>> No, you must check with the original login form on the .NET application.

Here is how I check with the original login form on the .Net app.

1. Delete all cookies
2. Go to login form in .Net.
3. View cookie: There is a cookie ASP.NET_SessionId=4mnaix453yw12h55ox3myn45
4. DELETE that cookie
5. Click Submit
6. View Cookie: Two cookies: ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55
(note: different value) and .ASPXAUTH=314508822A3EDF0...
7. Log off then view cookie: There is only
ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55 but .ASPXAUTH=314508822A3EDF0...
does not exist.

>> The thing that is weird is that, with cookies disabled, the login action 
>> will fail.
>> The question then is how does the login action know that cookies are 
>> disabled?

I thought that this is the key but I don't have the answer. :(
I am 100% sure but I think that the thing which you asked me to disable
cookie and try to login using login form is a very important which gave us
the reason why login with cfhttp failed.

>> You told me that the login fails when cookies are disabled, but what if 
>> they are enabled,
>> but Javascript is disabled ?

The login action is working well with JS disabled and cookie is enabled.

>> Finally, is there an address (and some code + password) I could use to 
>> test the real application
>> by myself?

I would be more than happy to give you one when I get a new testing account.
Probably not soon as it's public holidays now in Australia :(

Anyway, I really appreciate your time and help so far




-----Original Message-----
From: Claude Schneegans [mailto:[EMAIL PROTECTED] 
Sent: Sunday, 5 November 2006 1:12 PM
To: CF-Talk
Subject: Re: Using CFHTTP to login

 >>2- Go to http://localhost/SingleLogin/login.cfm (which is the login form)
3- View Cookies: There is a cookie has been written by CF with CFID,

No, you must check with the original login form on the .NET application.
The CF template you've made does not set any cookie (except the one set 
by CF).
The idea is the check if the ORIGINAL login form in the .NET application
sets a cookie, because this is the one you must fake when you simulate 
the login form by CFHTTP.

The thing that is weird is that, with cookies disabled, the login action 
will fail.
The question then is how does the login action know that cookies are 
disabled?

The only way I have in mind is that the action will verify the presence 
of a cookie
set by the form.

There is also a Javascript property "cookieEnabled" that the system can 
also check.

You told me that the login fails when cookies are disabled, but what if 
they are enabled,
but Javascript is disabled ?

Finally, is there an address (and some code + password) I could use to 
test the real application
by myself?

-- 
_______________________________________
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting,
up-to-date ColdFusion information by your peers, delivered to your door four 
times a year.
http://www.fusionauthority.com/quarterly

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259211
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to