how to handle sessions so that can be used managing the aaplication.

To use cflogin as above, it is sufficient to do the following.

1) Enable the use of Application and Session variables in the Coldfusion Administrator;
2) Verify that the cfapplication tag in Application.cfm is something like
<cfapplication name = "your_App_name"
applicationTimeout = "#createTimespan(1,0,0,0)#"
sessionManagement = "yes"
sessionTimeout = "#createTimeSpan(0,0,20,0)#"
setClientCookies = "true"
loginstorage="Session">