RE: Using CFHTTP to login
No, you must check with the original login form on the .NET application. Here is how I check with the original login form on the .Net app. 1. Delete all cookies 2. Go to login form in .Net. 3. View cookie: There is a cookie ASP.NET_SessionId=4mnaix453yw12h55ox3myn45 4. DELETE that cookie 5. Click Submit 6. View Cookie: Two cookies: ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55 (note: different value) and .ASPXAUTH=314508822A3EDF0... 7. Log off then view cookie: There is only ASP.NET_SessionId=n4dg3azlmh4ga1mm2wnmmq55 but .ASPXAUTH=314508822A3EDF0... does not exist. The thing that is weird is that, with cookies disabled, the login action will fail. The question then is how does the login action know that cookies are disabled? I thought that this is the key but I don't have the answer. :( I am 100% sure but I think that the thing which you asked me to disable cookie and try to login using login form is a very important which gave us the reason why login with cfhttp failed. You told me that the login fails when cookies are disabled, but what if they are enabled, but Javascript is disabled ? The login action is working well with JS disabled and cookie is enabled. Finally, is there an address (and some code + password) I could use to test the real application by myself? I would be more than happy to give you one when I get a new testing account. Probably not soon as it's public holidays now in Australia :( Anyway, I really appreciate your time and help so far -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Sunday, 5 November 2006 1:12 PM To: CF-Talk Subject: Re: Using CFHTTP to login 2- Go to http://localhost/SingleLogin/login.cfm (which is the login form) 3- View Cookies: There is a cookie has been written by CF with CFID, No, you must check with the original login form on the .NET application. The CF template you've made does not set any cookie (except the one set by CF). The idea is the check if the ORIGINAL login form in the .NET application sets a cookie, because this is the one you must fake when you simulate the login form by CFHTTP. The thing that is weird is that, with cookies disabled, the login action will fail. The question then is how does the login action know that cookies are disabled? The only way I have in mind is that the action will verify the presence of a cookie set by the form. There is also a Javascript property cookieEnabled that the system can also check. You told me that the login fails when cookies are disabled, but what if they are enabled, but Javascript is disabled ? Finally, is there an address (and some code + password) I could use to test the real application by myself? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259211 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
1. Delete all cookies 2. Go to login form in .Net. 3. View cookie: There is a cookie ASP.NET_SessionId=4mnaix453yw12h55ox3myn45 Ah ah! This is their session Id. Now if they keep a session live, they may also have some data stored in it, and if that session is not found by the action template, this may be why the login does not work. Then you have to make sure your CF script will CFHTTP the form first to get that session cookie, then pass it when you CFHTTP the action for the login. 4. DELETE that cookie 5. Click Submit So you deleted the cookie before calling the login action? Then did the login succeed? If it did, it does not prove the cookie is not needed, I'm not sure that deleting a cookie or all cookies wil delete the ones already in memory. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259213 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
4. DELETE that cookie 5. Click Submit So you deleted the cookie before calling the login action? Then did the login succeed? Sorry that I didn't tell you before, it succeeds. The same as I did with the login form in CF. We didn't have any cookie from ..net yet when we go to login form in CF but still working well. -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Monday, 6 November 2006 1:19 AM To: CF-Talk Subject: Re: Using CFHTTP to login 1. Delete all cookies 2. Go to login form in .Net. 3. View cookie: There is a cookie ASP.NET_SessionId=4mnaix453yw12h55ox3myn45 Ah ah! This is their session Id. Now if they keep a session live, they may also have some data stored in it, and if that session is not found by the action template, this may be why the login does not work. Then you have to make sure your CF script will CFHTTP the form first to get that session cookie, then pass it when you CFHTTP the action for the login. 4. DELETE that cookie 5. Click Submit So you deleted the cookie before calling the login action? Then did the login succeed? If it did, it does not prove the cookie is not needed, I'm not sure that deleting a cookie or all cookies wil delete the ones already in memory. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259214 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
The same as I did with the login form in CF. We didn't have any cookie from ...net yet when we go to login form in CF but still working well. Now wait a minute. The CF FORM works, but then the ACTION requested by CFHTTP doesn't right? But the CF form doesn't have the session cookie set by the .NET form, and then cannot transmit it to the action. This could be enough to make the login fails. So, if I were you, I'd try this : 1. CFHTTP the .NET FORM first, 2. get the session cookie, 3. CFHTTP the ACTION with this session cookie. You already tried something similar: !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- but here you call the action page, you should call the FORM page to get the correct session cookie, not the action page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259218 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Yep, I see your point, you reminded me about it before. In the .Net, the login.aspx is the login form as well as login action as it submits to itself. The reason why I did not explain it that clearly as I didn't think it matter (?) and we have a lot messages just discussed on what is what and Sorry if it make some different ;) -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Monday, 6 November 2006 2:06 AM To: CF-Talk Subject: Re: Using CFHTTP to login The same as I did with the login form in CF. We didn't have any cookie from net yet when we go to login form in CF but still working well. Now wait a minute. The CF FORM works, but then the ACTION requested by CFHTTP doesn't right? But the CF form doesn't have the session cookie set by the .NET form, and then cannot transmit it to the action. This could be enough to make the login fails. So, if I were you, I'd try this : 1. CFHTTP the .NET FORM first, 2. get the session cookie, 3. CFHTTP the ACTION with this session cookie. You already tried something similar: !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- . but here you call the action page, you should call the FORM page to get the correct session cookie, not the action page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259221 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
The reason is the html form (login1.cfm) is working well and I try to simulate the login process exactly as we login as that html form. Yes, but you are doing it from your browser. If the login procedure uses tricks to detect if the form really comes from a browser, or from a server, they may use some other characteristics you didn't think of. remember you asked me to try to disable cookie and submit the form that works? I got the same screen as I do with cfhttp which is login form WITHOUT any error message. I would suggest that the problem might be is the asp.net think that the cookie is disabled and the login process does not happen. I think this is it indeed. There must be something not perfect in the way you return the cookies to the .Net application. I would concentrate my efforts on this. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259159 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Yes, but you are doing it from your browser. Another try: When you call the login action from your CF login form, the request is actually sent by your browser. Then, if may have some cookie in it set previously by the server, it will recognize it and the login is accepted. When calling from CFHTTP, you don't have these cookies, and the login fails. Now, can you try again your CF login form just after having erased all your cookies. If some check cookie was set initially by the normal login form, your CF form should fail now. Then you know what you have to look for. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259165 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Thx Claude, here is what I have been trying 1- Delete all Fire fox cookies 2- Go to http://localhost/SingleLogin/login.cfm (which is the login form) 3- View Cookies: There is a cookie has been written by CF with CFID, CFTOKEN, JSESSIONID. Note: No cookie from ASP.net 4- Click Submit Result: Is redirected to member home page: successful 5- View cookie: There are cookies .ASPXAUTH=59EDCFD5BF... and ASP.NET_SessionId=yynrg545cibzz4554zrsfh45 6- Logout 7- View cookie: There is only ASP.NET_SessionId=yynrg545cibzz4554zrsfh45, the .ASPXAUTH has been expired and doesn't exist. Is there anything you think of? -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Sunday, 5 November 2006 3:04 AM To: CF-Talk Subject: Re: Using CFHTTP to login Yes, but you are doing it from your browser. Another try: When you call the login action from your CF login form, the request is actually sent by your browser. Then, if may have some cookie in it set previously by the server, it will recognize it and the login is accepted. When calling from CFHTTP, you don't have these cookies, and the login fails. Now, can you try again your CF login form just after having erased all your cookies. If some check cookie was set initially by the normal login form, your CF form should fail now. Then you know what you have to look for. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259187 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
2- Go to http://localhost/SingleLogin/login.cfm (which is the login form) 3- View Cookies: There is a cookie has been written by CF with CFID, No, you must check with the original login form on the .NET application. The CF template you've made does not set any cookie (except the one set by CF). The idea is the check if the ORIGINAL login form in the .NET application sets a cookie, because this is the one you must fake when you simulate the login form by CFHTTP. The thing that is weird is that, with cookies disabled, the login action will fail. The question then is how does the login action know that cookies are disabled? The only way I have in mind is that the action will verify the presence of a cookie set by the form. There is also a Javascript property cookieEnabled that the system can also check. You told me that the login fails when cookies are disabled, but what if they are enabled, but Javascript is disabled ? Finally, is there an address (and some code + password) I could use to test the real application by myself? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259188 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
You know in the amount if time it is taking to debug a your single sign in, and you haven't even touched the SP side of things yet. You would have been better of looking at ADS (Active Directory Services) or apaches equivalant. Or even look at a 3rd part solution where they deal in this all the time. All your headache so far is one way. Of course I am assuming that the asp.net application is yours to login into, if it isn;t then you better check with the onwer of the website to make sure you are not breaking any of their conditions to the website. On 11/5/06, Claude Schneegans [EMAIL PROTECTED] wrote: 2- Go to http://localhost/SingleLogin/login.cfm (which is the login form) 3- View Cookies: There is a cookie has been written by CF with CFID, No, you must check with the original login form on the .NET application. The CF template you've made does not set any cookie (except the one set by CF). The idea is the check if the ORIGINAL login form in the .NET application sets a cookie, because this is the one you must fake when you simulate the login form by CFHTTP. The thing that is weird is that, with cookies disabled, the login action will fail. The question then is how does the login action know that cookies are disabled? The only way I have in mind is that the action will verify the presence of a cookie set by the form. There is also a Javascript property cookieEnabled that the system can also check. You told me that the login fails when cookies are disabled, but what if they are enabled, but Javascript is disabled ? Finally, is there an address (and some code + password) I could use to test the real application by myself? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259189 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
CFHTTP is coldfusion. coldfusion runs on the server. your code will log the server in. Do you want to log the server in, or the client in? On 03/11/06, Michael Nguyen [EMAIL PROTECTED] wrote: Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7 ) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258967 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Adrian, *LOL* *LOL* I think the dude knows that. Michael, your problem lies with the fact you are connecting to the form page. That is not what you need to do. What you nned to do is connect to the processing page that the form is connecting to, and using cfhttp the way you are pass the username and password but not the submit button. So, if the asp.net page as you have the form page is connecting (submitting) to the /abc.asp then that is where your cfhttp needs to point too, with the same fields as the username and password field that is being inouted on the asp.net form. HTH Some people are jsut so full of useless information (Yes I am refering to you Adrian) and yes I am being sarcastic to boot with you Adrian. On 11/3/06, Adrian [EMAIL PROTECTED] wrote: CFHTTP is coldfusion. coldfusion runs on the server. your code will log the server in. Do you want to log the server in, or the client in? On 03/11/06, Michael Nguyen [EMAIL PROTECTED] wrote: Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.8.0.7 ) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258968 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
What you nned to do is connect to the processing page that the form is connecting to, Well, as far as I can see, this is what he does. But what is the server he is trying to log to sends back a cookie to keep the session alive ? The CF template which sends the login request will not take care of it. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258969 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
yes it can. On 11/3/06, Claude Schneegans [EMAIL PROTECTED] wrote: What you nned to do is connect to the processing page that the form is connecting to, Well, as far as I can see, this is what he does. But what is the server he is trying to log to sends back a cookie to keep the session alive ? The CF template which sends the login request will not take care of it. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258972 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Claude I am in a funny mood, and your as stupid as Michael. If the chhttp as this guy is trying to connerct to is login.asp, they says to me it is the login form:-) Gee some people are really stupid today... On 11/3/06, Andrew Scott [EMAIL PROTECTED] wrote: yes it can. On 11/3/06, Claude Schneegans [EMAIL PROTECTED] wrote: What you nned to do is connect to the processing page that the form is connecting to, Well, as far as I can see, this is what he does. But what is the server he is trying to log to sends back a cookie to keep the session alive ? The CF template which sends the login request will not take care of it. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258973 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
And before one person jumps in. The guy made it very clear that he was connecting to the form, and to the untrained eye they will not see it. But if you are a guru then it is obvious as the answer is in is post. Regards, Andrew Scott Senior Coldfusion Programmer On 11/3/06, Andrew Scott [EMAIL PROTECTED] wrote: Claude I am in a funny mood, and your as stupid as Michael. If the chhttp as this guy is trying to connerct to is login.asp, they says to me it is the login form:-) Gee some people are really stupid today... On 11/3/06, Andrew Scott [EMAIL PROTECTED] wrote: yes it can. On 11/3/06, Claude Schneegans [EMAIL PROTECTED] wrote: What you nned to do is connect to the processing page that the form is connecting to, Well, as far as I can see, this is what he does. But what is the server he is trying to log to sends back a cookie to keep the session alive ? The CF template which sends the login request will not take care of it. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258974 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Your approach is correct...however After you use the CFHTTP client to login then what? Its only the CFHTTP client that is logged in... not your local machine or server. Dump your CFHTTP.FileContent... what do you see? I'm not sure if there's a way to maintain a login using the CFHTTP client. - Original Message - From: Michael Nguyen [EMAIL PROTECTED] To: CF-Talk cf-talk@houseoffusion.com Sent: Friday, November 03, 2006 10:37 AM Subject: Using CFHTTP to login Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258975 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Ben, is it correct. The dude as a username and a password and god forbid a submit button as well to a logn.asp page. It is not correct, he needs to be pointing to the page that the login.apspage sends that informartion too. Yep something is in the water this week. On 11/3/06, Ben Koshy [EMAIL PROTECTED] wrote: Your approach is correct...however After you use the CFHTTP client to login then what? Its only the CFHTTP client that is logged in... not your local machine or server. Dump your CFHTTP.FileContent... what do you see? I'm not sure if there's a way to maintain a login using the CFHTTP client. - Original Message - From: Michael Nguyen [EMAIL PROTECTED] To: CF-Talk cf-talk@houseoffusion.com Sent: Friday, November 03, 2006 10:37 AM Subject: Using CFHTTP to login Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.8.0.7) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258977 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
yes it can. CF can send cookie to a client, and store its value in a variable, but the question here is to emulate a client browser, then the CF application should send back the cookie value set by the other server somewhere in the HTTP headers with all consecutive requests, just like a browser would do. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258978 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
-- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258979 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
If the chhttp as this guy is trying to connect to is login.asp, they says to me it is the login form I don't see your point. He is not CFHTTPing the form. He is sending the form to the action template. What's your problem? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258981 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
he needs to be pointing to the page that the login.asp page sends that informartion too. Well, I was assuming this is what he was doing. You mean login.asp actually contains the form? The actual address he is trying to log wouls help. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258982 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
your joking right. The form page is called login.asp.. And the cfhttp call is to login.asp. You really aren't on top of the question. On 11/3/06, Claude Schneegans [EMAIL PROTECTED] wrote: If the chhttp as this guy is trying to connect to is login.asp, they says to me it is the login form I don't see your point. He is not CFHTTPing the form. He is sending the form to the action template. What's your problem? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258983 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Your Joking really tell me you are joking? the dude posted the form in his orignal post. That confirms my suspicion, Bin Laden has infected the USA water suppy making them all idiots at the moment *LOL* No serious did you not see that in his original post? On 11/3/06, Claude Schneegans [EMAIL PROTECTED] wrote: he needs to be pointing to the page that the login.asp page sends that informartion too. Well, I was assuming this is what he was doing. You mean login.asp actually contains the form? The actual address he is trying to log wouls help. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258984 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
-Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:02 AM To: CF-Talk Subject: Re: Using CFHTTP to login Claude I am in a funny mood, and your as stupid as Michael. If the chhttp as this guy is trying to connerct to is login.asp, they says to me it is the login form:-) Gee some people are really stupid today... No, you are wrong, Claude is correct, and I think there is only one stupid person here, to quote him directly. Did you ever thing Michael might be posting to the same page that the form is on? Did you really look at the code to see that both form actions were the same (the form code itself and the cfhttp)? No, I guess not. There is simply not enough information as Michael doesn't tell us what he is trying to accomplish after the login or how it fails to begin with. Ben had the correct question to determine the next steps. Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258985 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Actually there is enough information. I have posted to the same page using cfhttp many and I repeat many times. The difference is I do not send the submit button to do it, I send the action that will define me to send the login information, otherwise Ithe form will get displayed again. So I will satnd up and say it again... = Quote Michael, your problem lies with the fact you are connecting to the form page. That is not what you need to do. What you nned to do is connect to the processing page that the form is connecting to, and using cfhttp the way you are pass the username and password but not the submit button. = Quote End Sop if this dude has form action=login.asp?action=login then he needs to do that. Of if he has input type=hidden name=action value=login then he needs to send it. The water is getting dirtier :-) On 11/3/06, Andrew Tyrone [EMAIL PROTECTED] wrote: -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:02 AM To: CF-Talk Subject: Re: Using CFHTTP to login Claude I am in a funny mood, and your as stupid as Michael. If the chhttp as this guy is trying to connerct to is login.asp, they says to me it is the login form:-) Gee some people are really stupid today... No, you are wrong, Claude is correct, and I think there is only one stupid person here, to quote him directly. Did you ever thing Michael might be posting to the same page that the form is on? Did you really look at the code to see that both form actions were the same (the form code itself and the cfhttp)? No, I guess not. There is simply not enough information as Michael doesn't tell us what he is trying to accomplish after the login or how it fails to begin with. Ben had the correct question to determine the next steps. Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258986 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Andrew...I think you're been dipping in that water, too...your typing is almost incoherent... What time is it in Australia...got to be happy hour... :o) Rick -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:19 AM To: CF-Talk Subject: Re: Using CFHTTP to login Ben, is it correct. The dude as a username and a password and god forbid a submit button as well to a logn.asp page. It is not correct, he needs to be pointing to the page that the login.apspage sends that informartion too. Yep something is in the water this week. On 11/3/06, Ben Koshy [EMAIL PROTECTED] wrote: Your approach is correct...however After you use the CFHTTP client to login then what? Its only the CFHTTP client that is logged in... not your local machine or server. Dump your CFHTTP.FileContent... what do you see? I'm not sure if there's a way to maintain a login using the CFHTTP client. - Original Message - From: Michael Nguyen [EMAIL PROTECTED] To: CF-Talk cf-talk@houseoffusion.com Sent: Friday, November 03, 2006 10:37 AM Subject: Using CFHTTP to login Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.8.0.7) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258988 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
-Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:33 AM To: CF-Talk Subject: Re: Using CFHTTP to login your joking right. The form page is called login.asp.. And the cfhttp call is to login.asp. You really aren't on top of the question. His form tag: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 His cfhttp call: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes He says submitting the form works. The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. The cfhttp posts to this SAME page. If he got his code wrong, then he'll have to respond and say so. In the meantime, I am definitely on top of the question, and you are still wrong. Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258989 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
I have posted to the same page using cfhttp many and I repeat many times. If I suppose that you perfectly know by experience that an address like /login.aspx is ALWAYS the login form and not the action template in ANY DOT.NET application, then I will admit you are right. But until better hint, I will not like some one here assume any one is stupid, and I started with the premise that the guy was knowing what he was doing and that login.aspx IS the login action, like in the sample code he gave for the login FORM. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258990 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258993 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Your Joking really tell me you are joking? If I really was, it would at least have spell it you're, not your, but anyway... So I'll return *your* question: what *you're* smoking? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258994 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
got to be happy hour LOL ;-)) Got to be happy hour for the whole day ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258995 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
-Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 8:14 AM To: CF-Talk Subject: Re: Using CFHTTP to login The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. It doesn't have to be the case, but could be, and regardless of what page he is posting to, it's the same one based on the code he presented in both scenarios (form and cfhttp actions). Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258996 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Your Joking really tell me you are joking? If I really was, it would at least have spell it you're, not your, but anyway... So I'll return *your* question: what *you're* smoking? Come on, Claude! Re-read what you wrote... I think you and Andrew are at the same bar! Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258997 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Rick, Happy hour is well and past, *hic* Claude, so you are telling me that if you see a cfhttp call in CF passing the submit button everything is normal. Come on get a grip onb reality man. the problem is as I said, he needs to look at what is being passed to the login script to log the user in. So if it is the same page you don't need to be an einstein to work out what this dude is doing wrong. And of course Claude to spell it out the answer was the due was sending asubmit button, who in their right mind couldn't picl that up. So if you read bewteen the lines he gave an example, now whether it was the actual apsx code ornot who knows, but the answer still lies in the fact he is calling the login form otherwise he wouldn't be, and let me repat that he wouldn't be having a problem. My water might have been scotch, but for fuck sake it hasn't made me stupid. On 11/4/06, Claude Schneegans [EMAIL PROTECTED] wrote: The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258998 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Andrew, I really don't think claude actually saw the post properlly. And if Claude really knew anything, I am using gmail, and when using a web browser I have now spell checker, and being a little under the weather my wits are good, but my fingers can't do the walking as well. Anyway if Claude was smart he wouold see that the login form that works is called login.aspx, and then submits to itself. But what Claude didn't see was the fact that the cfhttp was sending the field submit button. But Claude as ignorant as he is towards me, forgot that the Dude in question hasn't understood exactly what he had done.. much like Claude hasn't realised he is making himself look even more Shall I say incompetant in seeing the problme;-) Claude look at the orignal question, you will see 2 sets of code. One is the form that works, that posts back to itself. The otyher is the cfhttp call that sends a submit button as a formfield. Tell me you are not that blind. On 11/4/06, Andrew Scott [EMAIL PROTECTED] wrote: Rick, Happy hour is well and past, *hic* Claude, so you are telling me that if you see a cfhttp call in CF passing the submit button everything is normal. Come on get a grip onb reality man. the problem is as I said, he needs to look at what is being passed to the login script to log the user in. So if it is the same page you don't need to be an einstein to work out what this dude is doing wrong. And of course Claude to spell it out the answer was the due was sending asubmit button, who in their right mind couldn't picl that up. So if you read bewteen the lines he gave an example, now whether it was the actual apsx code ornot who knows, but the answer still lies in the fact he is calling the login form otherwise he wouldn't be, and let me repat that he wouldn't be having a problem. My water might have been scotch, but for fuck sake it hasn't made me stupid. On 11/4/06, Claude Schneegans [EMAIL PROTECTED] wrote: The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED] ) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259004 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Michael, Are you able to resolve the url from the server (not your local machine but the server). -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Thursday, November 02, 2006 11:08 PM To: CF-Talk Subject: Using CFHTTP to login Hi everyone, I am still struggling with using cfhttp to log in into an ASP.NET app. The weird thing is when I used the normal html form (see bellow) then I could log in successfully: form method=post action=http://www.mycompany.com/Login.aspx; name=form1 input name=CompanyCode type=hidden maxlength=12 value= ccode / input name=UserEmail type=hidden maxlength=60 value= [EMAIL PROTECTED] / input name=UserPassword type=password maxlength=50 value= password/ input type=submit name=SigninBtn value=Login / /form However, when I use cfhttp (bellow) to login then I could not log in: cfhttp url=http://www.mycompany.com/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7 cfhttpparam type=formfield name=CompanyCode value=ccode/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=password/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp Can anyone tell me how differently the asp.Net treats to these above two approaches and why I couldn't login when using cfhttp? Any help is appreciated. Michael ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259008 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Happy hour is well and past, *hic* Areeewwmaaaybe yooou're pfpfpingers are ssstilll jjjust sufpfpferrring fpfpfro aeae han...overr... :o) Rick -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 8:26 AM To: CF-Talk Subject: Re: Using CFHTTP to login Rick, Happy hour is well and past, *hic* ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259007 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Claude, so you are telling me that if you see a cfhttp call in CF passing the submit button everything is normal. I never said that. the problem is as I said, he needs to look at what is being passed to the login script to log the user in. What I say now is that you need to look at his code. He can send a form to the login script, a form that works, so let's assume he knows what should be passed to the login script, ok? otherwise he wouldn't be, and let me repat that he wouldn't be having a problem. May be he is doing what you should do also: having some rest ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259011 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
nope, not in the slightest On 11/4/06, Rick Faircloth [EMAIL PROTECTED] wrote: Happy hour is well and past, *hic* Areeewwmaaaybe yooou're pfpfpingers are ssstilll jjjust sufpfpferrring fpfpfro aeae han...overr... :o) Rick -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 8:26 AM To: CF-Talk Subject: Re: Using CFHTTP to login Rick, Happy hour is well and past, *hic* ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259012 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259013 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Under the weather, huh? Sorry, chap... Got a code? (Get it? Hee, hee) Maybe too much code medicine... :o) Rick -Original Message- From: Andrew Scott [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 8:55 AM To: CF-Talk Subject: Re: Using CFHTTP to login nope, not in the slightest On 11/4/06, Rick Faircloth [EMAIL PROTECTED] wrote: Happy hour is well and past, *hic* Areeewwmaaaybe yooou're pfpfpingers are ssstilll jjjust sufpfpferrring fpfpfro aeae han...overr... :o) Rick ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259014 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Hi everyone again, Sorry for getting back to you late and for the not very clear question. I think that Claude understands me right. The login.aspx is NOT form page but action page. The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. My task is to provide a single login to different applications - asp.net and CF. What I have tried to do is provide a CF login page where the user can login into both systems. The html form that I posted is only for testing that I successfully login into asp.net. What I thought I might do is to make a cf login page and if the user successfully logged in into cf then the cfhttp will submit the login details to asp.net but for some reason I could not get it through and what I don't understand so far is the cfhttp does the same thing as a html form does. When I dump cfhttp.filecontent it shows me the login page (which is not successful login, it should show the member homepage if successfully logged in) Thank you for all your messages and I appreciated your time and help. Michael The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259017 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Time to expose my woeful ignorance of .net Will .net be rejecting any post that has not come from the same page? Perhaps using the viewstate to authenticate where the post has come from? I have some vague recollection of .net not allowing a form to post to a different action page? Probably all wrong, but I thought I would throw it out there! On 03/11/06, Michael Nguyen [EMAIL PROTECTED] wrote: Hi everyone again, Sorry for getting back to you late and for the not very clear question. I think that Claude understands me right. The login.aspx is NOT form page but action page. The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. My task is to provide a single login to different applications - asp.netand CF. What I have tried to do is provide a CF login page where the user can login into both systems. The html form that I posted is only for testing that I successfully login into asp.net. What I thought I might do is to make a cf login page and if the user successfully logged in into cf then the cfhttp will submit the login details to asp.net but for some reason I could not get it through and what I don't understand so far is the cfhttp does the same thing as a html form does. When I dump cfhttp.filecontent it shows me the login page (which is not successful login, it should show the member homepage if successfully logged in) Thank you for all your messages and I appreciated your time and help. Michael The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259021 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Michael, Does the login page do a redirect to a different page? If so your CFHTTP call should include REDIRECT=yes or it will not follow the header instruction. -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:00 AM To: CF-Talk Subject: Re: Using CFHTTP to login Hi everyone again, Sorry for getting back to you late and for the not very clear question. I think that Claude understands me right. The login.aspx is NOT form page but action page. The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. My task is to provide a single login to different applications - asp.net and CF. What I have tried to do is provide a CF login page where the user can login into both systems. The html form that I posted is only for testing that I successfully login into asp.net. What I thought I might do is to make a cf login page and if the user successfully logged in into cf then the cfhttp will submit the login details to asp.net but for some reason I could not get it through and what I don't understand so far is the cfhttp does the same thing as a html form does. When I dump cfhttp.filecontent it shows me the login page (which is not successful login, it should show the member homepage if successfully logged in) Thank you for all your messages and I appreciated your time and help. Michael The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259020 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
he wouold see that the login form that works is called login.aspx, OK, can you just tell me where you see that? and then submits to itself. Supposing it is so, is it a problem? But what Claude didn't see was the fact that the cfhttp was sending the field submit button. So what? Is it forbidden? Some form action may check the value of the submit button, especially if there are several submit buttons in the form, so I assume Michael was trying to emulate the form as close as possible. Sending the submit button value is just an attempt to tell the form action the button was clicked. It may not work, but I doubt the problem is here. There may be plenty of reasons why a login fails if not coming from the real form. For instance, the server could refuse login to a browser with Javascript not enabled. Michael tries to make believe that the CF server is actually a Mozilla client, but a more picky (pickier?) script which check for Javascript enabled would not be fooled. ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259024 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
I think that Claude understands me right. OK, now that we are on the good tracks, let's see. Could it be the server checking for something in the user browser that you didn't think of? Javascript for instance. (My own login procedure on my systems work this way) Try your login form that works (and which is NOT the same as the login action ;-) from your browser with Javascript disabled and see if you can still login. Try also with cookie deactivated and see if it makes any difference. Also, you didn't tell, but what kind of answer do you get in return from your CFHTTP attempt? Any message about why the login was refused? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259028 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Yes, Mark. The login page directs me to a member home page and I did include redirect='yes'. -Original Message- From: Mark A Kruger [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:15 AM To: CF-Talk Subject: RE: Using CFHTTP to login Michael, Does the login page do a redirect to a different page? If so your CFHTTP call should include REDIRECT=yes or it will not follow the header instruction. -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:00 AM To: CF-Talk Subject: Re: Using CFHTTP to login Hi everyone again, Sorry for getting back to you late and for the not very clear question. I think that Claude understands me right. The login.aspx is NOT form page but action page. The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. My task is to provide a single login to different applications - asp.net and CF. What I have tried to do is provide a CF login page where the user can login into both systems. The html form that I posted is only for testing that I successfully login into asp.net. What I thought I might do is to make a cf login page and if the user successfully logged in into cf then the cfhttp will submit the login details to asp.net but for some reason I could not get it through and what I don't understand so far is the cfhttp does the same thing as a html form does. When I dump cfhttp.filecontent it shows me the login page (which is not successful login, it should show the member homepage if successfully logged in) Thank you for all your messages and I appreciated your time and help. Michael The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259033 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Anyway if Claude was smart he wouold see that the login form that works is called login.aspx, and then submits to itself. But what Claude didn't see was the fact that the cfhttp was sending the field submit button. Actually, Claude was smart enough to point out that the form might NOT be posting to itself. All we know is that the action page is login.aspx, not whether that is the actual name of the form page itself. It could be called form_login.aspx for all we know. Michael didn't state the names of the pages themselves. Also, submit buttons can have names and values, so sending them with cfhttp might be necessary if the action page checks for them. They are basically like any other form field except in addition they have a specific duty, which is to submit the form. Andy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259034 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Michael, Ok... Can you do a cfdump of the whole CFHTTP (cfdump var=#cfhttp#) ... Let's take a look at the headers and other info. Maybe there is something there that will tell us more. -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 8:50 AM To: CF-Talk Subject: RE: Using CFHTTP to login Yes, Mark. The login page directs me to a member home page and I did include redirect='yes'. -Original Message- From: Mark A Kruger [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:15 AM To: CF-Talk Subject: RE: Using CFHTTP to login Michael, Does the login page do a redirect to a different page? If so your CFHTTP call should include REDIRECT=yes or it will not follow the header instruction. -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 7:00 AM To: CF-Talk Subject: Re: Using CFHTTP to login Hi everyone again, Sorry for getting back to you late and for the not very clear question. I think that Claude understands me right. The login.aspx is NOT form page but action page. The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. My task is to provide a single login to different applications - asp.net and CF. What I have tried to do is provide a CF login page where the user can login into both systems. The html form that I posted is only for testing that I successfully login into asp.net. What I thought I might do is to make a cf login page and if the user successfully logged in into cf then the cfhttp will submit the login details to asp.net but for some reason I could not get it through and what I don't understand so far is the cfhttp does the same thing as a html form does. When I dump cfhttp.filecontent it shows me the login page (which is not successful login, it should show the member homepage if successfully logged in) Thank you for all your messages and I appreciated your time and help. Michael The form posts to the login.aspx page, which tells me he is posting to the (same) form page, which is not impossible to do. Indeed, but this does not even has to be the case here. Michael never said that the sample code for the form he gave was extract from the login.aspx page. As you said, the form he sends by hand works, which proves that login.aspx IS NOT the form page, but the action page, then what he is trying to HTTP IS the action page, NOT the form page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259037 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
The html form that I wrote was NOT extract from login.aspx Both html form and cfhttp is to submit to action page login.aspx but the html does it successfully and the cfhttp does not. Here's what you need to do. Run the form, and examine all of the information sent from the form to the action page. Then, make sure that your CFHTTP request sends all of that information. This will often be more than just the data within the form fields. It may include CGI variables and cookies that are set on or prior to the form. If any of them are set on the form itself, other than the form fields, you may need to use CFHTTP twice - the first time to fetch the form itself, from which you'd pull the cookies or other things in question, and the second time to send your form data along with these other tokens to the action page. It doesn't matter whether the form and action URLs are the same or different, you still might have to do this either way. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259040 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Claude, if I disable cookie then I couldn't login form the login form that works if cookie enabled. I think that was the point. When I submit the form (that works) if cookie turned off then it show me exactly as when I cfhttp. How can we get around of it? What I have tried is do cfhttp twice. The first cfhttp is to get cookie from asp.net. The second cfhttp is to submit form with the cookie information. (see the code bellow). However, I haven't got it done yet. Any thoughts? !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- cfset cookieList = cfhttp.responseheader['Set-Cookie'] cfset cookieStruct = Structnew() cfloop from=1 to=#listlen(cookieList,';')# index=i cfset cookieKV = listGetAt(cookieList,i,;) cfif listLen(cookieKV,=) gt 1 cfset cookieKey = listGetAt(cookieKV,1,=) cfset cookieValue = listGetAt(cookieKV,2,=) cfoutputbr #i# #cookieKey#/cfoutput cfset structInsert(cookieStruct,cookiekey,cookievalue) /cfif /cfloop !--- Second http request to login --- cfhttp url=http://202.134.246.83/Tracking/Login/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=#cgi.HTTP_USER_AGENT# cfloop collection=#cookieStruct# item=key cfhttpparam type=cookie name=#key# value=# cookieStruct[key]# /cfloop cfhttpparam type=formfield name=CompanyCode value=AIRPORT/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=luggage/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:34 AM To: CF-Talk Subject: Re: Using CFHTTP to login I think that Claude understands me right. OK, now that we are on the good tracks, let's see. Could it be the server checking for something in the user browser that you didn't think of? Javascript for instance. (My own login procedure on my systems work this way) Try your login form that works (and which is NOT the same as the login action ;-) from your browser with Javascript disabled and see if you can still login. Try also with cookie deactivated and see if it makes any difference. Also, you didn't tell, but what kind of answer do you get in return from your CFHTTP attempt? Any message about why the login was refused? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259041 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 10:10 AM To: CF-Talk Subject: RE: Using CFHTTP to login Claude, if I disable cookie then I couldn't login form the login form that works if cookie enabled. I think that was the point. When I submit the form (that works) if cookie turned off then it show me exactly as when I cfhttp. How can we get around of it? What I have tried is do cfhttp twice. The first cfhttp is to get cookie from asp.net. The second cfhttp is to submit form with the cookie information. (see the code bellow). However, I haven't got it done yet. Any thoughts? !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- cfset cookieList = cfhttp.responseheader['Set-Cookie'] cfset cookieStruct = Structnew() cfloop from=1 to=#listlen(cookieList,';')# index=i cfset cookieKV = listGetAt(cookieList,i,;) cfif listLen(cookieKV,=) gt 1 cfset cookieKey = listGetAt(cookieKV,1,=) cfset cookieValue = listGetAt(cookieKV,2,=) cfoutputbr #i# #cookieKey#/cfoutput cfset structInsert(cookieStruct,cookiekey,cookievalue) /cfif /cfloop !--- Second http request to login --- cfhttp url=http://202.134.246.83/Tracking/Login/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=#cgi.HTTP_USER_AGENT# cfloop collection=#cookieStruct# item=key cfhttpparam type=cookie name=#key# value=# cookieStruct[key]# /cfloop cfhttpparam type=formfield name=CompanyCode value=AIRPORT/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=luggage/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:34 AM To: CF-Talk Subject: Re: Using CFHTTP to login I think that Claude understands me right. OK, now that we are on the good tracks, let's see. Could it be the server checking for something in the user browser that you didn't think of? Javascript for instance. (My own login procedure on my systems work this way) Try your login form that works (and which is NOT the same as the login action ;-) from your browser with Javascript disabled and see if you can still login. Try also with cookie deactivated and see if it makes any difference. Also, you didn't tell, but what kind of answer do you get in return from your CFHTTP attempt? Any message about why the login was refused? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259043 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Yes, Mark. The login page directs me to a member home page and I did include redirect='yes'. Ok, this will work for a redirect in the response header, but what if it is a Javascript redirect (one among many ways to check if JS is enabled)? ColdFusion will not follow. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259045 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Any thoughts? Yes, this is basically what you need to do. Fetch the cookies sent when you visit the form, then send those to the action page. I didn't think to ask this earlier, but what are you trying to accomplish, exactly? Are you trying to let your CF app interact with the .NET app, or are you trying to log your user into .NET so that later, when that user visits the .NET app directly, that user is logged in? If the former, you're on your way. If the latter, things get a little more complicated. In that case, you may need to provide the token you get from the .NET app to your user. If your app and the .NET app are in the same domain, this is pretty straightforward - just set a cookie containing the token, and make sure you use the DOMAIN attribute of CFCOOKIE so that the user will send the cookie back to the .NET app. If your app and the .NET app are not in the same domain, you will probably not be able to set a cookie that will be sent to the .NET app. In that case, the .NET app would need to have some other mechanism for accepting a token, such as a URL parameter. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259046 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Michael, You are going to have to get the cookie scope from your browser and send it along with the page. 1) Create an ASPX page that loops through the cookie scope and sets Javascript variables. 2) Embed the ASPX page as a Javascript on your CF page (script src=mypage.aspx/) 3) copy the JS variables into the form scope using javascript and post them to your CF handler 4) Send them back as cookies in your CFHTTP post... It's also possible that simply embedding the js/aspx into the CF page will set the appropriate cookies and you won't need any JS... They will exist as cookies in your CF cookie scope and your code below would work. I'm going to bet that would work differently in different browsers though. -Mark -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 9:10 AM To: CF-Talk Subject: RE: Using CFHTTP to login Claude, if I disable cookie then I couldn't login form the login form that works if cookie enabled. I think that was the point. When I submit the form (that works) if cookie turned off then it show me exactly as when I cfhttp. How can we get around of it? What I have tried is do cfhttp twice. The first cfhttp is to get cookie from asp.net. The second cfhttp is to submit form with the cookie information. (see the code bellow). However, I haven't got it done yet. Any thoughts? !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- cfset cookieList = cfhttp.responseheader['Set-Cookie'] cfset cookieStruct = Structnew() cfloop from=1 to=#listlen(cookieList,';')# index=i cfset cookieKV = listGetAt(cookieList,i,;) cfif listLen(cookieKV,=) gt 1 cfset cookieKey = listGetAt(cookieKV,1,=) cfset cookieValue = listGetAt(cookieKV,2,=) cfoutputbr #i# #cookieKey#/cfoutput cfset structInsert(cookieStruct,cookiekey,cookievalue) /cfif /cfloop !--- Second http request to login --- cfhttp url=http://202.134.246.83/Tracking/Login/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=#cgi.HTTP_USER_AGENT# cfloop collection=#cookieStruct# item=key cfhttpparam type=cookie name=#key# value=# cookieStruct[key]# /cfloop cfhttpparam type=formfield name=CompanyCode value=AIRPORT/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=luggage/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:34 AM To: CF-Talk Subject: Re: Using CFHTTP to login I think that Claude understands me right. OK, now that we are on the good tracks, let's see. Could it be the server checking for something in the user browser that you didn't think of? Javascript for instance. (My own login procedure on my systems work this way) Try your login form that works (and which is NOT the same as the login action ;-) from your browser with Javascript disabled and see if you can still login. Try also with cookie deactivated and see if it makes any difference. Also, you didn't tell, but what kind of answer do you get in return from your CFHTTP attempt? Any message about why the login was refused? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259048 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
Claude, if I disable cookie then I couldn't login form the login form that works if cookie enabled. I think that was the point. When I submit the form (that works) if cookie turned off then it show me exactly as when I cfhttp. How can we get around of it? What I have tried is do cfhttp twice. The first cfhttp is to get cookie from asp.net. The second cfhttp is to submit form with the cookie information. (see the code bellow). However, I haven't got it done yet. Any thoughts? !--- First http request to get cookie info --- cfhttp url=http://www.mycompany.com/Login.aspx; method=get resolveurl=yes port=80 throwonerror=yes redirect=yes useragent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7/ !--- create cookieStruct --- cfset cookieList = cfhttp.responseheader['Set-Cookie'] cfset cookieStruct = Structnew() cfloop from=1 to=#listlen(cookieList,';')# index=i cfset cookieKV = listGetAt(cookieList,i,;) cfif listLen(cookieKV,=) gt 1 cfset cookieKey = listGetAt(cookieKV,1,=) cfset cookieValue = listGetAt(cookieKV,2,=) cfoutputbr #i# #cookieKey#/cfoutput cfset structInsert(cookieStruct,cookiekey,cookievalue) /cfif /cfloop !--- Second http request to login --- cfhttp url=http://202.134.246.83/Tracking/Login/Login.aspx; method=post resolveurl=yes port=80 redirect=yes useragent=#cgi.HTTP_USER_AGENT# cfloop collection=#cookieStruct# item=key cfhttpparam type=cookie name=#key# value=# cookieStruct[key]# /cfloop cfhttpparam type=formfield name=CompanyCode value=AIRPORT/ cfhttpparam type=formfield name=UserEmail value=[EMAIL PROTECTED]/ cfhttpparam type=formfield name=UserPassword value=luggage/ cfhttpparam type=formfield name=SigninBtn value=Login/ /cfhttp -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:34 AM To: CF-Talk Subject: Re: Using CFHTTP to login I think that Claude understands me right. OK, now that we are on the good tracks, let's see. Could it be the server checking for something in the user browser that you didn't think of? Javascript for instance. (My own login procedure on my systems work this way) Try your login form that works (and which is NOT the same as the login action ;-) from your browser with Javascript disabled and see if you can still login. Try also with cookie deactivated and see if it makes any difference. Also, you didn't tell, but what kind of answer do you get in return from your CFHTTP attempt? Any message about why the login was refused? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259049 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
When I submit the form (that works) if cookie turned off then it show me exactly as when I cfhttp. Ah ah! Then you must supplie the cookies. At first sight, you're attempt looks correct, except that the cookie must be set by the form page, you are calling the action page in your first attemps, so you might not get the correct cookies. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259052 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Yep - you are right. In that case you would need to have some advanced knowledge of the landing page - or extract it (ick) from the js. -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 9:21 AM To: CF-Talk Subject: Re: Using CFHTTP to login Yes, Mark. The login page directs me to a member home page and I did include redirect='yes'. Ok, this will work for a redirect in the response header, but what if it is a Javascript redirect (one among many ways to check if JS is enabled)? ColdFusion will not follow. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259050 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
or extract it (ick) from the js If he has CF_REExtract, this will be just a breeze! ;-) See CF_REextract http://www.contentbox.com/claude/customtags/REextract/testREextract.cfm -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259058 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
Are you trying to let your CF app interact with the .NET app, or are you trying to log your user into .NET so that later, when that user visits the .NET app directly, that user is logged in? The latter was my task ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259059 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
The way I did is use cfhttpparam type=cookie to send cookie information back to the asp.net but it doesn't seem to work. -Original Message- From: Mark A Kruger [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 2:25 AM To: CF-Talk Subject: RE: Using CFHTTP to login Michael, You are going to have to get the cookie scope from your browser and send it along with the page. 1) Create an ASPX page that loops through the cookie scope and sets Javascript variables. 2) Embed the ASPX page as a Javascript on your CF page (script src=mypage.aspx/) 3) copy the JS variables into the form scope using javascript and post them to your CF handler 4) Send them back as cookies in your CFHTTP post... It's also possible that simply embedding the js/aspx into the CF page will set the appropriate cookies and you won't need any JS... They will exist as cookies in your CF cookie scope and your code below would work. I'm going to bet that would work differently in different browsers though. -Mark ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259061 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! -Original Message- From: Michael Nguyen [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 10:51 AM To: CF-Talk Subject: RE: Using CFHTTP to login Are you trying to let your CF app interact with the .NET app, or are you trying to log your user into .NET so that later, when that user visits the .NET app directly, that user is logged in? The latter was my task ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259065 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Using CFHTTP to login
The latter was my task In that case, you also need to get that authentication token to your client, in addition to fetching it from the .NET server via CFHTTP. Are the servers in the same domain? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259066 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Michael, I know you've received lots of suggestions already, but I want to backup a little bit and try to unerstand what you're trying to do. I've read the thread history and I think there is perhaps a misunderstanding somewhere. What I understand is that you have an aspx page that you can log into by making a direct http call from the client browser, to the aspx page. What I also understand that you are trying to do, is have a cfm page that makes a similar aspx call (via CFHTTP) to log in the client. The challenge in this is that any settings passed back from the aspx page will be sent to the ColdFusion server. They will NOT be passed back to the client browser from the CF server. Even though they are sent to the ColdFusion server, the server will not remember the response on a subsequent request. Hopefully that makes sense. Please feel free to clarify if I have misunderstood the intended functionality. Jason Troy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259067 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Using CFHTTP to login
I think there is perhaps a misunderstanding somewhere. Don't worry, the misunderstanding is far in the southern hemisphere, and must be asleep by now ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259077 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
The way I did is use cfhttpparam type=cookie to send cookie information back to the asp.net but it doesn't seem to work. Yeah, but as I told you, unless the code you copied on your message is not correct, you should get the cookies from the form page, not the action page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259069 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Thanks guys for all your messages. Sorry that I couldn't get back to you immediately as I got your message at 3am (Australian time) ;) Jason wrote: What I understand is that you have an aspx page that you can log into by making a direct http call from the client browser, to the aspx page. What I also understand that you are trying to do, is have a cfm page that makes a similar aspx call (via CFHTTP) to log in the client. Jason, that's correct. The challenge in this is that any settings passed back from the aspx page will be sent to the ColdFusion server. They will NOT be passed back to the client browser from the CF server. Yeah... I would think that if I dump cfhttp.filecontent I expect to see a member login page in successful case. They will NOT be passed back to the client browser from the CF server. Even though they are sent to the ColdFusion server, the server will not remember the response on a subsequent request. The thing is the html form I've made does the same thing as cfhttp does, but one can get through and one cannot. For the next request I should pass cookie info (in every subsequent request) but it is my second step. My first step is to see asp member home page when using cfhttp. -Original Message- From: Jason Troy [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:56 AM To: CF-Talk Subject: Re: Using CFHTTP to login Michael, I know you've received lots of suggestions already, but I want to backup a little bit and try to unerstand what you're trying to do. I've read the thread history and I think there is perhaps a misunderstanding somewhere. What I understand is that you have an aspx page that you can log into by making a direct http call from the client browser, to the aspx page. What I also understand that you are trying to do, is have a cfm page that makes a similar aspx call (via CFHTTP) to log in the client. The challenge in this is that any settings passed back from the aspx page will be sent to the ColdFusion server. They will NOT be passed back to the client browser from the CF server. Even though they are sent to the ColdFusion server, the server will not remember the response on a subsequent request. Hopefully that makes sense. Please feel free to clarify if I have misunderstood the intended functionality. Jason Troy ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259144 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Thanks Claude, you always pointed out the very good point. I very appreciated your messages and suggestion. I've made a little bit of change to make sure that the cookie I got is correct from the form page but no luck. One thing I would like to mention here is the html form that works (says login1.cfm) hasn't got any cookie info from asp.net app yet because this form lies on CF server. It likes the user go to cf login1.cfm (note: this is a login1.cfm locates in CF application and it has got any info of asp.net before hand) and submit login details to asp.net and the results is asp.net redirects user to the member home page in asp.net application. I make another login2.cfm which will submit to itself. In that CF will log the user in CF app (that's no problem) and also makes a http request to asp.net(using cfhttp) to also log user into asp.net application. The thing is the login1.cfm has got any info from asp.net yet but it does its work, however the login2.cfm can get logged in into asp.net. Sorry if something is unclear. Please let me know if anything you might think of. Thanks a lot -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 3:08 AM To: CF-Talk Subject: Re: Using CFHTTP to login The way I did is use cfhttpparam type=cookie to send cookie information back to the asp.net but it doesn't seem to work. Yeah, but as I told you, unless the code you copied on your message is not correct, you should get the cookies from the form page, not the action page. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259148 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
Hi all, One thing that I've noticed and think that it may be or may not be related to the problem: After normal successful logged in into asp.net using html form, the cookie has one more name-value: ..ASPXAUTH=9857AD003ACCC01 which we didn't have before logged in. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259150 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Micahel, A question for you. You say you have been given the task of a single sign, yet they are 2 applications running .Net and CF. What about the .Net Application? Now are these machines, or Applications going to grow into more applications. Then the best solution would be to use Active Directory Services for windows and the equivalant for Apache. If I heard you right, you know need to go to the .Net application and do the same thing, but what if you need to expand this in the future? On 11/4/06, Michael Nguyen [EMAIL PROTECTED] wrote: Hi all, One thing that I've noticed and think that it may be or may not be related to the problem: After normal successful logged in into asp.net using html form, the cookie has one more name-value: ..ASPXAUTH=9857AD003ACCC01 which we didn't have before logged in. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259151 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Using CFHTTP to login
Sorry if something is unclear. Well, it is getting complex indeed. If the login action has been especially designed to block any robot intrusion, you're not finished with your project. One thing I'd like to know: what is the feedback you are getting from the login when it fails? I mean from your CFHTTP. Any message about the reason it failed? Also, I suppose you looked at the source code of the login form, since you are trying to emulate it. Was there any Javascript in it? May be if you could show us the code? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259152 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Using CFHTTP to login
If the login action has been especially designed to block any robot intrusion, you're not finished with your project. I don't think so Claude. The reason is the html form (login1.cfm) is working well and I try to simulate the login process exactly as we login as that html form. One thing I'd like to know: what is the feedback you are getting from the login when it fails? I mean from your CFHTTP. Any message about the reason it failed? The login process happens like this: If the login is successful then it redirects to another page like member home page. If not, it redirects user to login form with an error message: Login failed! When using login1.cfm (which is working) then after submitting, the member home page is shown. If I type in incorrect details then it redirects to login form say login.aspx with message Login Failed. When using CFHTTP and dump cfhttp.filecontent, the login form login.aspx is shown WITHOUT any error message just like you get there first time. Claude, remember you asked me to try to disable cookie and submit the form that works? I got the same screen as I do with cfhttp which is login form WITHOUT any error message. I would suggest that the problem might be is the asp.net think that the cookie is disabled and the login process does not happen. It simply redirects user to the login page. I have been pulling out my hair but no luck so far... Thx -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Saturday, 4 November 2006 1:59 PM To: CF-Talk Subject: Re: Using CFHTTP to login Sorry if something is unclear. Well, it is getting complex indeed. If the login action has been especially designed to block any robot intrusion, you're not finished with your project. One thing I'd like to know: what is the feedback you are getting from the login when it fails? I mean from your CFHTTP. Any message about the reason it failed? Also, I suppose you looked at the source code of the login form, since you are trying to emulate it. Was there any Javascript in it? May be if you could show us the code? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259155 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4