Did you updateapp / reload security?
On Fri, Jan 30, 2009 at 11:05 AM, Chris Roth <[email protected]> wrote:
>
> Blair,
>
> Here's the authenticate function in my cmiad.cfc. Am i missing
> something? Does setting stResult = StructNew() not create an empty
> struct?
>
> <cffunction name="authenticate" access="public" output="true"
> returntype="struct" hint="Attempts to process a user. Runs every time
> the login form is loaded.">
> <cfset var stResult = structnew() />
> <cfset var qResult = "" />
>
> <cfimport taglib="/farcry/core/tags/formtools/" prefix="ft"
> />
>
> <!--- Return struct --->
>
> <ft:processform>
> <ft:processformObjects typename="#getLoginForm()#">
> <cfset stResult.userid = "" />
> <cfset stResult.authenticated = false />
> <cfset stResult.message = "" />
>
> <!--- Find the user --->
> <cftry>
> <cfldap
> server="#application.config.ldap.host#" action="query"
> name="qResult" start="#application.config.ldap.userstart#"
> scope="base" attributes="*" username="#replace
> (application.config.ldap.userdn,'{userid}',stProperties.username)#"
> password="#stProperties.password#" />
> <cfset stResult.authenticated = true
> />
> <cfset stResult.userid =
> stProperties.username />
>
> <cfcatch>
>
> <!--- CROTH: 1/29/09 disable the
> return variable so that this
> will also look in the FarcryUD
> <cfset
> stResult.authenticated = false />
> <cfset stResult.userid =
> stProperties.username />
> <cfset stResult.message =
> "The username or password is
> incorrect" />
> --->
> <cfset stResult = StructNew()>
> </cfcatch>
> </cftry>
> </ft:processformObjects>
> </ft:processform>
>
> <cfreturn stResult />
>
> </cffunction>
>
> On Jan 29, 2:24 pm, Blair McKenzie <[email protected]> wrote:
> > Check that the ldap authenticate function is returning an empty struct
> when
> > there is no match. Every time the login page is loaded, FarCry loops
> through
> > the user directories trying to authenticate. As soon as a non-empty
> struct
> > is returned (empty == nothing to see here) it stops, and there was either
> an
> > error or the user is logged in.
> >
> >
> >
> > On Fri, Jan 30, 2009 at 6:58 AM, Chris Roth <[email protected]>
> wrote:
> >
> > > Blair,
> >
> > > Thanks for the pointers. I am close but dont seem to quite have it
> > > right, perhaps a litte more guidance.
> >
> > > Here's what I have done so far.
> >
> > > I have a plugin cmiAD which is basically a modified version of
> > > farcryldap. Its working just fine.
> >
> > > In webtop - admin - edit config - general config - login props -
> > > default UD I have set to my cmiAD
> >
> > > At thie point I can login with either a Farcry or cmiAD user. The
> > > login form has the select UD option..... following your guidance..
> >
> > > I have made the following changes to my cmiAD plugin files.
> >
> > > 1. copied the folder\file farLogin\displayLogin.cfm from core\webskins
> > > to \plugins\cmiAD\weskins
> > > 2. commented out <sec:SelectUDLogin> in \plugins\cmiAD\weskins
> > > \farLogin\displayLogin.cfm
> >
> > > 3. cmiAD.cfc - modified getLoginForm to return farLogin
> > > 4. cmiAD.cfc - commented out the setting of stResult variables between
> > > the <cfcatch> tags
> >
> > > Refresh app and I get 70% there.
> >
> > > 1. My login page no longer has user directory select
> > > 2. I can login with my AD account
> > > 3. FAIL: I can not login with a farcry user account
> >
> > > I suppose somwhere there needs to be instructions to pass the supplied
> > > username/password to all "configured" User Directories, but I am not
> > > sure where to put that. Help?
> >
> > > On Jan 28, 3:24 pm, Blair McKenzie <[email protected]> wrote:
> > > > 1. Modify the login skin for the default user directory to remove
> the
> > > > directory select
> > > > 2. Modify the default user directory authentication function so
> that a
> > > > user-doesn't-exist failure does not return an error struct
> > > > 3. Make sure that the authentication function for both user
> > > directories
> > > > process the form (e.g. they both use the farLogin form)
> >
> > > > I think that's all you need.
> >
> > > > Blair
> >
> > > > On Thu, Jan 29, 2009 at 9:00 AM, Chris Roth <[email protected]>
> > > wrote:
> >
> > > > > I have modified the farcryldap plugin to work with our Active
> > > > > Directory configuration, and from what I can tell thus far, its
> > > > > working just fine (logins, groups, etc.)
> >
> > > > > However, I really dislike the login page that now requires the user
> to
> > > > > "select" the user directory.
> >
> > > > > We have AD users (internal employees) and FCUD users (external non-
> ad
> > > > > people) that will need to be logging in.
> >
> > > > > Has anyone, or can someone provide some guidance on making the
> login
> > > > > page work like 4.x...
> >
> > > > > If a login is not found in say the FCUD, check the ADUD.. etc
> before
> > > > > denying/granting access?- Hide quoted text -
> >
> > > > - Show quoted text -- Hide quoted text -
> >
> > - Show quoted text -
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"farcry-dev" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/farcry-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
