Yes, Enterprise edition is required for Advanced security. Sorry I
forgot to mention that.
I would love to make a presentation, only I don't live in Dallas
anymore. I have moved back home to family in Kansas City, but the
Kansas City user group is really poor and not a reliable resource.
(Translate: You guys are great!) Maybe if there were a plane ticket
involved. :)
PS
If you are currently trying to make advanced security work, but are
confused by all the rules and policies, click on the "Map" button on
the bottom of the main page. It displays just a simple list of what is
going on, but it is great reference for the hierarchy and to see what
section is applying to what.
--- Dave Cahall <[EMAIL PROTECTED]> wrote:
> To: [EMAIL PROTECTED]
> Date: Thu, 22 Mar 2001 08:39:04 -0600
> Subject: Re: NT Login authentication
> From: Dave Cahall <[EMAIL PROTECTED]>
> Reply-to: [EMAIL PROTECTED]
>
> Enterprise edition is mandatory for Advanced Security.
> On Thu, 22 Mar 2001 08:34:42 -0600 "Sorge, Bruce"
> <[EMAIL PROTECTED]> writes:
> > Only problem with this is that we are not user CF Enterprise.
> >
> > -----Original Message-----
> > From: Jean [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, March 22, 2001 8:28 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: NT Login authentication
> >
> >
> > After going through hair pulling abuse from my cold fusion server,
> > I
> > learned the following:
> >
> >
> > Ok, first you need to install Advanced security on your server. To
> > see
> > if you have or not, go to the cfadmin page and see if there is a
> > link
> > for advanced security under the link for basic security. If not
> > you
> > need to install it.
> >
> > Under the advanced security link, usually leave the settings as
> > default. (Make sure the Use Advanced Server Security box is
> > checked)
> >
> > Bottom of the page:
> >
> > USER DIRECTORIES
> > For user directories enter the name of the directories... name is
> up
> > to
> > you at this point. Click ADD. Where it says 'namespace' click
> > the
> > drop down box, you want to choose "use existing directories" (the
> > NT
> > directory). After 'adding' this, click the back button on the
> > bottom
> > of the page to go back to your advanced security home page.
> >
> > SECURITY CONTEXTS
> > Enter a name for your context that makes it easy to remember. If
> > you
> > are setting this up for ftp access, you might name this context
> ftp.
> >
> > Click add. Make sure the 'use existing directories' is checked.
> > (it
> > is by default) If this is for a restricted page of a website, make
> > sure the application box is checked. If this is to restrict your
> > programmers from using custom tags, check that box. ETC. Click
> > add.
> >
> > RULES
> > Rules are established within a Security Context to govern specific
> > resources. A rule determines what action can be performed on a
> > resource. For example, you might create a rule to limit write
> access
> > to
> > files in a specific directory. Make the rule name easy to remember
> > and
> > to associate with the resource it protects. Type the rule name and
> > click add. If this is for an application, enter the name of the
> > application here. This is the name included in your cfappliation
> > tag.
> >
> > POLICIES
> > Enter a name for your policy in the box and click add. Enter a
> > description if desired and click ok. This then takes you back to
> > the
> > policies page. Click the name of your policy and click the Rules
> > button. Click Add/Remove. Click the name of the rule that you set
>
> > up
> > and click the <== button to add it to the first box. Then click
> > back
> > twice to get back to the Security Policies page. Now click users.
> > Click Add/Remove. Here is where you can add individual users, or
> > whole
> > groups. For instance, to add everyone add 'domain users'. To add
> > just
> > yourself, just enter your login name in the box. You can add
> > everyone
> > individually, or add 1 group, or add all groups, whatever you need.
>
> >
> > This point is the driving force behind what you are trying to
> > accomplish.
> >
> > If you have any questions, feel free to e-mail me, and I will see
> > what
> > I can do to help. I have only done this a few times now, but they
> > have
> > all been successful. Good Luck!
> >
> >
> >
> >
> >
> >
> >
> > <!--- replace the word "application" with the name of the
> > application
> > that you set up in the cfadministrator --->
> > <CFAPPLICATION NAME="application"
> > CLIENTMANAGEMENT="Yes"
> > SESSIONMANAGEMENT="Yes"
> > SETCLIENTCOOKIES="Yes">
> >
> >
> > <!--- Set up authentication --->
> > <cfif not IsAuthenticated()> <!--- User is not authenticated --->
> > <cfset showLogin = "No">
> > <cfif IsDefined("form.username") and
> > IsDefined("form.password")>
> > <!--- The Login Form was submitted --->
> > <CFPARAM NAME="Client.username" DEFAULT="#form.username#">
> > <cftry>
> > <!--- Try to authenticate the user --->
> > <!--- Replace the word context with the name of the
> > context you
> > set
> > up in the administrator page--->
> > <cfauthenticate setcookie="Yes"
> > throwonfailure="Yes"
> > securitycontext="context"
> > username="#form.username#"
> > password="#form.password#">
> > <cfcatch type="Security">
> > <cfset showLogin = "Yes">
> > </cfcatch>
> > </cftry>
> > <cfelse> <!--- The Login Form was not submitted --->
> > <cfset showLogin = "Yes">
> > </cfif>
> >
> >
> >
> >
> >
> > <cfif showLogin>
> > <cfset url = "#cgi.script_name#"> <!--- Store the page
> they
> > are on
> > to
> > return to it after authentication --->
> > <cfif cgi.query_string is not "">
> > <cfset url = url & "?#cgi.query_string#">
> > </cfif>
> > <cfoutput>
> > <html>
> > <head></head>
> > <body>
> > </cfif><!--- I think I deleted a </cfif> here so I added it
>
> > back in.
> >
> > If this code throws, remove this </cfif> tage here--->
> > <table border="0">
> > <form action="#url#" Method="post">
> > Username: <input type="Text"
> > name="username"><br>
> > Password: <input type="Password"
> > name="password">
> > </form>
> >
> >
> > </cfoutput>
> > <cfabort>
> >
> > </body>
> > </html>
> > </cfif>
> > </cfif>
> >
> >
> > =====
> > Veni, Vedi, Velcro.
> > I came, I saw, I stuck with it.
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Get email at your own domain with Yahoo! Mail.
> > http://personal.mail.yahoo.com/
> >
> >
>
-------------------------------------------------------------------------
> > This email server is running an evaluation copy of the MailShield
> > anti-
> > spam software. Please contact your email administrator if you have
> > any
> > questions about this message. MailShield product info:
> > www.mailshield.com
> >
> > -----------------------------------------------
> > To post, send email to [EMAIL PROTECTED]
> > To subscribe / unsubscribe: http://www.dfwcfug.org
> >
> >
>
-------------------------------------------------------------------------
> > This email server is running an evaluation copy of the MailShield
> > anti-
> > spam software. Please contact your email administrator if you have
> > any
> > questions about this message. MailShield product info:
> > www.mailshield.com
> >
> > -----------------------------------------------
> > To post, send email to [EMAIL PROTECTED]
> > To subscribe / unsubscribe: http://www.dfwcfug.org
> >
>
>
-------------------------------------------------------------------------
> This email server is running an evaluation copy of the MailShield
> anti-
> spam software. Please contact your email administrator if you have
> any
> questions about this message. MailShield product info:
> www.mailshield.com
>
> -----------------------------------------------
> To post, send email to [EMAIL PROTECTED]
> To subscribe / unsubscribe: http://www.dfwcfug.org
=====
Veni, Vedi, Velcro.
I came, I saw, I stuck with it.
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
