4 Replies Latest reply: Jan 31, 2014 10:16 PM by askasok RSS

    cgi.auth_user not staying set

    Kevlar Community Member

      I had CF8 running on iis7 and this used to work fine.  When a user logged into IIS7 with windows authentication, the cgi.auth_user variable would stay set the entire time they were in the particular folder that required authentication.

       

      I just upgraded to CF10 and iis7.5 and now, when a user logs into a folder that requires windows authentication, the cgi.auth_user variable is set for just the page which required authentication, when they travel to the next page(s) via links, the cgi.auth_user variable is changed to NULL.

       

      The entire folder is set to require windows authentication, but no cgi.auth_user value is set...

       

      Can anybody help?

        • 1. Re: cgi.auth_user not staying set
          Kevlar Community Member

          It only took a couple of hours... but eventually I figured out it is an IIS problem.  If Windows Authentication is set on the folder level... it MUST be enabled at the server level before it will populate the CGI variables throughout the application (instead of just the initial page).  So the server level has both anonymous and windows authentication enabled and the folder that is restricted has anonymous disabled and windows authentication enabled.

          • 2. Re: cgi.auth_user not staying set
            Tariq Ahmed [ACP]

            Hey there, we're running into the same thing.

             

            When you mean Server level, are you talking about the IIS Site itself?

             

            Sites->{site name}->Authentication->Windows Authentication = Enabled

             

            We have that set, and it generally works... but then randomly doesn't and users have to reopen their browser.

            • 3. Re: cgi.auth_user not staying set
              Kevlar Community Member

              Above sites... at the server (whatever the server is named) as well as the site.  Both need to have anonymous enabled as well as windows authentication enabled.  Then the folder you want to protect needs to have anonymous disabled.

               

              Still not perfect though as I find some user installed browsers (with various add-ons) just refused to cooperate.

              • 4. Re: cgi.auth_user not staying set
                askasok Community Member

                Has anyone been able to get this to work with CF10 and IIS 8.5 (Win Server 2012 R2)?

                 

                When we do this on IIS 8.5 the session still drops.