Blair, I added the seq attribute to my AD component:
<cfcomponent displayname="CMI Active Directory User Directory" hint="AD User Directory" extends="farcry.core.packages.security.UserDirectory" output="false" bEncrypted="false" seq="9998"> and a dump of application.security on the login page confirms it. The issue still seems to be that ONLY the "default" user directory is being used. Any other ideas? On Feb 4, 9:08 pm, Blair McKenzie <[email protected]> wrote: > Another possibility is that the order of the directories is affecting the > login process. You can change the order of the user directories that are > processed by adding a seq attribute to the user directory component. > FarcryUD defaults to 9999. Try adding a lower seq to yours, and updating the > app. > > > > On Thu, Feb 5, 2009 at 11:58 AM, Chris Roth <[email protected]> wrote: > > > Hi Blair, > > > I see the loop you refer to but I can not seem to figure out why that > > loop does not seem to be running. > > > Once the selectUD form control is removed from the login form, I can > > only log in with a user in the "default" directory. > > > If I set the default directory to be FarcryUD, I can log in with a FC > > user but,if I try to login with AD credentials, I get the username/ > > password worng bubble. > > > If I set the default directory to be my AD, I can log in with a AD > > user but,if I try to login with FC credentials, I DO NOT get the > > username/password worng bubble, but the form repaints. > > > Any other ideas? This is and sme minor verity plugin issues are my > > only dev to prod hold up. > > > On Feb 1, 4:32 pm, Blair McKenzie <[email protected]> wrote: > > > The loop is done in packages/security/security.cfc. It looks like it > > should > > > work, but if you find something wrong let me know. > > > > On Sat, Jan 31, 2009 at 4:44 AM, Chris Roth <[email protected]> > > wrote: > > > > > Here's a bit more info that may help you help me.. > > > > > If I go to:http://dev-www.mydomain.com/webtop/login.cfm?ud=CLIENTUD > > > > > As mentioned I can login with my FC user. And if I try to login with > > > > my AD user I get the user/pass incorrect bubble. - both as expected. > > > > > I do not get the forgot password, forgot user, register links. it I > > > > enter incorrect logins using either the ?ud=clientud or directly > > > > accessing the login page. > > > > > However. > > > > > If I login one way or the other (sucessfully), then use my back button > > > > to return to the login page, then hit reload, I do see the misc. links > > > > below the login, however > > > > > I am still required to login using which ever method was successful > > > > before hitting back. > > > > > On Jan 30, 9:33 am, Chris Roth <[email protected]> wrote: > > > > > Blair, > > > > > > Yes, I updated app and reloaded security. > > > > > > Can you point me to where Farcry loops thru the configured UDs? I > > > > > could not find it, but admit I may not know all the places to look. > > > > > > I configimed my Farcy user login is working by going to the webtop > > via > > > > > the url passed var. > > > > > >http://dev-www.mydomain.com/webtop/login.cfm?ud=CLIENTUD > > > > > > But it definately does not appear to be looping over the UD's when I > > > > > try to log in to the web top without passing the ud variable > > > > > andentering the farcry user login details. > > > > > > Chris > > > > > > On Jan 29, 8:35 pm, Blair McKenzie <[email protected]> wrote: > > > > > > > Did you updateapp / reload security? > > > > > > > On Fri, Jan 30, 2009 at 11:05 AM, Chris Roth <[email protected] > > > > > wrote: > > > > > > > > Blair, > > > > > > > > Here's the authenticate function in my cmiad.cfc. Am i missing > > > > > > > something? Does setting stResult = StructNew() not create an > > empty > > > > > > > struct? > > > > > > > > <cffunction name="authenticate" access="public" > > output="true" > > > > > > > returntype="struct" hint="Attempts to process a user. Runs every > > time > > > > > > > the login form is loaded."> > > > > > > > <cfset var stResult = structnew() /> > > > > > > > <cfset var qResult = "" /> > > > > > > > > <cfimport taglib="/farcry/core/tags/formtools/" > > > > prefix="ft" > > > > > > > /> > > > > > > > > <!--- Return struct ---> > > > > > > > > <ft:processform> > > > > > > > <ft:processformObjects > > > > typename="#getLoginForm()#"> > > > > > > > <cfset stResult.userid = "" /> > > > > > > > <cfset stResult.authenticated = > > false > > > > /> > > > > > > > <cfset stResult.message = "" /> > > > > > > > > <!--- Find the user ---> > > > > > > > <cftry> > > > > > > > <cfldap > > > > > > > server="#application.config.ldap.host#" action="query" > > > > > > > name="qResult" start="#application.config.ldap.userstart#" > > > > > > > scope="base" attributes="*" username="#replace > > > (application.config.ldap.userdn,'{userid}',stProperties.username)#" > > > > > > > password="#stProperties.password#" /> > > > > > > > <cfset > > stResult.authenticated > > > > = true > > > > > > > /> > > > > > > > <cfset stResult.userid = > > > > > > > stProperties.username /> > > > > > > > > <cfcatch> > > > > > > > > <!--- CROTH: 1/29/09 > > disable > > > > the > > > > > > > return variable so that this > > > > > > > will also look in the FarcryUD > > > > > > > <cfset > > > > > > > stResult.authenticated = false /> > > > > > > > <cfset > > stResult.userid > > > > = > > > > > > > stProperties.username /> > > > > > > > <cfset > > > > stResult.message = > > > > > > > "The username or password is > > > > > > > incorrect" /> > > > > > > > ---> > > > > > > > <cfset stResult = > > StructNew()> > > > > > > > </cfcatch> > > > > > > > </cftry> > > > > > > > </ft:processformObjects> > > > > > > > </ft:processform> > > > > > > > > <cfreturn stResult /> > > > > > > > > </cffunction> > > > > > > > > On Jan 29, 2:24 pm, Blair McKenzie <[email protected]> wrote: > > > > > > > > Check that the ldap authenticate function is returning an empty > > > > struct > > > > > > > when > > > > > > > > there is no match. Every time the login page is loaded, FarCry > > > > loops > > > > > > > through > > > > > > > > the user directories trying to authenticate. As soon as a > > non-empty > > > > > > > struct > > > > > > > > is returned (empty == nothing to see here) it stops, and there > > was > > > > either > > > > > > > an > > > > > > > > error or the user is logged in. > > > > > > > > > On Fri, Jan 30, 2009 at 6:58 AM, Chris Roth < > > [email protected]> > > > > > > > wrote: > > > > > > > > > > Blair, > > > > > > > > > > Thanks for the pointers. I am close but dont seem to quite > > have > > > > it > > > > > > > > > right, perhaps a litte more guidance. > > > > > > > > > > Here's what I have done so far. > > > > > > > > > > I have a plugin cmiAD which is basically a modified version > > of > > > > > > > > > farcryldap. Its working just fine. > > > > > > > > > > In webtop - admin - edit config - general config - login > > props - > > > > > > > > > default UD I have set to my cmiAD > > > > > > > > > > At thie point I can login with either a Farcry or cmiAD user. > > The > > > > > > > > > login form has the select UD option..... following your > > > > guidance.. > > > > > > > > > > I have made the following changes to my cmiAD plugin files. > > > > > > > > > > 1. copied the folder\file farLogin\displayLogin.cfm from > > > > core\webskins > > > > > > > > > to \plugins\cmiAD\weskins > > > > > > > > > 2. commented out <sec:SelectUDLogin> in > > \plugins\cmiAD\weskins > > > > > > > > > \farLogin\displayLogin.cfm > > > > > > > > > > 3. cmiAD.cfc - modified getLoginForm to return farLogin > > > > > > > > > 4. cmiAD.cfc - commented out the setting of stResult > > variables > > > > between > > > > > > > > > the <cfcatch> tags > > > > > > > > > > Refresh app and I get 70% there. > > > > > > > > > > 1. My login page no longer has user directory select > > > > > > > > > 2. I can login with my AD account > > > > > > > > > 3. FAIL: I can not login with a farcry user account > > > > > > > > > > I suppose somwhere there needs to be instructions to pass the > > > > supplied > > > > > > > > > username/password to all "configured" User Directories, but I > > am > > > > not > > > > > > > > > sure where to put that. Help? > > > > > > > > > > On Jan 28, 3:24 pm, Blair McKenzie <[email protected]> wrote: > > > > > > > > > > 1. Modify the login skin for the default user directory > > to > > > > remove > > > > > > > the > > > > > > > > > > directory select > > > > > > > > > > 2. Modify the default user directory authentication > > function > > > > so > > > > > > > that a > > > > > > > > > > user-doesn't-exist failure does not return an error > > struct > > > > > > > > > > 3. Make sure that the authentication function for both > > user > > > > > > > > > directories > > > > > > > > > > process the form (e.g. they both use the farLogin form) > > > > > > > > > > > I think that's all you need. > > > > > > > > > > > Blair > > > > > > > > > > > On Thu, Jan 29, 2009 at 9:00 AM, Chris Roth < > > > > [email protected]> > > > > > > > > > wrote: > > > > > > > > > > > > I have modified the farcryldap plugin to work with our > > Active > > > > > > > > > > > Directory configuration, and from what I can tell thus > > far, > > > > its > > > > > > > > > > > working just fine (logins, groups, etc.) > > > > > > > > > > > > However, I really dislike the login page that now > > requires > > > > the user > > > > > > > to > > > > > > > > > > > "select" the user directory. > > > > > > > > > > > > We have AD users (internal employees) and FCUD users > > > > (external non- > > > > > > > ad > > > > > > > > > > > people) > > ... > > read more »- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/farcry-dev?hl=en -~----------~----~----~----~------~----~------~--~---
