or you could use CFLDAP to authenticate them via CF instead, but remember, cf authentication only protects cfml pages, nothing else, so use a native server side solution is better, as Dave suggests.
On Mon, Jul 30, 2012 at 7:26 PM, Dave Watts <dwa...@figleaf.com> wrote: > > > I am creating an application that requires user login. Users are all the > employees within my organization, but not > > every user would use it; only some would. I would like to take advantage > of the users' existing AD domain network > > logins so they don't have to keep track of another account. What they do > is to login our organization's AD domain > > (different sever, different language) and AD would verify it and pass > some kind of ID/token to my CF app. Is this > > possible and how can this be done? Any pointer is really appreciated. > Thanks. > > If the web server is a member of that domain, and if it's running IIS, > you can do this very easily using Integrated Windows Authentication in > IIS. You'll need to set filesystem permissions accordingly, and if you > want users to authenticate silently they'll have to have their > browsers configured to do this. Within your CF code, you can then look > at the CGI.AUTH_USER variable - at least, I think that's the right > one, but you can just dump the CGI scope and see for yourself. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352022 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm