>> No, you must check with the original login form on the .NET application.
Here is how I check with the original login form on the .Net app. 1. Delete all cookies 2. Go to login form in .Net. 3. View cookie: There is a cookie ASP.NET_SessionId=4mnaix453yw12h55ox3myn45 4. DELETE that cookie 5. Click Submit 6. View Cookie: Two cookies: ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55 (note: different value) and .ASPXAUTH=314508822A3EDF0... 7. Log off then view cookie: There is only ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55 but .ASPXAUTH=314508822A3EDF0... does not exist. >> The thing that is weird is that, with cookies disabled, the login action >> will fail. >> The question then is how does the login action know that cookies are >> disabled? I thought that this is the key but I don't have the answer. :( I am 100% sure but I think that the thing which you asked me to disable cookie and try to login using login form is a very important which gave us the reason why login with cfhttp failed. >> You told me that the login fails when cookies are disabled, but what if >> they are enabled, >> but Javascript is disabled ? The login action is working well with JS disabled and cookie is enabled. >> Finally, is there an address (and some code + password) I could use to >> test the real application >> by myself? I would be more than happy to give you one when I get a new testing account. Probably not soon as it's public holidays now in Australia :( Anyway, I really appreciate your time and help so far -----Original Message----- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Sunday, 5 November 2006 1:12 PM To: CF-Talk Subject: Re: Using CFHTTP to login >>2- Go to http://localhost/SingleLogin/login.cfm (which is the login form) 3- View Cookies: There is a cookie has been written by CF with CFID, No, you must check with the original login form on the .NET application. The CF template you've made does not set any cookie (except the one set by CF). The idea is the check if the ORIGINAL login form in the .NET application sets a cookie, because this is the one you must fake when you simulate the login form by CFHTTP. The thing that is weird is that, with cookies disabled, the login action will fail. The question then is how does the login action know that cookies are disabled? The only way I have in mind is that the action will verify the presence of a cookie set by the form. There is also a Javascript property "cookieEnabled" that the system can also check. You told me that the login fails when cookies are disabled, but what if they are enabled, but Javascript is disabled ? Finally, is there an address (and some code + password) I could use to test the real application by myself? -- _______________________________________ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259211 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4