Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 5-DEVELOPING APPLICATIONS
371372373374375376377378379380
Using the cfauthenticate tag 359
Using the cfauthenticate tag
The cfauthenticate tag has several required attributes:
securityContext Describes which security context to use for authentication
and authorization. This name matches the security context as defined on the
Advanced Security page of the ColdFusion Administrator.
username The user name required to access the protected resources.
password The password required to access the protected resources.
You usually set the
username and password attributes using variables that are passed
in a cookie from form fields on a secure login page for the current session.
In addition,
cfauthenticate has two optional attributes:
setCookie Indicates whether ColdFusion sets a cookie to contain
authentication information. This cookie is encrypted and includes the user
name, security context, browser remote address, and the HTTP user agent.
Default is Yes.
throwOnFailure Indicates whether ColdFusion throws an exception of type
Security if authentication fails. Default is Yes.
Example
<cfauthenticate securitycontext="MyAppSecurityContextName"
username=#userID#
password=#pwd#>
If the user is not already defined in the system, ColdFusion throws a Security
exception. You can either reject access to the resource or reroute the user to a login
page. For example, you can display a login form and then, if the user logs in
successfully, display the originally requested page.
For a longer code example, see Example of User Authentication and Authorization
on page 363.