I would look at what:
authresult.auth is returning. Maybe its returning false. Does
cntauthenticate require domain.local or just domain. As my cf server is not
a member of the domain I can't test it out.
I tried this using <cfldap not sure how "correct" it is. By default a user
account in Active Directory will have permission to query ldap. So
technically you could run the first query with the posted values and it
could be used to authenticate. This worked for me on our domain both ways.
<form action="ldap.cfm" method="post">
Username: <input type="text" name="uid" value=""><BR>
Password: <input type="password" name="password" value=""><BR>
<input type="submit" name="submit" value="Log In"><BR>
</form>
<cfif isDefined("submit")>
<cfset root = "ou=Users,ou=Comapny,dc=domain,dc=local" />
<cfset uid = "#form.uid#" />
<cfset password = "#form.password#" />
<cfset servername = "domainController.local" />
<cfset attributes = "uid,dn,sAMAccountName" />
<cfset filter = "(&(objectclass=*)(sAMAccountName=#uid#))" />
<cfset LDAP_username = "administrator" />
<cfset LDAP_password = "adminPassword" />
<cfset UserSearchFailed = false>
<!--- Query to see if the user exists --->
<cftry>
<cfldap action="QUERY" name="userSearch"
attributes="#attributes#" start="#root#" server="#servername#"
filter="#filter#"
username="#LDAP_username#"
password="#LDAP_password#">
<cfcatch type="Any">
<cfset UserSearchFailed = true>
</cfcatch>
</cftry>
<!--- If usersearch failed or returns 0 rows abort --->
<cfif NOT userSearch.recordcount OR UserSearchFailed>
<cfoutput>No user by this uid exists.</cfoutput>
<cfabort>
</cfif>
<!--- Use the userid and password to run a 2nd query to see
if there user/pass is valid --->
<cftry>
<cfldap action="QUERY" name="userSearch"
attributes="#attributes#" start="#root#" server="#servername#"
username="#userSearch.dn#"
password="#password#">
<cfcatch type="Any">
<cfoutput>Bad Password for user or security
settigns preventing user from querying LDAP</cfoutput>
<cfabort>
</cfcatch>
</cftry>
<cfoutput>Authenticated.</cfoutput>
</cfif>
-----Original Message-----
From: Scott Williams [mailto:[EMAIL PROTECTED]
Sent: Friday, 21 September 2007 5:16 AM
To: CF-Newbie
Subject: RE: Login using Windows Authentication
Hi Paul
Thanks for the response. I did find some examples using the
cfntauthenticate tag and I had it working, but now it just stops at the
login_action.cfm page.
I have a login page which is just a form with the username, password and
domain. Below is the login_action.cfm page.
====================
<!--- The cflogin body code runs only if a user is not logged in. --->
<cflogin>
<!--- cflogin variable exists only if login credentials are
available. --->
<cfif NOT IsDefined("url.login")>
<!--- Show a login form that posts back to the page whose
request
initiated the login, and do not process the rest of this
page. --->
<cfinclude template="login.cfm">
<cfabort>
<cfelse>
<!--- Trim any leading or trailing spaces from the username and
password
submitted by the form. --->
<cfset theusername=trim(form.j_username)>
<cfset thepassword=trim(form.j_password)>
<cfset thedomain=trim(form.domain)>
<cfntauthenticate username="#theusername#"
password="#thepassword#"
domain="#thedomain#" result="authresult" listgroups="yes">
<!--- authresult.auth is True if the user is authenticated. --->
<cfif authresult.auth>
<!--- Log user in to ColdFusion and set roles to the user's
Groups. --->
<cfloginuser name="#theusername#" password="#thepassword#"
roles="#authresult.groups#">
<cflocation url="index.cfm">
<cfelse>
<!--- The user was not authenticated.
Display an error message and the login form. --->
<cfoutput>
<cfif authresult.status IS "AuthenticationFailure">
<!--- The user is valid, but not the password. --->
<h2>The password for #theusername# is not
correct<br>
Please Try again</h2>
<cfelse>
<!--- There is one other status value, invalid user
name. --->
<H2>The user name #theusername# is not valid<br>
Please Try again</h2>
</cfif>
</cfoutput>
<cfinclude template="login.cfm">
<cfabort>
</cfif>
</cfif>
</cflogin>
=========================================
<cfntauthenticate username="#username#" password="#password#"
domain="#Domain#" result="loginResult" listgroups="yes"> should work if
the cf server is a member of the domain you are trying to Autenticate
against.
If not <cfldap tags will be able to do the rest of the calls. I haven't
had alot of experience with this myself and I'm not sure if how I was
doing it was best practise. I will try look for my code for you. ( cf
box is not a member of the domain in my case ).
-----Original Message-----
From: Scott Williams [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 18 September 2007 10:52 PM
To: CF-Newbie
Subject: Login using Windows Authentication
Hi,
I am a newbie to Cold Fusion and not really a developer, but I am trying
to find a way to create a login page that will use windows
authentication in order to log into a custom web application.
I'm not really sure where to start, so any tips in the right direction
would be appreciated.
Thanks,
Scott
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8
Archive:
http://www.houseoffusion.com/groups/CF-Newbie/message.cfm/messageid:3066
Subscription: http://www.houseoffusion.com/groups/CF-Newbie/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
