session - Losing session in Coldfusion

Question

We have several sites that use sessions to store data. They work perfectly. However, I just created a new site, and its session is reset every time a page loads. So, I can't store the user login.

We're still using application.cfm. In that I have only this:

<CFAPPLICATION
NAME="TestName1"
APPLICATIONTIMEOUT="#CreateTimeSpan(0,8,0,0)#"
SESSIONTIMEOUT="#CreateTimeSpan(0,8,0,0)#"
sessionmanagement="yes"
scriptprotect="all"
setclientcookies="yes">

In a file in the same directory as application.cfm, I have a file called sessiontest.cfm with only this:

<cfdump var="#session#" label="SESSION">
<br /><br />
<cfdump var="#cookie#" label="COOKIE">

On the first run, this is what I saw in the browser loading sessiontest.cfm:

On refesh, this is what I saw:

I can refresh in rapid succession and each refresh starts a new session. The site uses an SSL cert and is run on IIS7, although we have others with the same setup that are working fine, so I'm not sure that would make a difference. Oh, and to make it worse, this doesn't seem to happen for everybody.

Any thoughts what we can change or check to get sessions to stick?

Answer 1

我发现了一个可能更像是一种变通方法的解决方案。我将 application.cfm 更改为：

<CFAPPLICATION
NAME="TestName1"
APPLICATIONTIMEOUT="#CreateTimeSpan(0,8,0,0)#"
SESSIONTIMEOUT="#CreateTimeSpan(0,8,0,0)#"
sessionmanagement="yes"
scriptprotect="all"
setclientcookies="no">

<cfif structKeyExists(session,"cfid")>
    <cfcookie name="cfid" value="#session.cfid#" expires="NOW">
    <cfcookie name="cftoken" value="#session.cftoken#" expires="NOW">
</cfif>

通过自己管理cookie，似乎已经解决了这个问题。但是，我认为@user1800937 的答案可能是更好地解决问题的答案。我只是无法尝试，因为我不管理服务器。

感谢大家的帮助！

Answer 2

我们最近在生产环境中遇到了类似的问题，似乎我们错过了从 2011 年开始在 ColdFusion 9.0.1 上应用热修复。类似的问题可以在http://www.horisk.com/blog/index.cfm/2011/上找到5/19/Session-issues-after-installing-Coldfusion-901-update--OnRequestEnd-behaviour-change

我为 9.0.1 应用了 Cumulative HotFix 4 ，似乎它为我解决了这个问题。

http://helpx.adobe.com/coldfusion/kb/cumulative-hotfix-4-coldfusion-901.html