It's not a browser issue so much as on the server. The server stores a set of cgi.something variables that can be asked for by CF. We used to use cgi.auth_user, but when we switched over to Apache, that wasn't a valid cgi variable anymore. Now we use cgi.remote_user.
-Kevin > -----Original Message----- > From: Kola Oyedeji [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 9:36 AM > To: CF-Talk > Subject: RE: Login/Password screen > > > That's a good idea, does cgi.remoteuser work with all major browsers or > just i.e.? > > Thanks > Kola > > >> -----Original Message----- > >> From: Kevin Graeme [mailto:[EMAIL PROTECTED]] > >> Sent: 13 December 2002 14:33 > >> To: CF-Talk > >> Subject: RE: Login/Password screen > >> > >> Keep in mind that a CF based authentication system is only checked > >> against > >> if the user hits a CFM page. That's fine for certain types of > projects, > >> but > >> not for actual file security. So if you have a directory of images in > the > >> "secure" area, a person could link directly to an image and bypass > the > >> login > >> altogether because a .gif doesn't reference the Application.cfm > first. > >> > >> We've been using the server level authentication and then using cf to > >> check > >> against the cgi.remote_user to see who it is. That means that ANY > attempt > >> to > >> get in at that protected area has to be authenticated against with > the > >> server. > >> > >> -Kevin > >> > >> > -----Original Message----- > >> > From: FlashGuy [mailto:[EMAIL PROTECTED]] > >> > Sent: Friday, December 13, 2002 6:43 AM > >> > To: CF-Talk > >> > Subject: Login/Password screen > >> > > >> > > >> > Hi, > >> > > >> > I know there are alot of custom tags out there that will do what > >> > I'm looking for but I want the best one. So this is why I'm > >> > asking all of you hoping you've had > >> > some experience with some of them. I'd like everything stored in > >> > a database. I know some don't do that. Bascially, once the user > >> > enters in their > >> > username/password they are redirected to a URL on the server > >> > based on the authentication. > >> > > >> > I have one called <CF_EzPassword> but was wondering if there are > >> > any better ones? > >> > > >> > Thanks > >> > > >> > > >> > --------------------------------------------------- > >> > Colonel Nathan R. Jessop > >> > Commanding Officer > >> > Marine Ground Forces > >> > Guatanamo Bay, Cuba > >> > --------------------------------------------------- > >> > > >> > > >> > > >> > > >> > > >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com
