This content has been marked as final. Show 2 replies
I'll admit I'm not the most educated on application/session management but I'll try and help.
When a user logs into your CF server, it creates the session, which is only for that server. That's probably the issue you're running into when the user jumps from one server to the next. You might want to try using a cookie and CFTOKEN on the login (server A) and then use the application.cfm file on server B and C to check for the existence of the token. If it's there (in the client cookie) then it would allow them access.
---set the application in the application.cfm page on all 3 servers to the same name---
SESSIONTIMEOUT=#CreateTimeSpan(1, 0, 0, 0)#
---then check for the cookie value on each server as well---
<CFIF IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
<CFCOOKIE NAME="CFID" VALUE="#Variables.cfid_local#">
<CFCOOKIE NAME="CFTOKEN" VALUE="#Variables.cftoken_local#">
There might be some yes/no variables in the session management you can set (yes on A, no on B and C) if the above does not work. But with the users jumping across servers, the cookie might be the best answer for you.
Actually, I realized something. You would want to set the setclientcookies only on server A but have B and C check for the cookie.
Hope some of this helps.
> server A has the application.cfm for login.
> from server A , I want to carry the login ID to server B(also has application.cfm)
> or server C(also has application.cfm) without having to login again.
The 3 servers are independent. They don't know anything about each other, and shouldn't. There is a simple solution. It involves a shared database server and passing a unique ID from server A to the others.
When user successfully logs in on server A, give user a random ID, perhaps a UUID from a secure list stored in your database. Use cfhttp and cfhttpparam to post the UUID to the next server, B, say. The code in server B then does a query to verify whether the received UUID is on the list.