http://coldfusion.com logo
Join Slack
Powered by
Daft question (google ain't helping me) how is the...
# lucee
a
Daft question (google ain't helping me) how is the 
session.sessionid
value derived in Lucee? Looks to be something like... 
[application_name]_[a GUID]_0
. Is there anything more I should know beyond that?
Secondly, if 
sessionmanagement
is on, is there ever a situation where 
session.sessionId
does not get set?
f
I suppose one case would be in the psudo constructor of your Application.cfc since it would not know if you have yet set this.sessionManagement - I haven’t tested that claim, but logically it would make sense for it to not be available yet
also not sure about 
onApplicationStart()
if it fires before 
onSessionStart()
then perhaps it’s not there yet
and one last thing I’d check would be after you call 
sessionInvalidate()
I think it clears the session scope, but it’s been a while since I’ve checked the details on that.
so for the remainder of a request after you call sessionInvalidate() you shouldn’t try to use anything in the session scope
z
yep, coz sessions are tied to applications, the 0 is the cftoken which in lucee is always 0
1
a
Cool thanks man. For belt 'n' braces, I'm using 
session?.sessionid
anyhow. It's just for some logging, and it's not the end of the world if it ain't there.
l
any idea when 
onSessionEnd
will be functional again? https://luceeserver.atlassian.net/browse/LDEV-3264
a
Wow. And it's been broke for a year. 😕
l
yeah... got nailed on an application pen-test last week and some of the things I thought were being cleaned up in the function really were not. It's an internal web application so the vector opened up because of this wasn't terrible... but I was personally rather embarrassed that I had never realized some of the session manipulations I was doing weren't ever happening!
z
Thanks for pointing it out, added to 5.3.9 sprint
2
@leftbower with cfml or j2ee sessions?
l
j2ee
@zackster.105 tested and working as expected. Thank you!
Open in Slack
PreviousNext
Powered by