hmmm ok... is there any reason to have cookies set on this site. If not you could try taking the SETCLIENTCOOKIES="Yes" out of the cfapplication tag...
----- Original Message ----- From: "Bob Wood" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 03, 2003 3:33 PM Subject: RE: [ cf-dev ] Authentication problems > d, > > Incorrrect logins are dealt with properly. > > I can use any correct id/password pair to login successfully, not only > on my development machine, but on another machine on our network I've > never used before (once cookies have been enabled). > > But not all users can use their own login. Is it too simplistic to > assume that because I can login OK, the fault is with a user's browser? > > Bob > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: 03 November 2003 15:19 > To: [EMAIL PROTECTED] > Subject: Re: [ cf-dev ] Authentication problems > > Bob, > > Seems strange this error would be thrown and it should be nothing to do > with > cookies. If the login is successful then the session var (MM_username) > should be set up. Anyone else see anything in this? > > What happens when you put incorrect login details in? > > d > > > ----- Original Message ----- > From: "Bob Wood" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, November 03, 2003 11:59 AM > Subject: RE: [ cf-dev ] Authentication problems > > > > Application.cfm: > > > > > > <CFAPPLICATION NAME="ISFA" > > CLIENTMANAGEMENT="Yes" > > SESSIONMANAGEMENT="Yes" > > SETCLIENTCOOKIES="Yes" > > SESSIONTIMEOUT="#CreateTimeSpan(0,0,15,0)#" > > APPLICATIONTIMEOUT="#CreateTimeSpan(0,2,0,0)#"> > > > > <CFERROR MAILTO="[EMAIL PROTECTED]" > > TYPE="Request" TEMPLATE="custom_error.cfm"> > > > > > > > > <CFSET web_db = "newmedia"> > > > > <CFSET yearNow=DateFormat(Now(),"YYYY")> > > > > <cfsetting showdebugoutput="No"> > > > > ----------------------------------------------------------- > > > > > > Login page: > > > > > > <cfif IsDefined("FORM.login")> > > <cfset MM_redirectLoginSuccess="school_admin.cfm"> > > <cfset MM_redirectLoginFailed="logon_fail.cfm"> > > <cfquery name="MM_rsUser" datasource="#web_db#"> > > SELECT Login,Password FROM ISFA WHERE Login='#FORM.login#' AND > > Password='#FORM.pword#' > > > > </cfquery> > > <cfif MM_rsUser.RecordCount NEQ 0> > > <cftry> > > <cflock scope="Session" timeout="30" type="Exclusive"> > > <cfset Session.MM_Username=FORM.login> > > <cfset Session.MM_UserAuthorization=""> > > </cflock> > > <cfif IsDefined("URL.accessdenied") AND false> > > <cfset MM_redirectLoginSuccess=URL.accessdenied> > > </cfif> > > <cflocation url="#MM_redirectLoginSuccess#" addtoken="no"> > > <cfcatch type="Lock"> > > <!--- code for handling timeout of cflock ---> > > </cfcatch> > > </cftry> > > </cfif> > > <cflocation url="#MM_redirectLoginFailed#" addtoken="no"> > > <cfelse> > > <cfset MM_LoginAction=CGI.SCRIPT_NAME> > > <cfif CGI.QUERY_STRING NEQ ""> > > <cfset MM_LoginAction=MM_LoginAction & "?" & CGI.QUERY_STRING> > > </cfif> > > </cfif> > > > > AND: > > > > <form name="form2" method="POST" > > action="<cfoutput>#MM_loginAction#</cfoutput>"> > > <table width="100%" border="0" cellspacing="0" > cellpadding="5"> > > <tr> > > <td width="16%"><div align="right" class="bodyText">Login > > id: </div></td> > > <td width="84%"><input name="login" type="text" size="30" > > id="login"></td> > > </tr> > > <tr> > > <td><div align="right" class="bodyText">Password: > > </div></td> > > <td><input name="pword" type="password" size="30" > > id="pword"></td> > > </tr> > > <tr> > > <td> </td> > > <td><input type="submit" name="Submit" value="Submit"> > > <input type="reset" name="Submit2" value="Reset"></td> > > </tr> > > </table> > > </form> > > > > > ------------------------------------------------------------------------ > > --- > > > > Secured page: > > > > > > <cfif Session.MM_Username EQ ""><cflocation url="home.cfm"></cfif> > > > > <cfif IsDefined("URL.MM_logout") AND URL.MM_logout EQ "1"> > > <cflock scope="Session" type="Exclusive" timeout="30" > > throwontimeout="no"> > > <cfset Session.MM_Username=""> > > <cfset Session.MM_UserAuthorization=""> > > </cflock> > > <cfset MM_logoutRedirectPage="home.cfm"> > > <cfif MM_logoutRedirectPage EQ ""> > > <cfset MM_logoutRedirectPage=CGI.SCRIPT_NAME> > > </cfif> > > <cfset > > > MM_logoutQuery=ListDeleteAt(CGI.QUERY_STRING,ListContainsNoCase(CGI.QUER > > Y_STRING,"MM_logout=","&"),"&")> > > <cfif MM_logoutQuery NEQ ""> > > <cfif Find("?",MM_logoutRedirectPage) EQ 0> > > <cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "?" & > > MM_logoutQuery> > > <cfelse> > > <cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "&" & > > MM_logoutQuery> > > </cfif> > > </cfif> > > <cflocation url="#MM_logoutRedirectPage#" addtoken="no"> > > </cfif> > > <cflock scope="Session" type="ReadOnly" timeout="30" > > throwontimeout="no"> > > <cfset > > > MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",D > > E(""))> > > <cfset > > > MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Sess > > ion.MM_UserAuthorization",DE(""))> > > </cflock> > > <cfif MM_Username EQ ""> > > <cfset MM_referer=CGI.SCRIPT_NAME> > > <cfif CGI.QUERY_STRING NEQ ""> > > <cfset MM_referer=MM_referer & "?" & CGI.QUERY_STRING> > > </cfif> > > <cfset MM_failureURL="login.cfm?accessdenied=" & > > URLEncodedFormat(MM_referer)> > > <cflocation url="#MM_failureURL#" addtoken="no"> > > </cfif> > > <cfset CurrentPage=GetFileFromPath(GetTemplatePath())> > > <cfparam name="SESSION.MM_Username" default="1"> > > > > > > > ------------------------------------------------------------------------ > > -- > > > > I don't think I've missed anything out. These are just Dreamweaver MX > > behaviours . . . . . > > > > Thanks for your time! > > > > Cheers, > > Bob > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Sent: 03 November 2003 10:16 > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ cf-dev ] Authentication problems > > Importance: Low > > > > Hi Bob > > > > We'd need to see the code in: > > > > 1. Application.cfm > > > > 2. The login code setting the session variable which defines them as > > logged > > in > > > > 3. The security include/code securing all the pages > > > > Then we'd be able to help diagnose the problem > > > > HTH > > Mark > > > > -----Original Message----- > > From: Bob Wood [mailto:[EMAIL PROTECTED] > > Sent: 03 November 2003 08:42 > > To: [EMAIL PROTECTED] > > Subject: [ cf-dev ] Authentication problems > > > > > > Hi All, > > > > I'm a CF newbie and have a dynamic site with some pages secured > against > > a list of login ids and passwords. > > > > Problem is, not everyone can get in. I can, from my computer, get in > as > > anyone. Some people have an error come up with "MM_USERNAME is > > undefined_session". I can replicate this by turning cookies off, but > > other users say their browsers do have cookies enabled, but still > can't > > get in. > > > > Is there something basic I'm missing? Why can I get in when others > > can't? > > Do I need to tweak my Application.cfm? > > > > Any help much appreciated. > > > > Thanks, > > Bob > > > > > > -- > > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > For human help, e-mail: [EMAIL PROTECTED] > > > > -- > > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > For human help, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > For human help, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > For human help, e-mail: [EMAIL PROTECTED] > > > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > For human help, e-mail: [EMAIL PROTECTED] > > -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
