We have an intranet protected with challenge response. Off of the intranet
there is a link to APPLICATION-1.
APPLICATION-1 is a CFMX 6.1 app making use of its own login page along with
using cflogin/cfloginuser for security on the application level. All works
fine, unless a user tries to enter APPLICATION-1 from an email link. When
clicking the link, they are first presented with challenge response. Once
they pass that level the app errors out. After reading livedocs and in
particular the section on the point at which cflogin structure becomes
available It seems that the challenge response causes the cflogin structure
to be created, thus the following code bombs out saying that j_username and
j_password are undefined... What I want to happen is even if they are
authenticated via challenge response, they need to still login through the
login form and once they get through that, they are forwarded on to where
they were initially going (in my case, to download a file). I know the setup
is a bit whacky but we are in the midst of re-architecting the
infrastructure, completely moving over to AD etc.... At which point,
hopefully all internal apps can authenticate off that.
What would be the best solution to my problem... Just cfparam the j_username
and j_password form fields so that they wind up ultimately not
authenticating on the application level. There must be a more elegant way to
handle this. I am open for suggestions.
Thanks,
Mike
Code is below (pseudo code)...
<cflogin>
<cfif NOT isDefined("cflogin")>
show login form and abort
<cfelse>
<cfif (Len(Trim(form.j_username)) EQ 0) OR
(Len(Trim(form.j_password)) EQ 0)>
show login form and abort
<cfelse>
<cfif
objAuthentication.login(form.j_username,form.j_password) IS "true">
<cfif (Len(Trim(cgi.query_string)) EQ 0)>
if not trying to go somewhere
specific send them to the APPLICATION-1 landing page
<cfelse>
<cflocation
url=""> addtoken="No" />
</cfif>
<cfelse>
username and or password not found, show
login form and abort
</cfif>
</cfif>
</cfif>
</cflogin>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
