Yes, that is one way to track session tokens, of which CFTOKEN is one. But I can think of a more convenient way.
Enable application and session variables in the ColdFusion Administrator. If you're using Application.cfm, apply something like
<cfapplication applicationTimeout="#createTimespan(1,0,0,0)#" sessionTimeout="#createTimespan(0,0,20,0)#" sessionManagement="yes" loginStorage="session">
If using Application.cfc, apply
<cfset this.applicationTimeout="#createTimespan(1,0,0,0)#">
<cfset this.sessionTimeout="#createTimespan(0,0,20,0)#">
<cfset this.sessionManagement="yes">
<cfset this.loginStorage="session">
Then, if you use <cflogin> and <cfloginuser> to log the user in, ColdFusion will automatically maintain the user's CFID and CFToken as the user navigates from page to page, until the user logs out or until his session expires.
8
Replies
AdChoices