[coldbox-5.0.0-rc.1] Disabling

Communities ColdBox HMVC
1

I am attempting to disable coldfusion’s session and client management for a coldbox application.

I updated my Application.cfc with

`

this.clientManagement = false;
this.sessionManagement = false;
this.setClientCookies = false;

`

And I updated my coldbox/config.cfc like so

`

flash = {
scope = “cache”
};

`

However, when I actually run the app I get the following error

# The requested scope session has not been enabled.
Before session variables can be used, the session state management system must be enabled using the cfapplication tag.

The error occurred in G:/apps/lib/Coldbox/5.0.0-rc.1/system/web/flash/ColdboxCacheFlash.cfc: line 45 |

The function that is erring looks like

`

function getFlashKey(){
var prefix = “cbFlash:#application.applicationname#”;

// this is if is the line that barfs
// specifically, it breaks on the structkeyexists call
// session is defined but it errors if you access it

// Check jsession id First
if( isDefined( “session” ) and structKeyExists( session, “sessionid” ) ){
return “cbFlash:” & session.sessionid;
}
// Check normal cfid and cftoken in cookie
else if( structKeyExists( cookie, “CFID” ) AND structKeyExists( cookie,“CFTOKEN” ) ){
return prefix & hash( cookie.cfid & cookie.cftoken );
}
// Check normal cfid and cftoken in URL
else if( structKeyExists( URL, “CFID” ) AND structKeyExists( URL,“CFTOKEN” ) ){
return prefix & hash( URL.cfid & URL.cftoken );
}
// check session URL Token
else if( isDefined( “session” ) and structKeyExists( session, “URLToken” ) ){
return prefix & session.URLToken;
} else {
throw(
message = “Cannot find a jsessionid, URLToken or cfid/cftoken in the cookie scope. Please verify”,
type = “ColdboxCacheFlash.CFIDException”
);
}
}

`

I know very little (nothing) about how the flash scope works in coldbox but looking at this code I’m not sure how it would work if you have session/client management disabled and have set coldbox to use the cache for flash persistence.

Can someone help me understand what I’m missing? Does this mean that Coldbox depends on session/client management being enabled?

2

If you disable the sessions scope in ColdFusion you simply need to configure the flash storage to store somewhere else. Like Client.

https://coldbox.ortusbooks.com/digging-deeper/flash-ram/flash-storage#configuration

3

If I’m not mistaken that is what the flash configuration in the coldbox.cfc is for right? I have that set to “cache” per my first post, but am still running into issues.

I guess part of my point though is that I’m not sure how it would work in the first place because the framework code that I posted earlier appears to error when session is disabled. Unless getFlashKey() isn’t supposed to be called when session is disabled and I simply have something misconfigured.

4

Not sure right off. I’d say you either have the config wrong or this is a regression in ColdBox 5. Perhaps ColdBox 5 is creating the flash storage before it reads the config? You can debug it yourself or put in a ticket and Luis can look into it. Not many people have sessions turned off so I could see it being a bug that went unnoticed.