Our loss!
What "main page" are you referring to?
On Fri, 23 Mar 2001 08:15:41 -0800 (PST) Jean <[EMAIL PROTECTED]>
writes:
> Yes, Enterprise edition is required for Advanced security. Sorry I
> forgot to mention that.
>
> I would love to make a presentation, only I don't live in Dallas
> anymore. I have moved back home to family in Kansas City, but the
> Kansas City user group is really poor and not a reliable resource.
> (Translate: You guys are great!) Maybe if there were a plane
> ticket
> involved. :)
>
> PS
> If you are currently trying to make advanced security work, but are
> confused by all the rules and policies, click on the "Map" button
> on
> the bottom of the main page. It displays just a simple list of what
> is
> going on, but it is great reference for the hierarchy and to see
> what
> section is applying to what.
>
> --- Dave Cahall <[EMAIL PROTECTED]> wrote:
> > To: [EMAIL PROTECTED]
> > Date: Thu, 22 Mar 2001 08:39:04 -0600
> > Subject: Re: NT Login authentication
> > From: Dave Cahall <[EMAIL PROTECTED]>
> > Reply-to: [EMAIL PROTECTED]
> >
> > Enterprise edition is mandatory for Advanced Security.
> > On Thu, 22 Mar 2001 08:34:42 -0600 "Sorge, Bruce"
> > <[EMAIL PROTECTED]> writes:
> > > Only problem with this is that we are not user CF Enterprise.
> > >
> > > -----Original Message-----
> > > From: Jean [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, March 22, 2001 8:28 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: NT Login authentication
> > >
> > >
> > > After going through hair pulling abuse from my cold fusion
> server,
> > > I
> > > learned the following:
> > >
> > >
> > > Ok, first you need to install Advanced security on your server.
> To
> > > see
> > > if you have or not, go to the cfadmin page and see if there is a
>
> > > link
> > > for advanced security under the link for basic security. If not
>
> > > you
> > > need to install it.
> > >
> > > Under the advanced security link, usually leave the settings as
> > > default. (Make sure the Use Advanced Server Security box is
> > > checked)
> > >
> > > Bottom of the page:
> > >
> > > USER DIRECTORIES
> > > For user directories enter the name of the directories... name
> is
> > up
> > > to
> > > you at this point. Click ADD. Where it says 'namespace' click
>
> > > the
> > > drop down box, you want to choose "use existing directories"
> (the
> > > NT
> > > directory). After 'adding' this, click the back button on the
> > > bottom
> > > of the page to go back to your advanced security home page.
> > >
> > > SECURITY CONTEXTS
> > > Enter a name for your context that makes it easy to remember.
> If
> > > you
> > > are setting this up for ftp access, you might name this context
> > ftp.
> > >
> > > Click add. Make sure the 'use existing directories' is checked.
>
> > > (it
> > > is by default) If this is for a restricted page of a website,
> make
> > > sure the application box is checked. If this is to restrict
> your
> > > programmers from using custom tags, check that box. ETC. Click
>
> > > add.
> > >
> > > RULES
> > > Rules are established within a Security Context to govern
> specific
> > > resources. A rule determines what action can be performed on a
> > > resource. For example, you might create a rule to limit write
> > access
> > > to
> > > files in a specific directory. Make the rule name easy to
> remember
> > > and
> > > to associate with the resource it protects. Type the rule name
> and
> > > click add. If this is for an application, enter the name of
> the
> > > application here. This is the name included in your
> cfappliation
> > > tag.
> > >
> > > POLICIES
> > > Enter a name for your policy in the box and click add. Enter a
> > > description if desired and click ok. This then takes you back
> to
> > > the
> > > policies page. Click the name of your policy and click the
> Rules
> > > button. Click Add/Remove. Click the name of the rule that you
> set
> >
> > > up
> > > and click the <== button to add it to the first box. Then click
>
> > > back
> > > twice to get back to the Security Policies page. Now click
> users.
> > > Click Add/Remove. Here is where you can add individual users,
> or
> > > whole
> > > groups. For instance, to add everyone add 'domain users'. To
> add
> > > just
> > > yourself, just enter your login name in the box. You can add
> > > everyone
> > > individually, or add 1 group, or add all groups, whatever you
> need.
> >
> > >
> > > This point is the driving force behind what you are trying to
> > > accomplish.
> > >
> > > If you have any questions, feel free to e-mail me, and I will
> see
> > > what
> > > I can do to help. I have only done this a few times now, but
> they
> > > have
> > > all been successful. Good Luck!
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > <!--- replace the word "application" with the name of the
> > > application
> > > that you set up in the cfadministrator --->
> > > <CFAPPLICATION NAME="application"
> > > CLIENTMANAGEMENT="Yes"
> > > SESSIONMANAGEMENT="Yes"
> > > SETCLIENTCOOKIES="Yes">
> > >
> > >
> > > <!--- Set up authentication --->
> > > <cfif not IsAuthenticated()> <!--- User is not authenticated
> --->
> > > <cfset showLogin = "No">
> > > <cfif IsDefined("form.username") and
> > > IsDefined("form.password")>
> > > <!--- The Login Form was submitted --->
> > > <CFPARAM NAME="Client.username" DEFAULT="#form.username#">
> > > <cftry>
> > > <!--- Try to authenticate the user --->
> > > <!--- Replace the word context with the name of the
> > > context you
> > > set
> > > up in the administrator page--->
> > > <cfauthenticate setcookie="Yes"
> > > throwonfailure="Yes"
> > > securitycontext="context"
> > > username="#form.username#"
> > > password="#form.password#">
> > > <cfcatch type="Security">
> > > <cfset showLogin = "Yes">
> > > </cfcatch>
> > > </cftry>
> > > <cfelse> <!--- The Login Form was not submitted --->
> > > <cfset showLogin = "Yes">
> > > </cfif>
> > >
> > >
> > >
> > >
> > >
> > > <cfif showLogin>
> > > <cfset url = "#cgi.script_name#"> <!--- Store the page
> > they
> > > are on
> > > to
> > > return to it after authentication --->
> > > <cfif cgi.query_string is not "">
> > > <cfset url = url & "?#cgi.query_string#">
> > > </cfif>
> > > <cfoutput>
> > > <html>
> > > <head></head>
> > > <body>
> > > </cfif><!--- I think I deleted a </cfif> here so I added
> it
> >
> > > back in.
> > >
> > > If this code throws, remove this </cfif> tage here--->
> > > <table border="0">
> > > <form action="#url#" Method="post">
> > > Username: <input type="Text"
> > > name="username"><br>
> > > Password: <input
> type="Password"
> > > name="password">
> > > </form>
> > >
> > >
> > > </cfoutput>
> > > <cfabort>
> > >
> > > </body>
> > > </html>
> > > </cfif>
> > > </cfif>
> > >
> > >
> > > =====
> > > Veni, Vedi, Velcro.
> > > I came, I saw, I stuck with it.
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Get email at your own domain with Yahoo! Mail.
> > > http://personal.mail.yahoo.com/
> > >
> > >
> >
>
-------------------------------------------------------------------------
> > > This email server is running an evaluation copy of the
> MailShield
> > > anti-
> > > spam software. Please contact your email administrator if you
> have
> > > any
> > > questions about this message. MailShield product info:
> > > www.mailshield.com
> > >
> > > -----------------------------------------------
> > > To post, send email to [EMAIL PROTECTED]
> > > To subscribe / unsubscribe: http://www.dfwcfug.org
> > >
> > >
> >
>
-------------------------------------------------------------------------
> > > This email server is running an evaluation copy of the
> MailShield
> > > anti-
> > > spam software. Please contact your email administrator if you
> have
> > > any
> > > questions about this message. MailShield product info:
> > > www.mailshield.com
> > >
> > > -----------------------------------------------
> > > To post, send email to [EMAIL PROTECTED]
> > > To subscribe / unsubscribe: http://www.dfwcfug.org
> > >
> >
> >
>
-------------------------------------------------------------------------
> > This email server is running an evaluation copy of the MailShield
> > anti-
> > spam software. Please contact your email administrator if you
> have
> > any
> > questions about this message. MailShield product info:
> > www.mailshield.com
> >
> > -----------------------------------------------
> > To post, send email to [EMAIL PROTECTED]
> > To subscribe / unsubscribe: http://www.dfwcfug.org
>
>
> =====
> Veni, Vedi, Velcro.
> I came, I saw, I stuck with it.
>
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
>
>
-------------------------------------------------------------------------
> This email server is running an evaluation copy of the MailShield
> anti-
> spam software. Please contact your email administrator if you have
> any
> questions about this message. MailShield product info:
> www.mailshield.com
>
> -----------------------------------------------
> To post, send email to [EMAIL PROTECTED]
> To subscribe / unsubscribe: http://www.dfwcfug.org
>
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
