ColdFusion Developer's Guide
22.08.2013 Views
Share Embed Flag

ColdFusion Developer's Guide

ColdFusion Developer's Guide

ColdFusion Developer's Guide

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
afpnet.org

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Beta Beta Beta Beta Beta Beta Beta Beta Beta Beta<br />

Using <strong>ColdFusion</strong> security without cookies<br />

You can implement a limited-lifetime form of <strong>ColdFusion</strong> security if the user’s browser does<br />

not support cookies. In this case you do not use the cflogin tag, only the cfloginuser tag.<br />

It is the only time you should use the cfloginuser tag outside a cflogin tag.<br />

Without browser cookies, the effect of the cfloginuser tag is limited to a single HTTP<br />

request. You must provide your own authentication mechanism and call cfloginuser on<br />

each page on which you use <strong>ColdFusion</strong> login identification.<br />

Using <strong>ColdFusion</strong> security tags and<br />

functions<br />

<strong>ColdFusion</strong> provides the following tags and functions for user security:<br />

Tag or function Purpose<br />

cflogin A container for user authentication and login code. The body of the<br />

tag runs only if the user is not logged in. When using applicationbased<br />

security, you put code in the body of the cflogin tag to check<br />

the user-provided ID and password against a data source, LDAP<br />

directory, or other repository of login identification. The body of the<br />

tag includes a cfloginuser tag (or a <strong>ColdFusion</strong> page that contains a<br />

cfloginuser tag) to establish the authenticated user’s identity in<br />

<strong>ColdFusion</strong>.<br />

cfloginuser Identifies (logs in) a user to <strong>ColdFusion</strong>. Specifies the user’s ID,<br />

password, and roles. This tag is typically used inside a cflogin tag.<br />

The cfloginuser tag requires three attributes, name, password, and<br />

roles, and does not have a body. The roles attribute is a commadelimited<br />

list of role identifiers to which the logged-in user belongs. All<br />

spaces in the list are treated as part of the role names, so you should<br />

not follow commas with spaces.<br />

While the user is logged-in to <strong>ColdFusion</strong>, security functions can<br />

access the user ID and role information.<br />

cflogout Logs out the current user. Removes knowledge of the user ID and<br />

roles from the server. If you do not use this tag, the user is<br />

automatically logged out as described in “Logging out users”<br />

on page 468.<br />

The cflogout tag does not take any attributes, and does not have a<br />

body.<br />

Using <strong>ColdFusion</strong> security tags and functions 463

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!