: Dawson, Michael [mailto:m...@evansville.edu]
Sent: 12 January 2009 17:39
To: cf-talk
Subject: RE: Active Directory - Getting a users Accountname
Regardless of the device (PC, thin client, phone), if you are using
Windows Basic Authentication, it probably brings back a
username/password in the CGI scope
Sounds like the authentication on the website may still allow Anonymous
Authentication then. In IE at least, the auth_user only gets set when the user
is prompted to login to access the site, and that only happens when the site
disallows open access. Are you getting a popup prompt for
...@wanax.com]
Sent: 13 January 2009 12:11
To: cf-talk
Subject: Re: Active Directory - Getting a users Accountname
Sounds like the authentication on the website may still allow Anonymous
Authentication then. In IE at least, the auth_user only gets set when
the user is prompted to login to access
To: cf-talk
Subject: RE: Active Directory - Getting a users Accountname
No user prompt appears, and I don't want it to. I want it to pick up
the users windows login id automatically from when they logged into the
windows domain.
Can this be done, so for example it would dump a auth_user variable
Aha, that you cannot do then. The browser is sandboxed away from the operating
system, so you would not have access to the workstation credentials without
something in between, like an ActiveX component or something.
~|
Aha, that you cannot do then. The browser is sandboxed away from the
operating system,
so you would not have access to the workstation credentials without something
in between,
like an ActiveX component or something.
That's not correct. The browser can pass your Windows login
credentials
Dave,
If the site is set to allow anonymous access, the browser only ever sees
auth_user = , isn't that true? Is there some other parameter where the
browser can 'see' the users's Windows login info?
Aha, that you cannot do then. The browser is sandboxed away from
the operating system,
If the site is set to allow anonymous access, the browser only ever sees
auth_user = ,
isn't that true? Is there some other parameter where the browser can 'see'
the users's
Windows login info?
Well, if the site is set to allow anonymous access, I don't think the
server will see anything.
SAMACCOUNTNAME is not a variable you can dump in this example. Try cfdump
var=#adresult# / and you will see what you are getting back from the server.
Adresult should be similar to a query object, with samaccountname as a column.
Steve
From: Ian
If you are using Windows authentication security, it will be available
as cgi.auth_user.
It may be different, depending on your web server. CFDUMP the cgi scope
to be sure.
Mike
-Original Message-
From: Ian Vaughan [mailto:i.vaug...@neath-porttalbot.gov.uk]
Sent: Monday, January 12,
Also, watch out for possible legal values that users pass in.
They can enter:
username
domain\username
domain/username
usern...@domain.com
You will need to strip off anything that is not the username before you
use it in your CFLDAP filter, if you are filtering on sAMAccountName.
If they type
To: cf-talk
Subject: RE: Active Directory - Getting a users Accountname
If you are using Windows authentication security, it will be available
as cgi.auth_user.
It may be different, depending on your web server. CFDUMP the cgi scope
to be sure.
Mike
-Original Message-
From: Ian Vaughan
such as NT
Challenge/Response or Digest?
Mike
-Original Message-
From: Ian Vaughan [mailto:i.vaug...@neath-porttalbot.gov.uk]
Sent: Monday, January 12, 2009 11:09 AM
To: cf-talk
Subject: RE: Active Directory - Getting a users Accountname
Hi Mike
It is using Windows authentication security
13 matches
Mail list logo