Yeah, I'm just using CFLOGIN to get the app up and running. The
longer term plan is to use NT Authentication. The app is an intranet
app and will be behind a firewall, and the security is really just a
way of allowing roles access to various aspects of the site.
Pete
~~~
No prob. I was a big fan of the CFLOGIN framework since it first came
in, but I've been getting a bit fed up with all the "issues"
surrounding it. It has security issues in the 6.X edition.
Session-based cflogin is NOT secure in 6.1, and I believe the cookie
version wasn't secure in 6.0. 7.0 fixes
Thanks Ray, that was it. I appreciate it.
Pete
On 9/20/05, Raymond Camden <[EMAIL PROTECTED]> wrote:
> You forgot to tie CFLOGIN to sessions.
>
>
>
>
~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Ticke
You forgot to tie CFLOGIN to sessions.
On 9/20/05, Pete Ruckelshaus <[EMAIL PROTECTED]> wrote:
> CFMX7 Standard in Win2K3 Server.
>
> I'm using CFLOGIN to authenticate users. The problem is that a users
> login won't expire when their browser session is idle for longer than
> the session expi
Not that I know of.
On 9/20/05, Ryan Guill <[EMAIL PROTECTED]> wrote:
> do you have ntauthentication turned on?
>
~|
Logware (www.logware.us): a new and convenient web-based time tracking
application. Start tracking and document
do you have ntauthentication turned on?
On 9/20/05, Pete Ruckelshaus <[EMAIL PROTECTED]> wrote:
> CFMX7 Standard in Win2K3 Server.
>
> I'm using CFLOGIN to authenticate users. The problem is that a users
> login won't expire when their browser session is idle for longer than
> the session expira
CFMX7 Standard in Win2K3 Server.
I'm using CFLOGIN to authenticate users. The problem is that a users
login won't expire when their browser session is idle for longer than
the session expiration (currently set to 20 minutes). However, when
the browser window is closed, the user login does expire
7 matches
Mail list logo
