I’m having a weird issue, where I have a HTML/CSS/JS frontend website doing it’s thing, getting data from a CFML backend via an API-call.
It is this website https://ondernemerschap.panteia.nl/ and it gets its data from this API-endpoint: https://api.onderzoek.nl/ondernemerschap/.
Now this works peachy on the DEV-environment and for the most part on the LIVE environment as well, but for some reason the session scope at the CFML-backend is not pertained. NO matter what I do, the session-scope is never adding a session variable to the session-scope. Well, just long enough to set it and give it back to the user when he/she/they click on the “Download rapport” button. That send an API-call to a getToken function, that sets the token in the session scope and returns it in a JSON-data set. This is then used as a payload to the download-function that posts to the API-backend and there the posted token is checked towards the session-token. If they are the same, the download will commence.
On DEV this works peachy, on LIVE I only get the message that the token is not available in the session scope. I’ve set sessionManagement to true, set the clientCookies to true, sessionTimeout to half an hour, but it always returns the same error. What am i doing wrong?
Good to know, session management with exactly the same settings works on every other webapp on the same server, with the same code even. HELP!
Code from Application.cfc:
this.sessionManagement = true;
// this checks if a cookie is created, for bots this will return false and use the low session timeout
this.sessionTimeout = createTimeSpan(0, 0, 0, 2);
if (structKeyExists(cookie, "cfid") || structKeyExists(cookie, "jsessionid")) {
this.sessionTimeout = createTimeSpan(0, 0, 30, 0);
}
In all other webapps the cookie scope and the session scope trigger the wanted behaviour, how come the API-calls on LIVE do not, but on DEV do?
Don’t forget to tell us about your stack!
LIVE
OS: Windows 2019
Java Version: 11
Tomcat Version: 9.086
Lucee Version: 6.0.1.83
DEV
OS: Windows 2019
Java Version: 21
Tomcat Version: 11.06
Lucee Version: 6.2.1.122