I have an app that currently authenticates against an AD and I'm updating it to also look in a database for users as well. My code currently is as follows:
<cflogin> <cfif IsDefined("Form.task") and Form.task eq "login"> <cfset theusername="#Form.strUsername#"> <cfset thepassword="#Form.strPassword#"> <cfset thedomain="****"> <!--- authenticate against the AD ---> <cfntauthenticate username="#theusername#" password="#thepassword#" domain="#thedomain#" result="authresult" listgroups="no"> <!--- authenticate against the database ---> <cfquery name="loginCheck" datasource="#Application.dsn#"> select role, needPasswordReset from v_users where oprid = '#theusername#' and password = '#hash(thepassword,"sha-256")#' and isInactive is null </cfquery> <!--- if either the AD or the database validates the user creds, then... ---> <cfif (authresult.auth) or (loginCheck.recordcount gt 0)> <!--- check to see if the authenticated user exists in the database ---> <cfquery name="getUserInfo" datasource="#Application.dsn#"> select role from v_users where oprid = '#theusername#' and isInactive is null; </cfquery> <cfif getUserInfo.recordcount gt 0> <cfloginuser name="#theusername#" password="#thepassword#" roles="#getUserInfo.role#"> <cfset session.username = GetAuthUser() > <cfset session.userrole = GetUserRoles() > <!--- redirect the user if they need to reset their password ---> <cfif loginCheck.needPasswordReset eq 1> <cfset myFusebox.relocate(url="./?fuseaction=m.passwordupdform") /> </cfif> </cfif> </cfif> </cfif> </cflogin> Right now as it is written I'm still able to log in normally via AD. If I use a database user, the code will run but getAuthUser() will return a blank. I even stripped out the CFNTAuthenticate and ran it with just the database validation but cfloginuser wouldn't run for me. Has anyone seen this before? tia, - Joe ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:322186 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4