If this is for an internal application, then I'd suggest creating your own SSL certs which you can do for free. Your users will get a warning about a untrusted certificate the first time around, but you can explain to them that they need to trust it permanently adn then the error will not recur and you will end up having a much eaiser application to write and more secure.
Judah On Fri, Sep 19, 2008 at 9:57 PM, Gus Denton <[EMAIL PROTECTED]> wrote: > Here is my problem.. > I am working in a uni and we have multiple sites (on the same server) > requiring authentication. We simmply cannot afford to purchase a cert for > each site (domain and separate IP), so my solution was to created a single > site with a cert which has the other sites available as virtual directories, > Authentication would be performed via ssl and then the user would be > redirected (using cflocation) back to the insecure site along with the > session (cfif, cftoken) appended to the URL, however when I do this I cannot > see the session variables established during authentication even though the > cfid and cftoken are the same .... > > Any ideas how I can acheive this ? > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312849 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
