I think I have discovered a glitch with ColdFusion so please excuse me posting this on Coldbox discussions but I wanted to confirm the problem first.
What is happening is that I set my Application.CFC in the root of my ColdBox app to SessionTimeout after 1 hour. However in ColdFusion Admin (CFIDE) I set the max timeout period to 5 minutes by accident.
The problem came in when my session data dies after 5 minutes when using the ColdBox SessionStorage plugin however the IsUserLoggedIn() is still true. I believe the glitch is that ColdFusion’s isn’t properly handling the session timeout stuff the same way as it does with the rest of the functions.
I am running ColdFusion 9.01 and latest ColdBox github download on Windows 7 64bit everything.
Is anyone able to confirm this? I think you should be able to replicate this by changing Session Timeout (Max) in CFIDE to some period of time lower than what your Application.cfc is set to timeout.
Jeremy R. DeYoung