Just as an update, I would need to add some additional conditional logic
to the proposed code to make sure userLogin is passed to the method.

<cfcase value="ADSI">
  <cfscript>
    o_NTsec = createObject("component",
"#application.packagepath#.security.NTsecurity");
    //check to see that the user is in the directory
    userExists = false; 
    if (isDefined('arguments.userLogin'))   
      userExists = o_Ntsec.userInDirectory(userName=userLogin,
domain=stUd[Userdirectory].domain);
                
    stUser = structNew();
    if (userExists) {
      stUser.userID = userLogin;
      stUser.userLogin = userLogin;
      stUser.status = 4;
      stUser.userNotes = o_NTsec.getUserDescription(userName=userLogin,
domain=stUd[Userdirectory].domain);
      stUser.userDirectory = userDirectory;
    }
  </cfscript>
</cfcase>

  

>-----Original Message-----
>From: [EMAIL PROTECTED] 
>[mailto:[EMAIL PROTECTED] On Behalf 
>Of Nathan Mische
>Sent: Tuesday, October 19, 2004 12:25 PM
>To: FarCry Developers
>Subject: [farcry-dev] Authentication.getUser()
>
>
>I'm looking at farcry_core.packages.security.authentication.getUser()
>and it appears that if you attempt to get a user from ADSI, no 
>check is made to determine if that user is actually exists in 
>the Active Directory.
>
>******* Existing ADSI Code ********
>
><cfcase value="ADSI">
>  <cfscript>
>    o_NTsec = createObject("component",
>"#application.packagepath#.security.NTsecurity");
>    userNotes = o_NTsec.getUserDescription(userName=userLogin,
>domain=stUd[Userdirectory].domain);
>               
>    stUser = structNew();
>    stUser.userID = userLogin;
>    stUser.userLogin = userLogin;
>    stUser.status = 4;
>    stUser.userNotes = userNotes;
>    stUser.userDirectory = userDirectory;
>  </cfscript>
></cfcase>
>
>******* End Existing ADSI Code ********
>
>What I would like to do is change the above code to at least 
>check for the user's existence in AD.
>
>******* Proposed ADSI Code ********
>
><cfcase value="ADSI">
>  <cfscript>
>    o_NTsec = createObject("component",
>"#application.packagepath#.security.NTsecurity");
>    //check to see that the user is in the directory
>    userExists = o_Ntsec.userInDirectory(userName=userLogin,
>domain=stUd[Userdirectory].domain);
>               
>    stUser = structNew();
>    if (userExists) {
>      stUser.userID = userLogin;
>      stUser.userLogin = userLogin;
>      stUser.status = 4;
>      stUser.userNotes = o_NTsec.getUserDescription(userName=userLogin,
>domain=stUd[Userdirectory].domain);;
>      stUser.userDirectory = userDirectory;
>    }
>  </cfscript>
></cfcase>
>
>******* End Proposed ADSI Code ********
>
>This would cause getUser to return an empty structure for 
>users not found in the AD, which is what the method returns if 
>a user is not found in the Daemon directory. Does anyone see 
>any problems with this? 
>
>One thing that may still need sorting out is user status. For 
>example, I think it is possible for a user to exist in AD but 
>not belong to a group which has access to FarCry? Is this 
>correct? If so, what should we return for status in such cases?
>
>Best,
>
>--Nathan
>
>
>
>---
>You are currently subscribed to farcry-dev as: [EMAIL PROTECTED] 
>To unsubscribe send a blank email to 
>[EMAIL PROTECTED]
>Aussie Macromedia Developers: http://lists.daemon.com.au/
>
>

---
You are currently subscribed to farcry-dev as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/

Reply via email to