Aug 13
Macromedia have (12th August) just posted bug 53320 and issued a technote accordingly related to the <CFLOGIN> tag and loginStorage=Session advising developers to switch to using the loginstorage=cookie (which is default if no login storage attributes is set) to overcome the problem. The problem lies in the fact that when using session storage and a user logs out <CFLOGOUT> clears the authorisation from the session scope but fails to clear the internal security scope, thus meaning when a user logs out and another user logs in they’d still have the previous users login credentials assigned to them - which isn’t good!!
The full Macromedia technote can be found here.
Recent Comments