Just as an update, I would need to add some additional conditional logic
to the proposed code to make sure userLogin is passed to the method.
<cfcase value="ADSI">
<cfscript>
o_NTsec = createObject("component",
"#application.packagepath#.security.NTsecurity");
//check to see that the user is in the directory
userExists = false;
if (isDefined('arguments.userLogin'))
userExists = o_Ntsec.userInDirectory(userName=userLogin,
domain=stUd[Userdirectory].domain);
stUser = structNew();
if (userExists) {
stUser.userID = userLogin;
stUser.userLogin = userLogin;
stUser.status = 4;
stUser.userNotes = o_NTsec.getUserDescription(userName=userLogin,
domain=stUd[Userdirectory].domain);
stUser.userDirectory = userDirectory;
}
</cfscript>
</cfcase>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf
>Of Nathan Mische
>Sent: Tuesday, October 19, 2004 12:25 PM
>To: FarCry Developers
>Subject: [farcry-dev] Authentication.getUser()
>
>
>I'm looking at farcry_core.packages.security.authentication.getUser()
>and it appears that if you attempt to get a user from ADSI, no
>check is made to determine if that user is actually exists in
>the Active Directory.
>
>******* Existing ADSI Code ********
>
><cfcase value="ADSI">
> <cfscript>
> o_NTsec = createObject("component",
>"#application.packagepath#.security.NTsecurity");
> userNotes = o_NTsec.getUserDescription(userName=userLogin,
>domain=stUd[Userdirectory].domain);
>
> stUser = structNew();
> stUser.userID = userLogin;
> stUser.userLogin = userLogin;
> stUser.status = 4;
> stUser.userNotes = userNotes;
> stUser.userDirectory = userDirectory;
> </cfscript>
></cfcase>
>
>******* End Existing ADSI Code ********
>
>What I would like to do is change the above code to at least
>check for the user's existence in AD.
>
>******* Proposed ADSI Code ********
>
><cfcase value="ADSI">
> <cfscript>
> o_NTsec = createObject("component",
>"#application.packagepath#.security.NTsecurity");
> //check to see that the user is in the directory
> userExists = o_Ntsec.userInDirectory(userName=userLogin,
>domain=stUd[Userdirectory].domain);
>
> stUser = structNew();
> if (userExists) {
> stUser.userID = userLogin;
> stUser.userLogin = userLogin;
> stUser.status = 4;
> stUser.userNotes = o_NTsec.getUserDescription(userName=userLogin,
>domain=stUd[Userdirectory].domain);;
> stUser.userDirectory = userDirectory;
> }
> </cfscript>
></cfcase>
>
>******* End Proposed ADSI Code ********
>
>This would cause getUser to return an empty structure for
>users not found in the AD, which is what the method returns if
>a user is not found in the Daemon directory. Does anyone see
>any problems with this?
>
>One thing that may still need sorting out is user status. For
>example, I think it is possible for a user to exist in AD but
>not belong to a group which has access to FarCry? Is this
>correct? If so, what should we return for status in such cases?
>
>Best,
>
>--Nathan
>
>
>
>---
>You are currently subscribed to farcry-dev as: [EMAIL PROTECTED]
>To unsubscribe send a blank email to
>[EMAIL PROTECTED]
>Aussie Macromedia Developers: http://lists.daemon.com.au/
>
>
---
You are currently subscribed to farcry-dev as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/
