But, aren't cgi variables determined by the server? These are internal apps, LDAP-protected to our employees. They're not designed to be portable. So, I know what server the app is running on. I know when and if a change is made to that server. I do a few apps where I query LDAP directly and use session variables to authenticate. But, for the majority of our apps that are protected to our employees, we just let LDAP take care of it, and I use their username to determine who they are for various functions.
----- Original Message ----- From: "Sean A Corfield" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, September 11, 2003 7:48 PM Subject: Re: Cracking the RDS protocol? > On Wednesday, Sep 10, 2003, at 05:42 US/Pacific, Deanna Schneider wrote: > > "live" (in our case development) server, where we rely on the > > cgi.remote_user variable to determine who someone is. Do you use LDAP > > to > > Unless you are writing code for a very specific environment where you > can guarantee cgi.remote_user will work, I'd be very wary of relying on > any CGI variables... > > Sean A Corfield -- http://www.corfield.org/blog/ > > "If you're not annoying somebody, you're not really alive." > -- Margaret Atwood > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com
