Table of Contents
Advertisement
Using the cfauthenticate tag
Using the cfauthenticate tag
The
You usually set the
in a cookie from form fields on a secure login page for the current session.
In addition,
Example
<cfauthenticate securitycontext="MyAppSecurityContextName"
If the user is not already defined in the system, ColdFusion throws a Security
exception. You can either reject access to the resource or reroute the user to a login
page. For example, you can display a login form and then, if the user logs in
successfully, display the originally requested page.
For a longer code example, see "Example of User Authentication and Authorization"
on page 363.
tag has several required attributes:
cfauthenticate
Describes which security context to use for authentication
securityContext
and authorization. This name matches the security context as defined on the
Advanced Security page of the ColdFusion Administrator.
The user name required to access the protected resources.
username
The password required to access the protected resources.
password
username
cfauthenticate
Indicates whether ColdFusion sets a cookie to contain
setCookie
authentication information. This cookie is encrypted and includes the user
name, security context, browser remote address, and the HTTP user agent.
Default is Yes.
Indicates whether ColdFusion throws an exception of type
throwOnFailure
Security if authentication fails. Default is Yes.
username=#userID#
password=#pwd#>
and
attributes using variables that are passed
password
has two optional attributes:
359
Advertisement
Table of Contents
Need help?
Do you have a question about the COLDFUSION 5-DEVELOPING and is the answer not in the manual?
Questions and answers