> Here is the situation I am in. I am running IIS4 and CF4. I
> have a site that has its own login page through CF. What I
> want to do is use CGI.AUTH_USER to bypass this page. Some of
> the clients are logged into a NT system and some are not, that
> is the reason for the multiple login areas. If those clients
> are logged into their NT systems I want to be able to grab
> their username to run against our database of users. If they
> are not I just want to show the login template so they can
> enter the username and password that way. I am having
> difficulties figuring out if this is even possible. I
> can not seem to get IIS not prompt the user with the
> username/password dialog box for them to enter their NT
> username and password. What I want to do is just populate
> the cgi variables so I can do the processing through CF
> without creating NT user accounts on the web server for the
> users that will be accessing the site. Is this possible??
There are a couple of things you'll have to keep in mind, and a couple of
issues you'll have to resolve.
1. Of your NT users, are their browsers automatically set to log them in
with their existing credentials? If not, they'll be prompted for an NT
username and password by the browser when they visit the page that requires
web server authentication.
2. You can't set the CGI.AUTH_USER variable yourself.
3. If you use web server authentication on a page, the web server will force
the user through a prompt if that user hasn't already authenticated
themselves, so if you put a form on that page, the user will never see the
form unless they've already passed through the web server authentication.
One thing that comes to mind, that you can do, is direct the user to a web
server authenticated page. If the user then clicks "cancel" because they're
not an NT user, you can have the 401 error messages actually redirect to a
file in IIS. That file must be an HTML file, but it can have a META refresh
tag which redirects the user to a non-authenticated page, which would
contain your form for querying the database. You could have your
authenticated page redirect to that form's action page, which could be
written to query the database with either the form data or the CGI.AUTH_USER
value, although you won't have access to the NT password and would have to
rely solely on the username for your query in this case.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
