cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Coldfusion 10 and IIS 7.5 and SiteMinder

biswasp
New Here ,
Nov 14, 2012 Nov 14, 2012

Copy link to clipboard

Copied

I have coldfusion 10 running on IIS 7.5. The websites are protected by SiteMinder web agent. When a user makes a request, IIS sends the request to Siteminder which adds custom value (e.g., sm_user) to the header. I can see the values in IIS but when this request is redirected to the application via the coldfusion 10 isapi_redirect.dll file, the user is denied access and the user value is missing. Looks like isapi_redirect.dll is stripping off the user information due to which the user is getting access denied messages. I have checked the version of isapi_redirect.dll file which is 1.2.32.

Any help is greatly appreciated.

Views

1.6K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
Carl Von Stetten
Guide ,
Nov 15, 2012 Nov 15, 2012

Copy link to clipboard

Copied

Since the "sm_user" is a custom value, I wouldn't expect ColdFusion to expose it via CGI (although if it did previously in CF9 or earlier, I'd say then you have a valid bug).  However, it should still be accessible (just not in the CGI scope).  You might be able to see the "sm_user" value if you use getHTTPRequestData():

public string function getSM_User output='false'

      {

           var httpRequest = GetHttpRequestData();

           if(structKeyExists(httpRequest, "headers")

                && structKeyExists(httpRequest.headers, "sm_user"))

           {

                return httpRequest.headers.sm_user;

           }

return '';

}

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
biswasp
New Here ,
Dec 05, 2012 Dec 05, 2012

Copy link to clipboard

Copied

LATEST
In Response To Carl Von Stetten

Hi Carl,

Thanks for your response. I was able to figure this out. I had to remove the handler mappings and ISAPI filters for SiteMinder so that the website is no longer protected by SiteMinder. Then I added back the handler mappings and ISAPI filters for SiteMinder to the website and did an IIS reset. Now, cgi.ALL_HTTP returns all siteminder added custom values.

Thanks

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices