1. Manuals
  2. Brands
  3. MACROMEDIA Manuals
  4. Software
  5. COLDFUSION 4.5-DEVELOPING WEB
  6. Develop manual

Authentication And Authorization Functions; Using The Isauthenticated Function; Using The Isauthorized Function - MACROMEDIA COLDFUSION 4.5-DEVELOPING WEB Develop Manual

Developing web applications with coldfusion
Hide thumbs
Table of Contents

Advertisement

Chapter 17: Application Security
Example
<CFAUTHENTICATE SECURITYCONTEXT="SecurityContextName"
USERNAME=#userID#
PASSWORD=#pwd#>
If the user has not already been defined in the system, ColdFusion throws a SECURITY
exception. You can either reject access to the resource or re-route the user to a login
page. For example, you can display a login form and then, if the user logs in
successfully, display the originally-requested page.
Go to the section "Example of User Authentication and Authorization" on page 270 to
see a longer code example.

Authentication and Authorization Functions

Once you've used CFAUTHENTICATE to check if the user is defined for a particular
security context, you can use the following security functions throughout your
applications any time you need to authenticate or authorize a user:
IsAuthenticated checks if the current session has been authenticated by the
CFAUTHENTICATE tag.
IsAuthorized checks if the authenticated user has access to the named resource,
based on rules defined in the security context for which the user has been
authenticated.

Using the IsAuthenticated Function

The IsAuthenticated function checks whether a CFAUTHENTICATE tag has been
successfully executed for the current request. If not, it looks for the CFAUTH cookie to
determine if the user is authenticated or not. If you don't set a CFAUTH cookie with
CFAUTHENTICATE, you must call CFAUTHENTICATE for every request in the
application.
The IsAuthenticated function returns TRUE if the user has been authenticated for the
current request; otherwise, it returns FALSE.
If you enter an optional security context parameter for IsAuthenticated, then it returns
true if the user is authenticated in the named security context; otherwise it returns
false.
IsAuthenticated(" security_context_name ")

Using the IsAuthorized Function

Once a user is authenticated, you can use the IsAuthorized function to check which
resources the user is allowed to access. You define d authorization levels when you
create security policies on the Advanced Security page of the ColdFusion
Administrator.
267

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the COLDFUSION 4.5-DEVELOPING WEB and is the answer not in the manual?

Subscribe to Our Youtube Channel

Related Manuals for MACROMEDIA COLDFUSION 4.5-DEVELOPING WEB

Related Content for MACROMEDIA COLDFUSION 4.5-DEVELOPING WEB

This manual is also suitable for:

Coldfusion 4.5

Table of Contents