Table of Contents
Advertisement
DEVELOPING COLDFUSION 9 APPLICATIONS
Developing CFML Applications
This file contains a ColdFusion login form. The wizard generates this file for all options, but
mm_wizard_login.cfm
does not use it if you specify Browser Dialog login.
index.cfm or mm_wizard_index.cfm
otherwise, creates an mm_wizard_index.cfm page. These pages let you test the generated login code before you
implement your application, or without using any of your standard application pages. To test your login, open the
index.cfm page in your browser.
Modifying the login code for your application
The Login Wizard creates a basic framework for authenticating a user. Customize this framework to meet the needs
of your application. Typical security-related changes include the following:
• Providing user-specific role information in the
• Authenticating users against a database
Providing user-specific role information
The Login Wizard sets all users in a single role. In mm_wizard_authenticate.cfc, the performlogin method is hard-
coded to set the role to "user." The authentication routines handle roles differently. (For the details, see the
mm_wizard_authenticate.cfc code.) If your application uses roles for authorization, change the authentication method
to get and return valid role information, and change the performlogin method to use the information in the
attribute of its
cfloginuser
Authenticating users against a database
If you use a database to maintain user IDs and passwords, create your login framework by specifying simple
authentication, and modify the code to use the database. The following instructions describe a simple way to change
the code to use a database. They do not include all the cleanup work (particularly, removing the hard-coded user name
and password) needed for a well-formatted application.
Replace the following code:
<cfif sUserName eq uUserName AND sPassword eq uPassword>
<cfset retargs.authenticated="YES">
<cfelse>
<cfset retargs.authenticated="NO">
</cfif>
<cfreturn retargs>
The wizard generates an index.cfm page if the directory does not have one;
cflogin
tag.
Last updated 8/5/2010
tag
353
roles
Advertisement
Table of Contents
