Adobe 38043740 - ColdFusion Standard - Mac Development Manual page 352
Developing applications
Hide thumbs
Also See for 38043740 - ColdFusion Standard - Mac:
- User manual (112 pages) ,
- Manual (87 pages)
Table of Contents
Advertisement
DEVELOPING COLDFUSION 9 APPLICATIONS
Developing CFML Applications
<cflogin>
<cfif NOT IsDefined("cflogin")>
<cfinclude template="loginform.cfm">
<cfabort>
<cfelse>
<!--- Code to authenticate the user based on the cflogin.user and
cflogin.password values goes here. --->
<!--- If User is authenticated, determine any roles and use a line like the
following to log in the user. --->
<cfloginuser name="#cflogin.name#" Password = "#cflogin.password#"
roles="#loginQuery.Roles#">
</cfif>
</cflogin>
A simple login form looks like the following:
<cfform name="loginform" action="#CGI.script_name#?#CGI.query_string#"
method="Post">
<table>
<tr>
<td>user name:</td>
<td><cfinput type="text" name="j_username" required="yes"
message="A user name is required"></td>
</tr>
<tr>
<td>password:</td>
<td><cfinput type="password" name="j_password" required="yes"
message="A password is required"></td>
</tr>
</table>
<br>
<input type="submit" value="Log In">
</cfform>
Use a browser dialog box to get user information
Application authentication does not require you to use a login form; you can rely on the browser to display its standard
login dialog box, instead. To do so, your
logged in or if the login fails; that is, if it does not have a valid cflogin structure. The browser displays its login dialog
box. When the user clicks the login button on the dialog box, the browser returns the login information as an HTTP
Authorization header to ColdFusion, which places the information in the
This technique has the advantage of simplicity; you do not need a login form and the user gets a familiar-looking login
page. Be careful of security issues, however. The browser sends the user name and password in a base64-encoded
string, not just when the user logs in, but with each request. Use SSL (Secure Sockets Layer) for all page transactions
to protect the user ID and password from unauthorized access.
Note: Ensure that your web server is configured correctly to support browser-based login forms for this use. For example,
in IIS 5, enable anonymous access and disable Basic authentication and Integrated Windows authentication.
The following
tag tells the browser to display a login form if the user has not logged in:
cflogin
tag body returns an HTTP status 401 to the browser if the user is not
cflogin
Last updated 1/20/2012
tag's cflogin structure.
cflogin
347
Advertisement
Table of Contents
Related Manuals for Adobe 38043740 - ColdFusion Standard - Mac
Related Products for Adobe 38043740 - ColdFusion Standard - Mac
- Adobe 38040334 - Dreamweaver CS3
- Adobe 38040286 - Contribute CS3 - PC
- Adobe 38040165 - Visual Communicator - PC
- Adobe 38043755 - ColdFusion Enterprise - Mac
- Adobe 38000511 - Macromedia Flash Basic
- Adobe 38039927 - Fireworks CS3 - PC
- Adobe 38039481 - Flash CS3 Professional
- Adobe 38000827 - Macromedia ColdFusion MX Standard Edition