Instead of doing a CFLocation, do a CFInclude. This will replace the current page's contents with your login page.
<cflogin idletimeout="29"> <cfif not IsDefined("cflogin")> <cfinclude template="loginform.cfm"> <cfabort> <cfelse> <!---Invoke dbsecurity CFC ---> <cfscript> //Instantiate the component dbauth=createobject("component","components.Security"); authenticated=dbauth.authenticateUser(username=cflogin.name,password=cflogin ..password); </cfscript> <cfif authenticated><!--- if true get roles else invalid login ---> <cfset roles=dbauth.getUserRoles(cflogin.name)> <cfloginuser name="#cflogin.name#" password="#cflogin.password#" roles="#roles#"> <cfset session.displayroles=roles><!--- for displaying roles only ---> <cfelse> <cfset loginmessage="Invalid Login"> <cfinclude template="loginform.cfm"> <cfabort> </cfif> </cfif> </cflogin> -----Original Message----- From: Jack Benson [mailto:[EMAIL PROTECTED] Sent: Monday, March 28, 2005 10:04 AM To: CF-Talk Subject: redirection/user authentication Hey, folks. Having a bit of trouble setting up a basic application based user authentication on my site. I keep getting an error in mozilla-based browers, "redirection limit for this URL exceeded", that sort of thing. In IE, it just won't load at all - eventually gives me a server unavailable error. I've been browsing through forum posts on this sort of problem, and it seems it's sometimes related to cflocation, though I haven't been able to find any sort of clear explanation. Anyway, here's my application.cfm code: <cfsetting showdebugoutput="no"> <cfapplication name="02133" sessionmanagement="Yes" setclientcookies="Yes" applicationtimeout="#CreateTimeSpan(0,0,3,0)#"> <cfparam Name="Application.DSN" Default="MassInc2"> <cfparam name="Request.Debug" default=""> <cfparam Name="Application.SearchCollectionName" Default="02133"> <!--- check if user has logged out ---> <cfif IsDefined("Form.logout")> <cflogout> <cflocation url="/index.cfm"> </cfif> <!--- check if user is logged in ---> <cfset referrer = GetFileFromPath(CGI.Path_info)> <cfif referrer neq "login.cfm"> <cfif NOT IsDefined("cflogin")> <cflocation url="login.cfm"> <cfabort> </cfif> </cfif> What I'm looking for this to do is, if a user hasn't been logged in, send them along to login.cfm - unless, of course, they're already there. Any idea why I'm getting this redirection limit error when I try to call up any of the pages in this application? Thanks! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:200230 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54