My user comes from a third-party site via an http message with credentials encrypted in the URL.
As soon as index.cfm recognizes these variables, it sends a request:
<cflocation url="login.cfm?vals=#URLEncodedFormat(url.vals)#" addtoken="yes">
When registering credentials, login.cfm builds a session structure.
Session.user.userID = 1; Session.user.firstName = "jo"; Session.user.lastName = "boo";
Then he does the following:
<cflocation url="somepage.cfm" addtoken="yes">
When I unload the session variable in somepage.cfm, I don't see struct session.user. In addition, I continue to see different cfid, cftoken on somepage.cfm each updated. I am in ColdFusion 10.
Any ideas? How can I save session.user?
Edit: application.cfc has
this.name = "My Application"; this.applicationTimeout = createTimeSpan(0,2,0,0); this.clientManagement = true; this.loginStorage = "session"; this.sessionManagement = true; this.sessionTimeout = createTimeSpan(0,0,30,0); this.setClientCookies = true; this.setDomainCookies = false; this.scriptProtect = "all"; this.javaSettings = {LoadPaths = ["#GetDirectoryFromPath(GetCurrentTemplatePath())#java/"], reloadOnChange=true, watchInterval=180};
EDIT: here are the files http://1drv.ms/1kjnQO2
Unzip them to the folder C: \ ColdFusion10 \ cfusion \ wwwroot \
then go to:
http://localhost:8500/test/call.cfm
EDIT: 19:00 - June 10:
Wow, it really sucked! I came home, downloaded the zip code, opened it on the local host. When I start, I can see session.user variables from call.cfm.
<cfdump var="#server#">
gives me:
coldfusion struct InstallKit Native Windows appserver J2EE expiration {ts '2012-10-30 10:35:35'} productlevel Developer productname ColdFusion Server productversion 10,0,0,283111 rootdir C:\ColdFusion10\cfusion
I'm not sure if this has anything to do with the CF server version.
UPDATE: 09:00 on June 11th. Once I turn off "Use J2EE Session Variables" in CFAdmin, session variables are visible to call.cfm. Now I have to get it to work with J2EE session variables when they are turned on.