Authentication

Scott, Andrew Tue, 29 Aug 2000 19:45:23 -0700

I am hoping someone out there can help me with this small to large sized
problem. I am trying to setup a secured site, using IsAuthenticated and
CFAuthenticate. I have a userdirectory that is my_usredirectory, and a
security context called mycontext.

I originally to get things going, setup a username with ascott and was able
to authenticate the user and if I changed the username and password, it
would fail as expected. However I have noticed that these tags are not well
documented, or they behave in abnormal ways.

I have come across this little problem, if I delete this user from
my_userdirectory I am still able to use this username and password to log
in, is there sample code somewhere that I could digest or anyone care to
explain how they use these tags.

The problem is that for some reason although this user is no longer in
my_userdirectory if I do <cfoutput>#AuthenticatedUser()#</cfoutput> after
the authentication it is always displaying ascott, now I have two questions
why is this so and how do I get around this.

Anyone care to comment on the following code:-) This is also in
application.cfm too.

<cfset AS_Username="ascott">
<cfset AS_Password="ascott">

<cfif not isauthenticated("mycontext")>
  <cftry>
  <CFAuthenticate securitycontext="mycontext" username="#AS_Username#"
password="#AS_Password#" throwonfailure="yes" setcookie="yes">
  hhhhhh<p>
  <cfcatch type="security">
   whoops take care of Authentication error:-)<p>
  </cfcatch>
  </cftry>
<cfelse>
 we are already authenticated<p>
 <cfset temp=AuthenticatedUser()>
 <cfoutput>#temp#</cfoutput>
</cfif>

Does anyone have any clues, I wish there was a tag that allowed one to
cancell Authentication easily. I have looked at caches, cookies everything I
can't find where its getting this true state from, there has to be something
I am missing. I just can't seem to find it....


regards

Andrew Scott
ANZ eCommerce Centre
* Ph 9273 0693  
* [EMAIL PROTECTED]

------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Authentication

Reply via email to
