Kevin How is CGi.remote_user set?
Kola >> -----Original Message----- >> From: Kevin Graeme [mailto:[EMAIL PROTECTED]] >> Sent: 13 December 2002 16:04 >> To: CF-Talk >> Subject: RE: Login/Password screen >> >> It's not a browser issue so much as on the server. The server stores a >> set >> of cgi.something variables that can be asked for by CF. We used to use >> cgi.auth_user, but when we switched over to Apache, that wasn't a valid >> cgi >> variable anymore. Now we use cgi.remote_user. >> >> -Kevin >> >> > -----Original Message----- >> > From: Kola Oyedeji [mailto:[EMAIL PROTECTED]] >> > Sent: Friday, December 13, 2002 9:36 AM >> > To: CF-Talk >> > Subject: RE: Login/Password screen >> > >> > >> > That's a good idea, does cgi.remoteuser work with all major browsers or >> > just i.e.? >> > >> > Thanks >> > Kola >> > >> > >> -----Original Message----- >> > >> From: Kevin Graeme [mailto:[EMAIL PROTECTED]] >> > >> Sent: 13 December 2002 14:33 >> > >> To: CF-Talk >> > >> Subject: RE: Login/Password screen >> > >> >> > >> Keep in mind that a CF based authentication system is only checked >> > >> against >> > >> if the user hits a CFM page. That's fine for certain types of >> > projects, >> > >> but >> > >> not for actual file security. So if you have a directory of images >> in >> > the >> > >> "secure" area, a person could link directly to an image and bypass >> > the >> > >> login >> > >> altogether because a .gif doesn't reference the Application.cfm >> > first. >> > >> >> > >> We've been using the server level authentication and then using cf >> to >> > >> check >> > >> against the cgi.remote_user to see who it is. That means that ANY >> > attempt >> > >> to >> > >> get in at that protected area has to be authenticated against with >> > the >> > >> server. >> > >> >> > >> -Kevin >> > >> >> > >> > -----Original Message----- >> > >> > From: FlashGuy [mailto:[EMAIL PROTECTED]] >> > >> > Sent: Friday, December 13, 2002 6:43 AM >> > >> > To: CF-Talk >> > >> > Subject: Login/Password screen >> > >> > >> > >> > >> > >> > Hi, >> > >> > >> > >> > I know there are alot of custom tags out there that will do what >> > >> > I'm looking for but I want the best one. So this is why I'm >> > >> > asking all of you hoping you've had >> > >> > some experience with some of them. I'd like everything stored in >> > >> > a database. I know some don't do that. Bascially, once the user >> > >> > enters in their >> > >> > username/password they are redirected to a URL on the server >> > >> > based on the authentication. >> > >> > >> > >> > I have one called <CF_EzPassword> but was wondering if there are >> > >> > any better ones? >> > >> > >> > >> > Thanks >> > >> > >> > >> > >> > >> > --------------------------------------------------- >> > >> > Colonel Nathan R. Jessop >> > >> > Commanding Officer >> > >> > Marine Ground Forces >> > >> > Guatanamo Bay, Cuba >> > >> > --------------------------------------------------- >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> >> > >> > >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
