paultran00
asked on
Coldfusion and cfldap using SSL
Hi experts. I am using Coldfusion 5 on IIS6 server and SQL SERVER 2000.
I got the code to work without SSL. However, I want to take it one step further and use SSL to secure the transmission between my web form and the Active Directory server.
I looked at Coldfusion's cfldap function and the attribute secure but I don't understand it.
Please let me know the steps to accomplish this.
Here's my code:
1. ldap_authenticate4a.cfm
<cfoutput>
<form action="ldap_authenticate4 b.cfm" method="POST">
<p>Enter a your login and pwd to see if you authenticate
<p>Username <input type="Text" name="username" <cfif (IsDefined("form.username" ) AND form.username is not "")>value="#form.username# "</cfif>>
<br>password<input type="password" name="password" <cfif (IsDefined("form.password" ) AND form.password is not "")>value="#form.password# "</cfif>>
<br><input type="Submit" value="Login" name="">
</form>
</cfoutput>
2. ldap_authenticate4b.cfm
<cfparam name="logindomain" default="shc.org">
<cfparam name="ldapServer" default="xxxxx">
<cfparam name="dcStart" default="dc=shc,dc=org">
<cfif IsDefined("form.username") AND form.username is not "" AND IsDefined("form.password") AND form.password is not "">
<cftry>
<cfset isValid=0>
<cfldap action="query"
name="Results"
server="#ldapServer#"
start="#dcStart#"
filter="(&(objectclass=use r)(SamAcco untName=#f orm.userna me#))"
username="#form.username#@ #logindoma in#"
password="#form.password#"
attributes="sAMAccountName "
scope="subtree"
rebind="Yes">
<cfif results.recordcount is 1>
<cfset isValid=1>
</cfif>
<cfcatch>
<cfset isValid=0>
</cfcatch>
</cftry>
<cfoutput>
<cfif isValid>
The IsValid value=#isValid# , username=#results.sAMAccou ntName#
<p>You are authenticated</p>
<cfelse>
<p>Get out foul beast! </p>
</cfif>
</cfoutput>
<cfelse>
<p>Username or Password is incorrect.</p>
</cfif>
I got the code to work without SSL. However, I want to take it one step further and use SSL to secure the transmission between my web form and the Active Directory server.
I looked at Coldfusion's cfldap function and the attribute secure but I don't understand it.
Please let me know the steps to accomplish this.
Here's my code:
1. ldap_authenticate4a.cfm
<cfoutput>
<form action="ldap_authenticate4
<p>Enter a your login and pwd to see if you authenticate
<p>Username <input type="Text" name="username" <cfif (IsDefined("form.username"
<br>password<input type="password" name="password" <cfif (IsDefined("form.password"
<br><input type="Submit" value="Login" name="">
</form>
</cfoutput>
2. ldap_authenticate4b.cfm
<cfparam name="logindomain" default="shc.org">
<cfparam name="ldapServer" default="xxxxx">
<cfparam name="dcStart" default="dc=shc,dc=org">
<cfif IsDefined("form.username")
<cftry>
<cfset isValid=0>
<cfldap action="query"
name="Results"
server="#ldapServer#"
start="#dcStart#"
filter="(&(objectclass=use
username="#form.username#@
password="#form.password#"
attributes="sAMAccountName
scope="subtree"
rebind="Yes">
<cfif results.recordcount is 1>
<cfset isValid=1>
</cfif>
<cfcatch>
<cfset isValid=0>
</cfcatch>
</cftry>
<cfoutput>
<cfif isValid>
The IsValid value=#isValid# , username=#results.sAMAccou
<p>You are authenticated</p>
<cfelse>
<p>Get out foul beast! </p>
</cfif>
</cfoutput>
<cfelse>
<p>Username or Password is incorrect.</p>
</cfif>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
D. The instructions say "Unlike ColdFusion 5, the cert7.db file is not needed any more.". However, I am using CF5 which needs the cert7.db file so how do I do this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
(no points... )
> What is Coldfusion MX?
MX is the name given to ColdFusion 6. It was a big change in the CF internals. As of MX, CF switched to being written in java, instead of C++ (like CF5 and earlier).
> What is Coldfusion MX?
MX is the name given to ColdFusion 6. It was a big change in the CF internals. As of MX, CF switched to being written in java, instead of C++ (like CF5 and earlier).
sorry - it's been awhile ...
Only reason I remember is because I skipped CF5 :)
ASKER
To dgrafx:
The instructions you suggested is for Coldfusion MX which is written in Java for CF6 on. http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html
Does anyone know how to do it for CF5 which is written in C?
The instructions you suggested is for Coldfusion MX which is written in Java for CF6 on. http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html
Does anyone know how to do it for CF5 which is written in C?
did you look through the CF 5 docs I sent you a link to?
ASKER
Yes, http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html talks about JRE which is Java (which is what CF6 and newer has) but I'm using the older CF5.
no - i posted a link to the entire CF 5 docs - remember ?
u wanted to know if CF 5 had cfldap ...
u wanted to know if CF 5 had cfldap ...
ASKER
CF5 with cfldap is working without SSL currently; I want to take it to the next step which is to use SSL with CF5.
come on paul - work with me ...
check your CF5 docs to see if there is something about ssl & cfldap!
check your CF5 docs to see if there is something about ssl & cfldap!
I've requested that this question be deleted for the following reason:
The question has either no comments or not enough useful information to be called an "answer".
The question has either no comments or not enough useful information to be called an "answer".
I object to the deletion
In posters previous post: https://www.experts-exchange.com/questions/28486397/coldfusion-authenticate-using-active-directory-ldap.html
I posted a link to the CF 5 docs which again are: https://www.adobe.com/support/documentation/en/coldfusion/documentation50.html
Here is an excerpt from those docs that speaks of secure cfldap connections: http://www.eww.com.hk/cfdocs/CFML_Reference/Tags-pt165.html
Above in this post I told the poster to read through the CF 5 docs.
Read the last 6 posts above.
He seemed to "forget" what we had been talking about in his last post and earlier in this one as well.
Plus it was the poster who quit participating in this question.
I would have continued to try and help if he hadn't dropped out of site.
In posters previous post: https://www.experts-exchange.com/questions/28486397/coldfusion-authenticate-using-active-directory-ldap.html
I posted a link to the CF 5 docs which again are: https://www.adobe.com/support/documentation/en/coldfusion/documentation50.html
Here is an excerpt from those docs that speaks of secure cfldap connections: http://www.eww.com.hk/cfdocs/CFML_Reference/Tags-pt165.html
Above in this post I told the poster to read through the CF 5 docs.
Read the last 6 posts above.
He seemed to "forget" what we had been talking about in his last post and earlier in this one as well.
Plus it was the poster who quit participating in this question.
I would have continued to try and help if he hadn't dropped out of site.
see my previous post started with "I object to the deletion" ...
and the correct answer i believe is: https://www.experts-exchange.com/questions/28490526/Coldfusion-and-cfldap-using-SSL.html?anchorAnswerId=40240265#a40240265
and can be shared with: https://www.experts-exchange.com/questions/28490526/Coldfusion-and-cfldap-using-SSL.html?anchorAnswerId=40241893#a40241893
and the correct answer i believe is: https://www.experts-exchange.com/questions/28490526/Coldfusion-and-cfldap-using-SSL.html?anchorAnswerId=40240265#a40240265
and can be shared with: https://www.experts-exchange.com/questions/28490526/Coldfusion-and-cfldap-using-SSL.html?anchorAnswerId=40241893#a40241893
ASKER
A. What is Coldfusion MX? My production server has coldfusion 5.
B. Instructions say "1 a.Start iPlanet administrator console.". Is that installed? How do I run it?
C. Is it possible to test this on my WIndowsXP workstation before I put it in the production server which has Windows 2003?