Adobe ColdFusion 8

Managing sessions in Application.cfc

You use the onSessionStart and onSessionEnd methods to configure and manage user sessions; that is, to control resources that are used by multiple pages while a user is accessing your site from during a single browser session. The session begins when a user first requests a page in your application, and ends when the session times out. For more information on Session scope and Session variables, see Using Persistent Data and Locking.

Session resources include variables that store data that is needed throughout the session, such as account numbers, shopping cart contents, or CFCs that contain methods and data that are used by multiple pages in a session.

Note: Do not put the cflogin tag or basic login processing in the onSessionStart method, as the code executes only at the start of the session; it cannot handle user logouts, and cannot fully ensure security.

The following sections describe some of the ways you can use the onSessionStart and onSessionEnd methods. For more information, see the onSessionStart and onSessionEnd entries in the CFML Reference.

Using the onSessionStart method

This method is useful for initializing session data, such as user settings or shopping cart contents, or for tracking the number of active sessions. You do not need to lock the Session scope when you set session variables in this method.

Using the onSessionEnd method

Use this method for any clean-up activities when the session ends. (For information on ending sessions, see Ending a session.) You can, for example, save session-related data, such as shopping cart contents or information about whether the user has not completed an order, in a database, or you can log the end of the session to a file. You cannot use this method to display data on a user page, because it is not associated with a request.

Note: Sessions do not end, and the onSessionEnd method is not called when an application ends. For more information, see the onSessionEnd entry in the CFML Reference.