Hi all,
Access to my intranet is authenticated externally using a
webagent. When successful, the webagent passes the username back to
the environment, so I know the user is allowed access to the site
home page. I need to further restrict (authorize) access to
sub-directories (applications), and can access AD to check a user's
group membership using <cfldap> and the username passed in
from the webagent in the "filter" attribute. At this point I would
like to log the user into the site using the security framework.
Typically, <cflogin> checks whether the "cflogin" objects
already exist, and if not, a login form is presented, and
j_username and j_password posted so that CF can create the cflogin
structures that include cflogin.name and cflogin.password. Since I
already know the user has been authenticated, I do not want to
present a second login screen, but rather want to log the user
directly into the security framework after the user's groups
(roles) are pulled from AD.
My question (finally) is whether the "cflogin" structures
must exist before I can log a user in using <cfloginuser>. If
so, can I create the necessary structures programatically and
populate them without going through a login screen and posting
j_username/j_password? If anyone has done this, please let me know.
Thanks in advance.
Jim