Server Settings > Memory Variables
Configure memory variables in ColdFusion Administrator
Memory variables allow your application to persist data globally (application variables) or across user sessions (session variables). Memory variables are useful for maintaining logins, incrementing counters, and other stateful information.
J2EE Session Variables
Enabling J2EE session variables provides more secure session management and allows session sharing between ColdFusion and Java applications. It is recommended to enable this option for better session management. However, it is important to fully test this configuration before deploying to production.
Session Storage Settings
The Enterprise version of ColdFusion offers external session data storage options. Redis is the recommended solution for session data replication across multiple servers. Note that using external session storage requires disabling J2EE session variables.
Maximum Timeout
This setting establishes the upper limit for application and session variable timeouts. It prevents individual applications from setting timeout values that exceed your server's resource constraints.
Default Timeout
This setting defines the default timeout values for application and session variables. It is recommended to set reasonable, shorter timeout limits to conserve server resources. These defaults can be overridden by individual applications as needed.
Session Cookie Settings
It is recommended to enable the HTTPOnly flag for session cookies to enhance security by preventing client-side script access. Additionally, consider disabling ColdFusion's internal cookie manipulation if you are managing cookies directly in your application code. As always, thoroughly test these settings before deploying to production.
Additional Help
Stuck?
Convective can help solve even the toughest ColdFusion issues. We've been doing it for over 20 years. Find out more.