Maybe it has something to with this bug: ColdFusion 11.0 - Bug CF-3712083

Comment by External U.

I have attached the sample login app that I am testing it on, if there are any changes to be done to that, do let us know. Could you also provide information about the server configuration,the environment your machine is setup on,the browser details(if problem occurs on only one particular browser or others as well) & log details if any.

Comment by S P.

Just a note to report that I have also ran into this bug. My login code worked correctly with CF8, CF9 and CF10. This issue has only shown up since an upgrade to CF11.

Comment by External U.

I too have this problem. I found a workaround here - http://stackoverflow.com/questions/28874726/coldfusion-user-login-fails-after-session-timeout Though ideally I think it's bug that should be fixed.

Comment by External U.

Hi S Preethi, Another workaround is duplicate the <cflogin>/cflogin(). Example: <cflogin ..> <cflogin ..> When both have allowconcurrent=true (the default), then both will run. isUserLoggedIn() returns YES after the 1st, but the 1st login actually fails. The 2nd runs and logs in correctly. Repro attached as Application.cfc Thanks!, -Aaron

Comment by External U.

Forgot to note: When THIS.loginStorage="cookie", then the issue does not reoccur if an old cfauthorization cookie is still present. Thanks!, -Aaron

Comment by External U.

We sure would like to upgrade to CF11, but this is a showstopper for us. Any status on the progress of resolving this bug?

Comment by External U.

Would those that have responded to this bug that they are having a problem with this issue, please provide the version of CF11 and Update Level they are currently using? Thank you.

Comment by External U.

Here is another Adobe developer working with someone on the same unresolved issue: https://forums.adobe.com/thread/1546486

Comment by External U.

My server has the latest patches and is on CF11. This problem did not occur prior to CF11. It was brought to my attention from another Adobe developer that you were not able to replicate this issue. I have attached an Application.cfc file (named ApplicationTestCFLogin.cfc) to differentiate from the other Application.cfc file that is already attached. The file that I uploaded has the bug that forces a second login. Interestingly, If the page is refreshed after the initial login, then a second login is not prompted. If #createUUID()# is attached to the name, then the login works properly. <cfloginuser name="#form.uName##createUUID()#" password="#form.pWord#" roles="">

Comment by External U.

Hi Preethi, This ticket has been "ToTest/HaveNewInfo" for many months. For repro, please see the attached Application.cfc and my comment on 8:36:32 PM GMT+00:00 May 16, 2015. Thanks!, -Aaron

Comment by External U.

Hi Aaron, This bug was marked for ToFix, after which it came back to me only a few days back to check if the issue was reproducible in another scenario as well. Since it is being reproducible changing the status back to ToFix. Thanks, Preethi

Comment by S P.

Thanks very much, Preethi!, -Aaron

Comment by External U.

The fix will be available in the next ColdFusion release. Thanks!

Comment by S P.

Is that the next hotfix or the next full release?

Comment by External U.

It would be available in the future update for ColdFusion 11. Thanks!

Comment by S P.

Why does this Bug has the "Status: Fixed" ? We do have the same problem with <cflogin> in our production system (CF 11 with Update 6) ! Looking at the article "ColdFusion 11 Update 7 is available for early access" ( http://blogs.coldfusion.com/post.cfm/coldfusion-11-update-7-is-available-for-early-access ) and reading the fixed issues ( https://cfdownload.adobe.com/pub/adobe/coldfusion/PR/11/documentation/update7/IssuesFixed_ColdFusion11_Update7.pdf ) you can seen, that this bug is not fixed in the coming update 7 yet. That's really not good.

Comment by External U.

I agree with Knut. Our developers have waited patiently for this release so that we can upgrade our servers to CF11. When will this fix be released? Thank you.

Comment by External U.

Was this bug fixed in this last hotfix just released because it didn't fix the problem on our test CF11 server? Please let us know the status as this is holding us up to moving to CF11 or future upgrades.

Comment by External U.

We now have to start paying for fixes to the broken CF tags The latest from Adobe: CF12 is not yet out. If you need a hotfix beforehand, then we would need a Support contract for ColdFusion.

Comment by External U.

Hi Preethi, Is the following still true? "It would be available in the future update for ColdFusion 11." Thanks!, -Aaron

Comment by External U.

Last night we've updated our production server to "ColdFusion 11 Update 7" and did some testing. RESULT: The newest "ColdFusion 11 Update 7" still does not fix the <cflogin> problem on our server. Users are still forced to update twice after a session has timeouted.

Comment by External U.

I would like everyone to note the date this was originally reported to Adobe: Created on Wednesday, October 15, 2014 ! That's over a year ago.

Comment by External U.

Hi, The fix for the above would be out in the next update release of ColdFusion11. Also, if you require the fix ASAP do contact cfinstall@adobe.com. Thanks!

Comment by S P.

Hi Preethi, Thank you very much for confirming! -Aaron

Comment by External U.

Thank you, Preethi and Kishore, for making this happen with CF11 and not CF12 as I was told.

Comment by External U.

I'm not certain this is working correctly in Chrome. It fixed it in IE, but not Chrome.

Comment by External U.

I still notice even with the hot-fix applied that the following error is still logged: An error occurred while fetching element from authcache.

Comment by External U.

Is this not fixed until Upgrade 8? If so, it won't work in Upgrade 7.

Comment by External U.

Hi Toby, Is the hotfix that you have applied Update 7? Because in that case it would not work, as the fix would be available in Update 8 of ColdFusion 11. Thanks, Preethi

Comment by S P.

I installed the hot fix (hf1100-CF-3839458.jar) that Vikram sent to me that I requested by emailing cfinstal@...

Comment by External U.

Hi Toby, I have verified the scenario with the provided patch(hf1100-CF-3839458.jar), and with this it does not throw the exception"An error occurred while fetching element from authcache". I have tried it with the 'cfcs' that have been attached in the bug as well as the below attached application that I have used. Can you try clearing the cookies and then run your application to see if it still throws the exception. Also if still are facing the issue, can you share your repro code so that we can verify the same form our end. Thanks, Preethi

Comment by S P.

Hi Preethi, Using my Application.cfc (attached to this ticket), I see: 1) hf1100-CF-3839458.jar patch fixes CF-3839458 (good) 2) "An error occurred while fetching element from authcache" is no longer thrown, when running my repro (good) However, the CF Admin still logs "An error occurred while fetching element from authcache" if CF Admin session expired. Repro: 1) Login to CF Admin 2) Wait a while for CF Admin's session to timeout 3) F5 the CF Admin 4) See "An error occurred while fetching element from authcache" was logged to security.log Thanks!, -Aaron

Comment by External U.

Hi Aaron, We have logged a separate bug #CF-4131007 for the CF Administrator session timeout issue . Thanks, Pavan.

Comment by S V.

Hi Pavan, Thanks very much! -Aaron

Comment by External U.

Verified this is fixed in CF2016 Final (build 2016.0.0.297996). Thanks!, -Aaron

Comment by External U.

Has a hot fix been released for cflogin for CF11 Update 10? If not, this issue should not be set to Closed and Fixed. Is hf1100-CF-3839458.jar patch still available?

Comment by External U.