[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 636
  • Last Modified:

ColdFusion using Query String parameters

I have attached the instructions for a form I am working on.  I understand how to pass the string for validation,  but what I don't know is how to hide the results from the user and then append the information to another string that the user would see (below):


<cfoutput><a href="http://print.redleafdigital.com/fma/login.aspx?key=#Sesson.Key#">Customized Holiday Cards</a></cfoutput>
SSO.pdf
0
Albee_J
Asked:
Albee_J
1 Solution
 
hieloCommented:
>> but what I don't know is how to hide the results from the user
Not sure what you are doing, but perhaps you need hidden variables:
<input type="hidden" name="myFieldName" value="#url.theFieldName#"/>
0
 
ZvonkoSystems architectCommented:
The SSO.pdf is a bit strange because the examples do have typos and use the same string as auth= key and the session key.
From the description I read that the session key is generated for every use as a new key and valid only for one ┬┤session authentication. Therefore there is no need to hide the Session key.
Big care is to keep the auth= key secret but that auth key handling has NOT to go to browser. It has to be handled completely on ColdFusion side.
0
 
Albee_JAuthor Commented:
Thanks for the information Zvonko:

What I am stuck on is how to grab the returned auth key and store it as a session variable that can be used to redirect the user.

See my code below. (note I have hidden our key information etc)


<!---Digital Storefront Code--->
 
<cfif IsDefined('Sesson.AuthKey')>
<cflocation addtoken="no" url="http://print.redleafdigital.com/***/login.aspx?key=#Sesson.AuthKey#">
<cfelse>
 
<dd class="bodytext"><img src="../SiteImages/new.gif" alt="New" width="37" height="24" hspace="2"><cfoutput><a href="http://print.redleafdigital.com/***/SSO.aspx?user=#Session.SuNameKey#&company=**auth=****-****-**-****-****">Customized Holiday Cards</a></dd>
</cfoutput>
 
</cfif>
 
<!---End Digital Storefront Code--->

Open in new window

0
 
adobe116Commented:
Hi, I'm not sure I understand exactly what you need to do because I don't understand where the session var comes into play, but I think you need to use the cfhttp tag.

On the page where the user is logging in, call the cfhttp tag and return the result to the user.  Store it as a session to if needed.

You would do something like:
<cfhttp method="Get"
    url="http://print.redleafdigital.com/acme/SSO.aspx?user=user@domain.com&company=3aut
h=14363E23-67E9-41E9-9AE4-CC8B01F4EB70"
    name="returnedTempAuthKey">
<cfdump var="#returnedTempAuthKey#"><br>

#returnedTempAuthKey# should be your 36 char temp key.  Once you know it works, comment out the CFDUMP line.  

Then you could do (further down the page):
<form name="store" method="POST"
action="http://print.redleafdigital.com/acme/login.aspx">
<input type="hidden" name="key" value="#returnedTempAuthKey#">
<a href="#" onClick="Javascript: document.store.submit();">Click Here to view
your storefront</a>
</form>

I'll attach this as a code snippet below.  I used the form example from page 2 of your pdf, you can just substitute the <a> example as well.  Best of luck.
<!--- GET TEMP KEY FROM REDLEAF --->
<cfhttp 
    method="Get"
    url="http://print.redleafdigital.com/acme/SSO.aspx?user=user@domain.com&company=3aut
h=14363E23-67E9-41E9-9AE4-CC8B01F4EB70"
    name="returnedTempAuthKey">
 
<!--- DUMP THE RESULTS FOR TESTING --->
<cfdump var="#returnedTempAuthKey#"><br>
 
<!--- FORM FOR USER (From page 2 of your pdf) --->
<form name="store" method="POST"
action="http://print.redleafdigital.com/acme/login.aspx">
<input type="hidden" name="key" value="#returnedTempAuthKey#">
<a href="#" onClick="Javascript: document.store.submit();">Click Here to view your storefront</a>
</form>

Open in new window

0
 
Albee_JAuthor Commented:
Excellent, Thank you!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now