One way I've done it is to make all operations queries, except for writes of
course. If you just need to perform an authentication, request some
attribute like "firstname" and pass the username/password. If the request
returns an error or nothing at all then you know that the login information
was bad. You need to be absolutely positive that the target attribute will
always be populated if you are going to test the return value to validate.
Otherwise you may receive false negatives.
Steve
-----Original Message-----
From: Reed Powell [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 13, 2000 9:03 PM
To: [EMAIL PROTECTED]
Subject: CFLDAP & SSL
Hello everyone, this is round two of questions on my CFLDAP trek; thanks for
the responses to
my initial post last week. I've since upgraded to 4.5.1, so I now have the
SECURE attribute for CFLDAP at my disposal, for an SSL connection. This
(SSL connection) is what I needed to connect to the LDAP server to do
authentication, because the moved the LDAP servers from NT to Linux to get
away from a security hole in NT (the same hole that let my authentication
work ok in that past!). Here's the glitch. The LDAP server doesn't make
use of a certificate if I'm only doing authentication (as opposed to making
an update to the LDAP data). However, CFLDAP requires the certificate
information if I include the SECURE attribute. Is there any way to have CF
not want to see the certificate database when I call CFLDAP?
thanks
-reed
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
