ColdFusion MX and sessions

Hi all. Every time I think I've turned the corner with MX, it bites me in the rear. OK Batman. Riddle me this: How in the world do you keep a session alive in CFMX when... A) Cookies are disabled and B) You move from one domain to the other ??? I have 3 situations with my shopping cart. 1) When a person has cookies disabled I add cfid and cftoken to the URL. This has worked fine to keep the session alive since 4.01. 2) When a person clicks checkout, I change the URL to the secure URL and add cfid and cftoken to the URL. Since it goes to a page under the same cfapplication tag with the same application name, the session stays alive, since 4.01. However, neither of these work in CFMX. HOW do I keep a session alive under these 2 conditions. It shouldn't be brain surgery. One thing I HAVE noticed is that sometimes there is a JSESSIONID cookie set. So I passed that value in the query string also, but to no avail. 3) Occasionally, on a redirect, I get that nasty, UGLY JSESSIONID URL parameter. I say UGLY, because it doesn't create a query string. It makes it like... www.domain.com/page.cfm;JSESSIONID=987908979808758 WHAT is that and HOW can I make it stay away? Thanks! -- Bud Schneehagen - Tropical Web Creations _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ ColdFusion Solutions / eCommerce Development buddy@twcreations.com http://www.twcreations.com/ http://www.cf-ezcart.com/ 954.721.3452

----- Excess quoted text cut - see Original Post for more ----- That's the J2EE session ID. You can use J2EE sessions and session IDs instead of "traditional" CF session IDs (CFID & CFTOKEN). There's an option in the CF Administrator to enable this. You might want to turn this off; if you do, I'd expect everything to just work fine for you. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444

On 3/6/03, Dave Watts penned: >That's the J2EE session ID. You can use J2EE sessions and session IDs >instead of "traditional" CF session IDs (CFID & CFTOKEN). There's an option >in the CF Administrator to enable this. You might want to turn this off; if >you do, I'd expect everything to just work fine for you. It's not my server. This is a canned application that has to run everywhere. Most I can do is change the code (somewhat) based on the CF version. By reading the macromedia site (if I read it right), they say you can use #urltoken#, as in... test.cfm?#session.urltoken# Which will pass... test.cfm?cfid=123456&cftoken=535353535 as normal, but will also add... &jsessionid=8765231541652626 Which it does. However, with cookies disabled, the session does not stay alive. Please, tell me what I need to pass in the URL string to keep a session alive with cookies disabled. Can it be done with CFMX? -- Bud Schneehagen - Tropical Web Creations _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ ColdFusion Solutions / eCommerce Development buddy@twcreations.com http://www.twcreations.com/ http://www.cf-ezcart.com/ 954.721.3452

Bud, It all depends on what you have enabled in you application. You can use J2EE sessions and enable client state management too in CFMX. They are different things in CFMX..populates different variables. If you are using J2EE Sessions.. you dont need to track CFID or CFTOKEN... they are not part of the session anymore. To use sessions without cookies.. take a look at.. Take a look at URLSessionFormat(request_URL) http://livedocs.macromedia.com/cfmxdocs/CFML_Reference/functions-pt2113.jsp#4471249 Hope this helps Joe Eugene > Hi all. Every time I think I've turned the corner with MX, it bites me in the rear. OK Batman. Riddle me this: How in the world do you keep a session alive in CFMX when... A) Cookies are disabled and B) You move from one domain to the other ??? I have 3 situations with my shopping cart. 1) When a person has cookies disabled I add cfid and cftoken to the URL. This has worked fine to keep the session alive since 4.01. 2) When a person clicks checkout, I change the URL to the secure URL and add cfid and cftoken to the URL. Since it goes to a page under the same cfapplication tag with the same application name, the session stays alive, since 4.01. However, neither of these work in CFMX. HOW do I keep a session alive under these 2 conditions. It shouldn't be brain surgery. One thing I HAVE noticed is that sometimes there is a JSESSIONID cookie set. So I passed that value in the query string also, but to no avail. 3) Occasionally, on a redirect, I get that nasty, UGLY JSESSIONID URL parameter. I say UGLY, because it doesn't create a query string. It makes it like... <a target=_blank href="http://www.domain.com/page.cfm;JSESSIONID=987908979808758">www.domain.com/page.cfm;JSESSIONID=987908979808758</a>; WHAT is that and HOW can I make it stay away? Thanks! -- Bud Schneehagen - Tropical Web Creations _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ ColdFusion Solutions / eCommerce Development buddy@twcreations.com <a target=_blank href="http://www.twcreations.com/">http://www.twcreations.com/</a>; <a target=_blank href="http://www.cf-ezcart.com/">http://www.cf-ezcart.com/</a>; 954.721.3452