3 Replies Latest reply on Oct 18, 2007 11:41 PM by Newsgroup_User

    Locking not working?

    emadsen Level 1
      Our application has about 150-200 concurrent users at any given time. We're using session management with the basic CFID and CFTOKEN, which is a UUID. We have an exclusive CFLOCK around the bit of login code that sets their session's user id. We also provide a login option to keep them logged in, which when set is a cookie of their password hashed. If their session has expired and they have this cookie we pass them through the login procedure.

      All of this works fine until we restart the ColdFusion (8) server. It seems as soon as we do this at least a few of the people sitting there refreshing and waiting for the app to come back up get the wrong login credentials and end up logged in as someone else. It's very disconcerting.

      Does anyone have any suggestions to avoid this happening? I thought the exclusive lock would be all we needed.
        • 1. Re: Locking not working?
          Grizzly9279 Level 1
          I'm not sure if I understand completely...are you saying that if a user logs in, and than waits...and you restart the ColdFusion server, on their next request they appear to have assumed someone elses session?

          Session data cannot persist between server restarts, since session data is always stored in memory on the ColdFusion server.

          Have you looked into using "client" vars at all?
          • 2. Re: Locking not working?
            emadsen Level 1
            No, that's not what I am saying. It seems that when the server is down, all the people who have the auto-login cookie seem to cross paths and get logins mixed up when I bring the server back up.
            • 3. Re: Locking not working?
              Level 7
              It's probably difficult to say much about this unless we can see the
              relevant code.

              Even if it's just a behavioural change between CF versions, it'll be easier
              to work out what it is with some code.