• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Windows Authentication on a Coldfusion Application

Participant ,
Jun 25, 2008 Jun 25, 2008

Copy link to clipboard

Copied

Hi community!

I am working on a coldfusion application and I had a meeting today to show my client my progress. The IT director asked if they could use Windows Authentication in the new program because the doctors and therapists forget everything. My answer was kind of defensive but they asked me to figure that out.

I have no idea as where to start! Can somebody put some light in my head?
Any thoughts? Any ideas? Any resources?

I work full time in a software development company, this project is part of the jobs I do on the side so I can afford gas! he,he In my primary job we have never created a coldfusion app that works like that. So that's why I am confused.

Thanks fellows!
TOPICS
Advanced techniques

Views

6.2K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Jun 26, 2008 Jun 26, 2008

Copy link to clipboard

Copied

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Engaged ,
Jun 26, 2008 Jun 26, 2008

Copy link to clipboard

Copied

I use integrated Windows Authntication on my intranet. There is a checkbox for it under IIS.

This allows the uername to be visible to CF using the #cgi.auth_user# variable.

As for security, I maintain a data table with each username and appropriate permissions. In my application, I merely confirm that the currently logged in user is authorized for given areas of my site.

Works great. The only real caveat is that some places might aruge that you are not verifying that the person behind the keyboard is really the person currently logged into that particular machine on the network. My defense is that this scenario is the responsibility of the currently logged in user, rather than the web developer. Your environment may dictate more stringent criteria or verification.

BTW: My implementation has passed muster with our security audits in the medical field for the last eight or nine years.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 29, 2008 Jun 29, 2008

Copy link to clipboard

Copied

The easirt solution will be to start using <cfntauthenticate> tag as you can verify the login against an NT/AD domain

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 01, 2008 Jul 01, 2008

Copy link to clipboard

Copied

We have several applications that authenticate against a Windows Server 2003 Active Directory via general LDAP calls. The LDAP bind itself is contained inside a component, and it's boolean return dictates the flow of the cflogin tag to authenticate the user.


Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
Jul 01, 2008 Jul 01, 2008

Copy link to clipboard

Copied

Hi guys! All of your responses are really useful. I will continue to research. I will provide more information about my network so you guys have a better idea of what I am dealing with. My network runs on Windows Server 2003. It's a wide area network that connects 8 clinics and 2 main offices in a radius of 75 miles. So I am dealing with doctors, therapists, etc.

My web app runs on Apache Web Server and I am writing the new application in Coldfusion 8. I am using a Microsoft SQL 2005 database. I appreciate more ideas! Thanks a lot guys!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Engaged ,
Jul 02, 2008 Jul 02, 2008

Copy link to clipboard

Copied

LATEST
Forget my post about windows authentication if you are using Apache. Looks like CFNTAUTHENTICATE might be the direction to look into.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation