You would be a hundred times better off using an isapi filter to do this.
There are lots out there that can authenticate from a ODBC source ...
Check out http://www.genusa.com/isapi/authfilt.zip for the source code to do
this (from microsoft)
Sometime CF is not always the anwser...
~Justin MacCarthy
----- Original Message -----
From: Olive, Christopher M Mr USACHPPM
<[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, April 27, 2000 3:37 PM
Subject: RE: Directory Security
> there is a performance hit. in my experience, it's negligible.
>
> Chris Olive
> DOHRS Website Administrator
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Dan O'Keefe [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 26, 2000 5:53 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Directory Security
>
>
> To me, when they told me that, I interpreted it as if I place a support
call
> with them and I am routing all htm or html files to the CF dll, they may
> limit their effort in helping to resolve the support call. (Again, my
> Interpretation)
>
> This was during the 2.X days about 3 1/2 years ago, and I did not see much
> point to doing it that way. I inherited a project from a consultant (my
> first CF exposure), and just changed the extensions to .cfm where it was
> necessary. Also, I think somebody else mentioned a performance hit routing
> all page requests through CF.
>
> Dan
>
> -----Original Message-----
> From: Olive, Christopher M Mr USACHPPM
> [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 26, 2000 3:10 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: Directory Security
>
>
> whoops. my bad, nick. i meant to mention that. i've been in 6 hours of
> meeting stoday, i'm a tad brain dead.
>
> and dan, what does that mean? there's nothing for allaire to support,
it's
> an IIS thing, not CF. not that i think you're lying, but i must say, i'm
a
> bit confused as to why allaire would weigh in on this issue.
>
> Chris Olive
> DOHRS Website Administrator
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Dan O'Keefe [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 26, 2000 1:49 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Directory Security
>
>
> I have also been told by Allaire that they do not support this, for what
it
> is worth.
>
> Dan
>
> -----Original Message-----
> From: Nick Call [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 26, 2000 11:33 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Directory Security
>
>
> Keep in mind that this may cause a performance issue. Setting .htm files
to
> read through the CF .dll will cause EVERY .htm request on your site to
route
> through the CF Server, slowing it down a bit. It your traffic is high
> enough, you may notice a difference. Otherwise, continue and ignore my
> babbling.
>
> Good Luck!
> Nick Call
> [EMAIL PROTECTED]
> http://www.accessutah.com
>
>
> ----- Original Message -----
> From: "Olive, Christopher M Mr USACHPPM"
> <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, April 26, 2000 9:36 AM
> Subject: RE: Directory Security
>
>
> > if you're the website admin (have access to the IIS MMC), you can go the
> > properties of your web tsite ->home directory -> Configuration (under
> > application settings) and add
> > .htm mapped to <cold fusion home>\bin\iscf.dll
> >
> > that'll do it.
> >
> > Chris Olive
> > DOHRS Website Administrator
> > [EMAIL PROTECTED]
> >
> >
> > -----Original Message-----
> > From: Jeff Bartlett [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, April 25, 2000 12:45 PM
> > To: '[EMAIL PROTECTED]'
> > Subject: RE: Directory Security
> >
> >
> > How would one go about having HTML requests go throught the CF dll?
> >
> > Jeff
> >
> > > -----Original Message-----
> > > From: Olive, Christopher M Mr USACHPPM
> > > [SMTP:[EMAIL PROTECTED]]
> > > Sent: Tuesday, April 25, 2000 10:27 AM
> > > To: '[EMAIL PROTECTED]'
> > > Subject: RE: Directory Security
> > >
> > > one possible way is to feed all HTML requests through the CF dll.
that
> > > will
> > > invoke application.cfm for HTM files as well as CFM files.
> > >
> > > Chris Olive
> > > DOHRS Website Administrator
> > > [EMAIL PROTECTED]
> > >
> > >
> > > -----Original Message-----
> > > From: Wey Hueymeei [mailto:[EMAIL PROTECTED]]
> > > Sent: Tuesday, April 25, 2000 10:08 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: Directory Security
> > >
> > >
> > >
> > > Hello,
> > >
> > > We have a security system built in application.cfm, which disallow
users
> > > to
> > > access our site without providing valid username and password.
> > > ie. when a user put URL on the location bar, if he has not logged in,
he
> > > would be redirected to the login page first before seeing the actual
> page.
> > >
> > > But we just have a security problem with the system: There is a
> directory
> > > for users to upload files. If the file is not in CFM format, it seems
> like
> > > that the application.cfm cannot do security check. Therefore, if the
> > > person
> > > knows the URL, he could see the page without logging into the system.
> > >
> > > Could anybody help?
> > >
> > > thanks in advance,
> > >
> > > Hueymeei
> > >
> > >
> >
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
