It sounds like cookies are not being saved. It could be that a
firewall is stripping them out. The first thing to try would be a
different Web browser to see if the problem remains. If the problem
goes away then it is likely an issue with one of the browser settings.
Another easy thing to check would be the session settings in CFAdmin.
Maybe the timeout is too low.
For more complex troubleshooting, I would run a tool like Live HTTP
Headers or Fiddler to inspect the raw HTTP traffic and make sure the
cookie values are being sent back and forth.
This is an interesting issue--has it afflicted you always or just recently? Given that this is ColdFusion 8.0 and the installer for ColdFusion 8.0.1 has been the only ColdFusion 8 installer available for about 2.5 years, I'm guessing this just cropped up. So if that's true, what changed?
Regardless, though I don't know if it will help this issue, we do very much encourage all ColdFusion 8.0 users to...upgrade to ColdFusion 9.0.1! Well, okay, if you're not going to do that, we encourage you to update to ColdFusion 8.0.1 as you have on your other server. And while you're at it, check out the ColdFusion 8 security bulletins at http://www.adobe.com/support/security/#coldfusion--these are critical!
We just copied over code from the other server since we are updating to a new design and this design has a admin area which admins log into. That is when we found out about this weird issue. We are getting CF9 but maybe in the meantime I will talk to our server admins to get it patched 8.0.1 and see what results I get. Thanks Josh!
The cookies between the two servers are different. The one that works has more session information such as HasSessionScope true while the one that doesn't work has just cfid and cftoken defined. The CFAdmin session timeout is default to 20 mins and havn't touched it since installation. Thanks Mike!
It's not entirely clear whether this is sorted or not, but in case it's not or for future reference, I had this issue the other week. Turned out that Client Management in CFAdmin was still set to Registry, and the user CF was running as did not have access to the Registry, hence every page hit got a new ID.
Changed it to use a database for Cfclientstore, job done.
I tried setting up storing the client vars in a database and no luck. Thanks for the idea though.
Since this works on 8.0.1 version I am just going to patch the server. I want to believe this is a bug in the 8.0 version and was answered with the released patch. Thanks for all the inputs!
Are you having issues with client variables or session variables? If
you are not using client variables in your site you should turn them
off to simplify the troubleshooting. I see many sites with client
variables turned on, but very few sites actually use them.
Hi all, I work with Kevin. I had the server guys update Coldfusion to the 8.0.1 and all the patches. Still didn't work. I put in a ticket to have the crappy IE8 browser rolled back to IE7. Today they came and completed that IE8 is gone. We're running IE7 now. We're using same code as on other network. All the settings in CFADMIN match perfectly. So what gives? Session variables still don't persist from page to page. The thing Kevin and I see is the CFID and CFTOKEN changing.
If "" is checked in the CF Admin, I believe you'll get a new CFIDE and CFTOKEN on every request.
Also realize that the Browser and it's settings can affect the generation of CFID and CFTOKEN values.
These values are, usually, set as cookie values. IF the browser, or anything between the browser and the server (virus|malware interceptors, proxy servers, etc) prevent these cookies from being saved and returned to the server with future requests, the server will generate a new set of values and return them to the client.
When diagnosing this type of difficulty one must follow the requests completely from one end of the conversation to the other... application server all the way to the client browser and back.
Yeah, according to the CF 9 LiveDocs (http://bit.ly/cKprqn):
"If you use J2EE session management, the Session scope does not include the Session.CFID or Session.CFToken variables, but does include the Session.URLToken and Session.SessionID variables. In this case, the Session.SessionID is the J2EE session ID and Session.URLTokenjsessionid= followed by the J2EE session ID."
It also states that CFIDE and CFTOKEN are use in "ColdFusion session management only" (and not J2EE session management)
This may not be your problem, but I thought I'd throw it out there to help troubleshoot.
Session variables are associated with the browser using cookies, by default. So, it sounds to me like either the cookies aren't being set by the server, or they're not being returned by the browser. You can use a tool like Fiddler2 or HTTPWatch with IE to view HTTP traffic.
If the cookies aren't being set by the server, you may have turned that functionality off in your CFAPPLICATION tag (Application.cfm) or application properties (Application.cfc). If the cookies aren't being returned by the browser, you may have some settings in IE preventing this.
If you're using J2EE sessions, as someone else mentioned, you should see a JSESSIONID token instead. However, I don't think you'd see CFID and CFTOKEN at all in that case.
Dave Watts, CTO, Fig Leaf Software
Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on
GSA Schedule, and provides the highest caliber vendor-authorized
instruction at our training centers, online, or onsite.