I've been searching Google for this, and I'm finding a lot of information about ColdFusion session variables; but I'm not finding anything (so far) on keeping session variables alive between HTTP and HTTPS, or across sub-domains (ie, from www.domain.com to img.domain.com to vote.domain.com, etc.)
Is there a tutorial or KB on this subject?
How have you set up the session in the CF admin? I.e. are you using J2EE sessions etc.
Are these subdomains located on the same server as the first request? Do they all have the same application name? (setup in the Application.cfc)
There is some examples here - SESSION variables across subdomains. How to make them visible? on how others have done it.
I just received confirmation from our admin that the J2EE session variables are being used.
Subdomains are on same server, same application name.
I am equally concerned about protocols.
Thanks for the link, @tej_web. I should have provided more specifics in my original post.
The link you provided _should_ work, if the CF Server in question is v11 update 5. We have submitted CF11 to testbed, but it will be quite a while before it's approved (IF it's approved.)
We are currently using CF9.0.1 for some sites/apps, and CF10 for the rest.
Why do you think it wont it work in CF 9 or CF 10?
The (currently) last comment by Charlie Arehart.
This is said to be fixed finally in update 5 of CF11. See the "bugs fixed" document linked to from https://helpx.adobe.com/coldfusion/kb/coldfusion-1..., which has a link to the bug report above and indicates it's resolved. (There's no mention of it in the CF10 bugs fixed though. That would be a shame if it was happening in 10 but not fixed in it.)
Are you using domains without a prefix then? Your first post states you are not. If that bug only affects domains without prefix then you shouldnt have a problem.
Also you could just always redirect to www. if no prefix is used. There is a template url rewrite rule in IIS just for that, for example.