Coldfusion Taffy API returning "Cannot lock session scope" error on all requests

Question

I have a CF11 Enterprise (11,0,19,314546) server which runs on RHEL 7.7. We use Taffy (3.2) as a frontend to a Coldspring IOC library. We recently did some load testing using Locust and now Taffy is getting a CFLock error on any request:

Cannot use cflock to lock the application or session shared scopes without these scopes using the cfapplication tag.

Most other cases I've found on the web are from the app not have session management enabled in the server settings. Which we have never had in the API app. The Coldspring app (which is included as a dependency of the API) does have session management enabled. This leads me to believe it's an issue with Taffy.

We have another app on the same CF instance that is using the Coldspring app just fine. This second app does not have session management enabled.

Here's what I've done so far:

• Restarted CF and the Server

• Enabled session management in the API's Application.cfc (it's never been there and was working without it before)

   this.sessionManagement = true; this.sessionTimeout = createTimeSpan(0, 8, 30, 0);

• Tried different browsers/apps: Chrome, Firefox, Postman

• Cleared caches (template, component, and query) in the administrator
• Set default Client Session storage to “none” and back to “cookie” where it was originally

Any advice would be appreciated, thanks!

Answer 1

So it turns out the issue was we have several Coldspring apps using a single bean definition file. And when that was implemented there were some beans in one app that needed to be exclusive to that app. I'm not sure exactly how that resulted in a cflock error, but that was a red herring it seems.