Session variable assingment issue

Report · Jun 16, 2009

I am having issues with Session variables since I am not able to set a session variable. My company Intranet page checks for a session variable and then allows users to login. Please if any one can help me with code or guide what I am doing wrong.

I have tried updating session variable in application.cfm but so far no luck..

Auth.cfm

<cfapplication name="LID"

ClientManagement="No"

SessionManagement="Yes"

SessionTimeout="#CreateTimeSpan(0,0,30,0)#"

SetClientCookies="No">

</cflock>

<cfset Session.USERID= "Request.ses.LID"> ( Session.USERID is set to check user and allow their access)

Report · Jun 17, 2009

You have SetClientCookies="No" in your cfapplication tag (btw: the

cfapplication tag is usually in Application.cfm so it's executed on

every page request). This means that the necessary cookies (CFID and

CFTOKEN) are not set automatically and it's your responsibility to

make sure they exist on every request (as Cookies, URL or FORM

parameters).

Make sure that CFID and CFTOKEN keep their value between page requests

(a simple way to do that would be to cfdump Cookie, Url and Form in

Application.cfm and click a few links in your application).

Mack

Report · Jun 17, 2009

Hello

I am attaching my codes and this time I defined my session in Application.cfm , please let me know If I am missing any thing.

I did not use CFID and CFTOKEN any where in my coding , would my session take care of automatic defination of CFID and CFTOKEN or I have to define and put values in it.

I have also used Cfdump and it shows me these values (ss=username ).

LOGIN <

struct
lid	ss
sessionid	d230101890a1be202faf742347547313157b
urltoken	CFID=2115&CFTOKEN=15514850&jsessionid=d230101890a1be202faf742347547313157b
userid	ss

So I am able to get loginId info into "lid" so it should assign values into Session.USERID in Security.cfm. I can use session.sessionID if it is easy to get values. Please review and suggest me something since I am new at CF and trying not to spend too much time on sessions.

My Application.cfm looks like this:

<CFAPPLICATION NAME="WebReports"
SESSIONTIMEOUT=#CreateTimeSpan(0, 0, 600, 0)#
SESSIONMANAGEMENT="yes"

ClientManagement="Yes"

SetClientCookies="No">

And Security.cfm

Login.cfm

<cflock scope="session" timeout="30" type="ReadOnly">
        <cfset Session.LID="#Form.j_username#">(Login name should be assinged to Session so that security.cfm passes and allows me to login to webreports)
        <cfset Session.USERID= "#Session.LID#">
        <cfdump var="#session#" >

</cflock>

Report · Jun 18, 2009

I did not use CFID and CFTOKEN any where in my coding , would my session take care of automatic defination of CFID and CFTOKEN or I have to define and put values in it.

The are automatically assign to session scope unless you overwrite it.