EasyCFM.COM ColdFusion Forums / ColdFusion Applications / Login issue witth session

   Reply to Discussion | New Discussion << previous || next >> 
Posted By Discussion Topic: Login issue witth session

remove book mark from this topic Printer-friendly Version  send this discussion to a friend  new posts last

slashwalker
03-06-2008 @ 5:16 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
New Member
Posts: 2
Joined: Mar 2008

Hello Guys,
i have an issue with a login system for an intranet.

<cfcomponent output="false">
  <!--- Application Settings: Session, Script Protection etc.--->
       <cfset this.name = "Intranet">
       <cfset this.loginstorage="session">
       <cfset this.sessionManagement = true>
       <cfset this.scriptProtect = true>
       <cfset this.setClientCookies = true>
       <cfset this.setDomainCookies = true>
       <cfset this.sessionTimeOut = CreateTimeSpan(0,0,30,0)>
       <cfset this.applicationTimeOut = CreateTimeSpan(2,0,0,0)>
       <cfset thisPath = ExpandPath("*.*")>
       <cfset thisDirectory = GetDirectoryFromPath(thisPath)>
            
  <!--- Application starts --->
  <cffunction name="onApplicationStart" access="public" returntype="any" output="yes">
       <cfquery name="application.employees" datasource="intranet">
       SELECT * FROM users
     </cfquery>
     <cfquery name="application.news" datasource="intranet" maxrows="2">
     SELECT * FROM news ORDER BY id DESC
     </cfquery>
     <cfquery name="application.accounts" datasource="intranet">
     SELECT * FROM accounts
     </cfquery>
     <cfquery name="application.kontakte" datasource="intranet">
     SELECT * FROM contacts ORDER BY type, firma, name
     </cfquery>
     <cfquery name="application.marken" datasource="intranet">
     SELECT * FROM trades ORDER BY seit DESC
     </cfquery>
  </cffunction>
  

<!--- Request starts --->
  <cffunction name="onRequestStart" returntype="any" access="public" output="false">
   <cfif structKeyExists(url,"logout")>
<cflogout>
<cfinclude template="login.cfm">
<cfabort>
</cfif>

<cflogin>
<cfif NOT IsDefined("cflogin")>
           <cfinclude template="login.cfm">
           <cfabort>
   <cfelse>
      <cfset theusername=trim(form.j_username)>
      <cfset thepassword=trim(form.j_password)>
       <cfquery name="auth" datasource="intranet">
       SELECT * FROM users WHERE samaccountname='#theusername#' AND password='#thepassword#'
       </cfquery>
                 <cfif auth.recordcount gt 0>
               <cfset session = structnew()>
               <cfset session.givenname = auth.givenname>
                 <cfset session.name = auth.sn>
                 <cfset session.department = auth.department>
                 <cfset session.tel = auth.telephonenumber>
               <cfset session.sam=auth.samaccountname>
                 <cfset session.mail = auth.mail>
                 <cfset session.title = auth.title>
                 <cfset session.area = auth.physicalDeliveryOfficeName>
                 <cfset session.birthday = lsdateformat(auth.description,"dd. mmmm yyyy")>
                <cfif #auth.mobile# NEQ "">
                <cfset session.mobile = auth.mobile>
                 </cfif>
            <cfset session.initials = auth.initials>
             <cfif #auth.department# is "New Media">
               <cfset roles = "admin,orga">
                <cfelseif #auth.department# is "Office">
                <cfset roles = "org,user">
                 <cfelseif #auth.department# is "Manufacture">
                <cfset roles = "manufacture,user">
                 <cfelse>
                <cfset roles ="user">
          </cfif>
       <cfloginuser name="#theusername#" password="#thepassword#" roles="#roles#">
       <cfset session.start=Dateformat(now(),"yyyy-mm-dd HH:mm:ss")>
      <cfquery name="init" datasource="intranet">
   INSERT INTO logfiles (sessionid,start,initials,pages) VALUES ('#session.sessionid#','#session.start#','#session.initials#',"LOGIN")
   </cfquery>
   <cfquery name="session.counter" datasource="intranet">
     SELECT COUNT(id) as counter FROM logfiles
     </cfquery>
          <cfelse>
          <cflogout>
          <cfinclude template="login.cfm">
          <cfabort>
</cfif>
</cfif>
</cflogin>

      </cffunction>
       <!--- Request ends --->
<cffunction name="onRequestEnd" access="public" output="yes">

<cfquery name="pages" datasource="intranet">
SELECT pages FROM logfiles WHERE sessionid='#session.sessionid#'
</cfquery>
<cfset uppages = pages.pages&","&replace(CGI.SCRIPT_NAME,"/","","ALL")>
<cfquery name="log" datasource="intranet">
UPDATE logfiles SET pages='#uppages#' WHERE sessionid='#session.sessionid#'
</cfquery>
</cffunction>
  
</cfcomponent>


The login works. But if session is running out of time and i revisit the website and try to login it throws an session error. It tells me, that session.givenname isn't defined! Sometimes, it also throws an session not valid error.

I tried it the cheap and dirty way:
  <!--- This should never happen...  --->
       <cffunction name="onError" output="no">
    <cfargument name="Exception" required=true/>
    <cfargument type="String" name="EventName" required="true"/>
            <cfif Find("Element GIVENNAME is undefined in SESSION.",Arguments.Exception.Message,0)>
                <cflogout>
            <cflocation addtoken="no" url="index.cfm">
            
   </cfif>
    </cffunction>
This works, but it's ugly. The user tries to login and gets redirected to login form again and can login then.
I don't know what is going wrong. The session vars are used on index.cfm to "say hello" to the user and show his information. I guess, the session doesn't clear at session end or something. Any hints? Thanks in advanced. And Sorry for my english Wink

slashwalker
03-12-2008 @ 8:34 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
New Member
Posts: 2
Joined: Mar 2008

It works now. Seems it was an issue with J2EE Sessions. I turned them off and now it works fine.


Website Designed and Developed by Pablo Varando.