9 Replies Latest reply on Feb 26, 2008 1:19 PM by Vashuu

    Get HTTPS with Windows log/pass

    Vashuu


      This is the page i want to acces via a cfm page (CF7) :
      quote:

      https://www.zft.adp.com/dock/

      i tried
      quote:

      <cfhttp url="https://www.zft.adp.com/dock/" method="GET" port="443" username="igottheusername" password="andgotpass" resolveurl="Yes" />

      and i got this message
      quote:

      Forbidden You don't have permission to access /dock/ on this server.


      but when i go to https://www.zft.adp.com/dock/ with ie, its working fine.

      I Guess it is because of the windows login/pass.
      is there a way to do it with cfhttp or anyhting else ?
      I think the username and password of the cfhttp tag is not the correct one. But I don't know how to deal with this windows log/pass

      Thank you in advance.
        • 2. Re: Get HTTPS with Windows log/pass
          Vashuu Level 1
          So you mean, there is noting we can do if there is windows authentication.

          The site have to use basic authentication only ?.
          • 3. Re: Get HTTPS with Windows log/pass
            Level 7
            Vashuu wrote:
            > So you mean, there is noting we can do if there is windows authentication.
            >
            > The site have to use basic authentication only ?.

            Yes. Window's integrated Authentication only works from a Windows
            Server connection to a Windows Browser running on a Windows OS, thus the
            "Windows" integrated part of the protocol.

            <cf_http...> does not use a "Windows" browser. It uses ColdFusion's
            built in browser. This bare bones browser is also used for schedule
            tasks and other HTTP operations.
            • 5. Re: Get HTTPS with Windows log/pass
              Vashuu Level 1
              How do i know if a site use basic authentication or windows authentication
              i mean both use windows popup for login/pass right ?

              • 6. Re: Get HTTPS with Windows log/pass
                JR "Bob" Dobbs-qSBHQ2 Level 3
                quote:

                Originally posted by: Vashuu
                How do i know if a site use basic authentication or windows authentication
                i mean both use windows popup for login/pass right ?



                Easy way: If you can login with Firefox, or another non-IE browser, it can support non-Windows authentication, which usually means basic authentication.

                Harder way: Look at the HTTP header in the response to your page request and look for "WWW-Authenticate: Basic"

                • 7. Re: Get HTTPS with Windows log/pass
                  Vashuu Level 1
                  Thanks for your quick answer!

                  1- yes i can acces with firefox, with a popup for log/pass
                  2- HTTP/1.1 401 Authorization Required
                  Date: Tue, 26 Feb 2008 20:17:17 GMT
                  WWW-authenticate: basic realm="root [21:17:17:824]"
                  Set-Cookie: SMCHALLENGE=YES; path=/; domain=.adp.com; secure
                  Content-Length: 467
                  Connection: close
                  Content-Type: text/html; charset=iso-8859-1

                  So the site use basic authentication.
                  So normaly i can use
                  <cfhttp url="https://www.zft.adp.com/dock/" method="GET" port="443" username="igottheusername" password="andgotpass" resolveurl="Yes" />
                  with username and password, i guess
                  but i have this response from the site :
                  Forbidden You don't have permission to access /dock/ on this server.

                  On one side i can acces the site with log/pass when i use any browser, but on the other site,when i use a cfm page with cfhttp, i got a error message telling i don't have the permission.

                  Is there a certain kind of privilege the /dock/ need to have to be access by CF
                  • 8. Re: Get HTTPS with Windows log/pass
                    JR "Bob" Dobbs-qSBHQ2 Level 3
                    quote:

                    Originally posted by: Vashuu
                    Thanks for your quick answer!

                    1- yes i can acces with firefox, with a popup for log/pass
                    2- HTTP/1.1 401 Authorization Required
                    Date: Tue, 26 Feb 2008 20:17:17 GMT
                    WWW-authenticate: basic realm="root [21:17:17:824]"
                    Set-Cookie: SMCHALLENGE=YES; path=/; domain=.adp.com; secure
                    Content-Length: 467
                    Connection: close
                    Content-Type: text/html; charset=iso-8859-1

                    So the site use basic authentication.
                    So normaly i can use
                    <cfhttp url="https://www.zft.adp.com/dock/" method="GET" port="443" username="igottheusername" password="andgotpass" resolveurl="Yes" />
                    with username and password, i guess
                    but i have this response from the site :
                    Forbidden You don't have permission to access /dock/ on this server.

                    On one side i can acces the site with log/pass when i use any browser, but on the other site,when i use a cfm page with cfhttp, i got a error message telling i don't have the permission.

                    Is there a certain kind of privilege the /dock/ need to have to be access by CF


                    <ShotInTheDark>
                    I see that a cookie is included in the headers. It is possible that the server requires a cookie to be set in addition to to the username and password. You might try adding the cookie data with cfhttpparam.
                    </ShotInTheDark>
                    • 9. Re: Get HTTPS with Windows log/pass
                      Vashuu Level 1
                      That is correct MR JR "Bob" Dobbs !
                      thxs so much