Coldfusion and cfldap using SSL

Hi experts.  I am using Coldfusion 5 on IIS6 server and SQL SERVER 2000.

I got the code to work without SSL.  However, I want to take it one step further and use SSL to secure the transmission between my web form and the Active Directory server.

I looked at Coldfusion's cfldap function and the attribute secure but I don't understand it.

Please let me know the steps to accomplish this.

Here's my code:

1. ldap_authenticate4a.cfm

<cfoutput>        
      <form action="ldap_authenticate4b.cfm" method="POST">        
            <p>Enter a your login and pwd to see if you authenticate        
            <p>Username <input type="Text" name="username" <cfif (IsDefined("form.username") AND form.username is not "")>value="#form.username#"</cfif>>        
            <br>password<input type="password" name="password"             <cfif (IsDefined("form.password") AND form.password is not "")>value="#form.password#"</cfif>>        
            <br><input type="Submit" value="Login" name="">      
      </form>  
</cfoutput>



2. ldap_authenticate4b.cfm

<cfparam name="logindomain" default="shc.org">  
<cfparam name="ldapServer" default="xxxxx">  
<cfparam name="dcStart" default="dc=shc,dc=org">    
<cfif IsDefined("form.username") AND form.username is not "" AND IsDefined("form.password") AND form.password is not "">         
      <cftry>  
            <cfset isValid=0>                
            <cfldap action="query"                        
                        name="Results"                        
                        server="#ldapServer#"                        
                        start="#dcStart#"  
                        filter="(&(objectclass=user)(SamAccountName=#form.username#))"
                        username="#form.username#@#logindomain#"                        
                                                                  password="#form.password#"
                        attributes="sAMAccountName"
                        scope="subtree"
                        rebind="Yes">
                        <cfif results.recordcount is 1>
                        <cfset isValid=1>
                    </cfif>

                                 <cfcatch>
                <cfset isValid=0>
            </cfcatch>
      </cftry>  


  <cfoutput>      
      <cfif isValid>
            The IsValid value=#isValid# , username=#results.sAMAccountName#
            <p>You are authenticated</p>
      <cfelse>                
            <p>Get out foul beast!  </p>      
      </cfif>      
  </cfoutput>



<cfelse>
      <p>Username or Password is incorrect.</p>
</cfif>
paultran00Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dgrafxCommented:
here are the Adobe docs on the subject
http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html

and here is another Experts-Exchange post on the subject
http://www.experts-exchange.com/Database/Miscellaneous/Q_24925241.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
paultran00Author Commented:
TO dgrafx:

A. What is Coldfusion MX?   My production server has coldfusion 5.

B. Instructions say "1 a.Start iPlanet administrator console.".  Is that installed?  How do I run it?


C.  Is it possible to test this on my WIndowsXP workstation before I put it in the production server which has Windows 2003?
0
paultran00Author Commented:
D.  The instructions say "Unlike ColdFusion 5, the cert7.db file is not needed any more.".  However, I am using CF5 which needs the cert7.db file so how do I do this?
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

dgrafxCommented:
cert7.db file
http://kb.juniper.net/InfoCenter/index?page=content&id=KB23256

mx is the name cf adopted for ver 7 - I believe you can ignore that
iplanet is a webserver - just find comparable area in whatever webserver you are using
0
_agx_Commented:
(no points... )

> What is Coldfusion MX?

MX is the name given to ColdFusion 6. It was a big change in the CF internals. As of MX, CF switched to being written in java, instead of C++ (like CF5 and earlier).
0
dgrafxCommented:
sorry - it's been awhile ...
0
_agx_Commented:
Only reason I remember is because I skipped CF5 :)
0
paultran00Author Commented:
To dgrafx:

The instructions you suggested is for Coldfusion MX which is written in Java for CF6 on.  http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html


Does anyone know how to do it for CF5 which is written in C?
0
dgrafxCommented:
did you look through the CF 5 docs I sent you a link to?
0
paultran00Author Commented:
Yes, http://helpx.adobe.com/coldfusion/kb/coldfusion-mx-configuring-secure-ssl.html  talks about JRE which is Java (which is what CF6 and newer has) but I'm using the older CF5.
0
dgrafxCommented:
no - i posted a link to the entire CF 5 docs - remember ?
u wanted to know if CF 5 had cfldap ...
0
paultran00Author Commented:
CF5 with cfldap is working without SSL currently; I want to take it to the next step which is to use SSL with CF5.
0
dgrafxCommented:
come on paul - work with me ...
check your CF5 docs to see if there is something about ssl & cfldap!
0
GaryCommented:
I've requested that this question be deleted for the following reason:

The question has either no comments or not enough useful information to be called an "answer".
0
dgrafxCommented:
I object to the deletion

In posters previous post: http://www.experts-exchange.com/Web_Development/WebApplications/Q_28486397.html
I posted a link to the CF 5 docs which again are: https://www.adobe.com/support/documentation/en/coldfusion/documentation50.html
Here is an excerpt from those docs that speaks of secure cfldap connections: http://www.eww.com.hk/cfdocs/CFML_Reference/Tags-pt165.html

Above in this post I told the poster to read through the CF 5 docs.
Read the last 6 posts above.
He seemed to "forget" what we had been talking about in his last post and earlier in this one as well.

Plus it was the poster who quit participating in this question.
I would have continued to try and help if he hadn't dropped out of site.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ColdFusion Language

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.