> You might get concurrent session variable accesses if a user double clicks > a link (generating two http requests), or if someone publishes a URL that > has CFID and CFTOKEN in them, everyone would be in the same session okay, pete, thanks, i can dig that it still does not explain why i have to *lock* the read of the session variable wouldn't all reads get the same value? obviously i am super dense today rudy