We recently moved our ColdFusion 9 website from one server to a new and improved upgraded spec server. The site works great and the upgrades are a huge improvement. However, since the move last Friday we are being flooded with calls to our helpdesk because a user goes to our normal login screen, enters their username and password, successfully login (which I store their last successful login in the account in a database so I know it's passing all login scripts), but when redirected to the "successful login" message screen, it is not holding the session variables from the login page and prompts them to login again. It's a basic form with username and password, a simple query to check for an account with those credentials and then if found sets a session.usauthenticated and then moves them to the next page. This has been working on the old server with no issues. I don't believe it's a coding issue, because on everyone who has called in, if we clear their cache and cookies from the browser and then attempt to login again, it works fine and maintains their session. This has worked on everyone so far. So I'm thinking it has something to do with our users storing cookies from the old server and the new server is trying to access them unsuccessfully.
Is there a way around this? It seems rather odd to me that there isn't an easy way to migrate a website to a new server and treat it as a new website to the user instead of something cached. How can we make our website work for past users without having to have each and every person clear their cache and cookies (we're talking over 300,000 users here so this could get intense). Most users won't know to do this so they are all calling our help desk which is being overrun with these calls right now.
never fails, after you post a question, you find the answer. For anyone else who runs into this, we had to purge all cookie and session data from our users prior to them hitting the login screen. After doing the following code, they were able to successfully login on our new server without having to manually clear their cache and cookies from their browsers.
<cflock scope="Session" timeout="10" type="exclusive">
<cfloop item="name" collection="#cookie#">
<cfcookie name="#name#" value="" expires="now" />