Creates a new session (using new session ids) and copies session scope into this new session, then invalidates the old session. Used after a valid login to prevent session fixation.

sessionRotate() → returns void



Version 10+ Does not rotate jsessionid when JEE sessions are enabled, only works with ColdFusion sessions (CFID,CFTOKEN).

Links more information about sessionRotate

Sample code invoking the sessionRotate function

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub