I had this bit of LDAP authentication I was working on, and had it working at
one point, but then got sidetracked on other projects. Now that I'm back to
looking at it, it doesn't seem to work. The login box pops up several times
and eventually finished tellimg me "Not authorized". Doing some basic
debugging, it doesn't look like the page is ever creating the cflogin
structure; the first cfif is never true.
I've taken just the LDAP portion out and tested it in a seperate page and it
performs as expected (throws an error on incorrect login, is fine on correct
login).
Here is the code:
<cfapplication name="security">
<cflogout>
<cflogin>
<cfif IsDefined( "cflogin" )>
<cftry>
<cfldap action="QUERY"
name="auth"
attributes="cn"
start="REMOVED"
server="REMOVED"
username="#cflogin.name#"
password="#cflogin.password#">
<cfset isAuthenticated="yes">
<cfcatch type="ANY">
<cfset isAuthenticated="no">
</cfcatch>
</cftry>
<cfdump var="isAuthenticated: #isAuthenticated#">
<cfsetting showdebugoutput="no">
<cfdump var="#GetAuthUser()#">
</cfif>
<cfif NOT IsDefined("isAuthenticated") OR isAuthenticated is "no">
<!--- authentication failed - send back 401 --->
<cfsetting enablecfoutputonly="yes" showdebugoutput="no">
Please log in.<br>
<cfheader statuscode="401">
<cfheader name="WWW-Authenticate" value="Basic realm=""MySecurity""">
<cfoutput>Not authorized</cfoutput>
<cfabort>
</cfif>
</cflogin>
Any help would be appreciated! Oh, and if it matters at all, the server is
CF701 running on Apache 2 and RedHat 9.
Thanks,
Eric
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:229487
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
