-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There's nothing wrong with Cold Fusion. IIS does any authentication
BEFORE the CFM page is ever called. So if your client send a
username & password back to the server, IE's going to try to verify
the username & password against your NT user database. Since I
assume the usernames AREN'T in the NTLM, then it's going to fail.
The CFM never gets called, so Cold Fusion doesn't have a change.
- -Zac
> -----Original Message-----
> From: Stanislav Maximov [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 02, 2000 10:34 AM
> To: [EMAIL PROTECTED]
> Subject: RE: HTTP Authorization
>
>
> I'm sure it is possible to implement with PHP and Java
> servlets (running
> with Apache) via modifying http headers. So what's a problem with
> Cold Fusion?
>
> > -----Original Message-----
> > From: Rick Osborne [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, August 02, 2000 6:05 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: HTTP Authorization
> >
> >
> > For one thing, it depends on which server you are using.
> If you are using
> > IIS, just forget trying to do Auth with CF. IIS intercepts all
> > attempts to
> > pass authentication and tuns them agains the NT Users
> (local/domain) and
> > silently fails if the account isn't in that space. It never even
> > calls CF.
> > I'm not too sure how it works on Apache, but I think it's
> the same way.
> >
> > You can always write an ISAPI DLL to do your
> authentication, but I don't
> > think that's what you had in mind?
> >
> > -Rick
> >
> > -----Original Message-----
> > From: Stanislav Maximov [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, August 02, 2000 8:04 AM
> > To: [EMAIL PROTECTED]
> > Subject: HTTP Authorization
> >
> >
> > Do anybody have any idea how to make HTTP authorization with CF?
> > I've tried something like this with no success (assuming
> user will enter
> > "user"/"password" as the credentials:
> > ---
> > <cfif Auth_User is "user" and Auth_Password is "password">
> > success!
> > <cfelse>
> > <cfheader name="'WWW-Authenticate" value="BASIC
> > base64encodingofname realm=""Private""">
> > <cfheader statuscode="401" statustext="Unauthorized">
> > </cfif>
> > ---
> > Please tell me were am I wrong?
> >
> > TIA
> >
> > stas@
> >
> > ------------------------------------------------------------------
> > ----------
> > --
> > Archives: http://www.mail-archive.com/[email protected]/
> > To Unsubscribe visit
> >
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
s/cf_talk or
> send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
>
> ------------------------------------------------------------------
> ------------
> Archives: http://www.mail-archive.com/[email protected]/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf
_talk or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.
- ----------------------------------------------------------------------
- --------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
Comment: Please use PGP!!!
iQA/AwUBOYg6NwraVoMWBwRBEQI+fwCfXhODk1SNANFBSKg+dG5uRjmqQToAoJz5
viCDInBPMTWz4Ms49qTyLXrW
=F1vU
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
