Websockets extension - get correct session scope?

The session being passed into my websocket listener component methods is sometimes null, and sometimes the incorrect session. I’m noticing that my session.cfid is different than the cookie.cfid being sent in the websocket request header.

This could be related to logging out and/or logging in, and resetting the user’s session. Currently, when I logout, I call SessionInvalidate(), but perhaps I should be doing something different. What I want to do is create a brand new session with a new cfid, and reset all appropriate cookies.

The extension doesn’t have the Session information. It retrieves it by connecting to the Lucee engine and “requesting” a Session object given a known application name and a cfid.

The extension knows the application name from when you call WebsocketServer() to register the listener component, and it takes the cfid from the Cookie that is passed upon handshake.

TBH, I’m surprised that you’re getting null pointers because if a Session doesn’t exist a new one is created.

I would clear all of the browser’s cookies for that domain, restart the servlet container, and try again.