0 Replies Latest reply on Jan 11, 2007 9:44 AM by Beals

    Basic HTTP Authentication with CF

      For the greater bulk of our intranet, forms-based authentication suffices. There are, however, certain resources the access to which is governed by Active Directory memberships and so we enforece HTTP authentication. I've been trying to discover a way for the user to have a seamless interaction between the two.

      I have been able to connect to a protected resource using cfhttp & the cfx_http5 custom tag. The problem is that once the resource is accessed, if the resource itself involves multiple pages, the secondary pages require the authentication. How can the u/p credentials be passed along to the actual page?

      For example directory A basic authentication turned on and anonymous access disabled and is NOT on the same server as CF. Directory A as Page B and Page C. Page B links to Page C. I can load the contents of Page B using CFHTTP, but when trying to click the link one Page B to Page C I am required to authenticate as Page C loads.

      I have tried using javascript, cfhtmlhead, and cflocation to redirect the user to the actual page that cfhttp accessed but all with no avail. I suspect somehow the headers have to be rewritten, but have no idea how to do it. Any help would greatly be appreciated.

      To compound the issue, I cannot simply require the HTTP authentication at the outset, which in a given session might solve the problem, because there are accounts that are not part of the active directory that need general access.