Code I
<html>
<head>
<title>Customized CFMX Authentication</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<H2>Please Log In</H2>
<cfoutput><!---#### Display login error message on failure. ####--->
<cfif isDefined('Session.goodLogin') AND NOT Session.goodLogin><span
style="color:##FF0000">#loginmessage#</span></cfif>
<cfform name="LoginForm" action="#CGI.script_name#" method="post">
<table>
<tr>
<td>username:</td>
<td><cfinput type="text" name="j_username" required="yes"
message="You must enter a username!"></td>
</tr>
<tr>
<td>password:</td>
<td><cfinput type="password" name="j_password" required="yes"
message="You must enter a password!"></td>
</tr>
</table><br>
<input type="submit" value="Log In">
</cfform>
</cfoutput>
<p> </p>
</body>
</html>
Code II
<cfcomponent displayname="Auth" hint="Authenticate and Authorize LDAP users">
<!---#### Psuedo constructor area automatically runs when component is
instantiated. ####--->
<cfset init()>
<!---#### Init function returns an instance of the component ####--->
<cffunction name="init" access="public" output="yes" hint="Initialize this CFC">
<cfargument name="Start" default="dc=macromedia, dc=com" required="Yes"
type="string">
<cfargument name="Server" default="localhost" required="Yes" type="string">
<cfargument name="Filter" default="uid=*" required="Yes" type="string">
<cfargument name="Scope" default="SUBTREE" required="yes" type="string">
<cfargument name="Attributes" default="*" required="no" type="string">
<cfargument name="Port" default=389 required="no" type="numeric">
<cfargument name="Sort" default="cn" required="no" type="string">
<cfargument name="SortCtrl" default="ASC" required="no" type="string">
<cfargument name="Sep" default="" required="no" type="string">
<cfargument name="Delimit" default="" required="no" type="string">
<cfset variables = duplicate(Arguments)>
<cfreturn this />
</cffunction>
Code III
<!---#### Authenticates the user and returns true on success, false on failure.
####--->
<cffunction name="authenticate" access="remote" returntype="boolean" output="No"
hint="Performs simple LDAP User Authentication">
<cfargument name="Username" type="string" required="yes" default=""
hint="Username">
<cfargument name="Password" type="string" required="yes" default="" hint="User
password">
<cftry>
<cfldap action="QUERY"
name="getLdapUser"
attributes="uid"
start="#variables.Start#"
scope="#variables.Scope#"
filter="uid=#Username#"
server="#variables.Server#"
port="#variables.Port#"
username="uid=#lUsername#,ou=Employees,#variables.Start#"
password="#lPassword#">
<cfif getLdapUser.RecordCount>
<cfreturn true>
<cfelse>
<cfreturn false>
</cfif>
<!---#### Error Handling: Logs and throws error returned from LDAP.
####--->
<cfcatch type="any">
<cflog text="Error in auth.cfc method authenticate() - Error:
#cfcatch.message#" type="Error" file="authentication"
application="yes">
<cfthrow message="#CFCATCH.Message#">
</cfcatch>
</cftry>
</cffunction>
Code IV
<!---#### Queries LDAP for user group memberships and returns them as a string if
successful. ####--->
<cffunction name="authorize" access="remote" returntype="string" output="no"
hint="Performs simple LDAP Group Membership lookup.">
<cfargument name="Username" type="string" required="yes" default=""
hint="Username">
<cfargument name="Password" type="string" required="yes" default="" hint="User
password">
<cftry>
<cfldap action="QUERY"
name="getLdapGroups"
attributes="cn"
start="#variables.Start#"
scope="#variables.Scope#"
filter="(&(objectClass=groupofuniquenames)(uniquemember=uid=#arguments.Username#*)
"
sort="#variables.Sort#"
sortcontrol="#variables.SortCtrl#"
server="#variables.Server#"
port="#variables.Port#"
username="uid=#arguments.Username#, ou=Employees,#variables.Start#"
password="#arguments.Password#">
<cfif getLdapGroups.RecordCount>
<cfset this.roles = valueList(getLdapGroups.cn)>
<cfreturn this.roles>
<cfelse>
<cfreturn>
</cfif>
<!---#### Error Handling: Logs and throws error returned from LDAP.
####--->
<cfcatch type="any">
<cflog text="Error in auth.cfc method authorize() - Error:
#cfcatch.message#" type="Error" file="authorization" application="yes">
<cfthrow message="#CFCATCH.Message#">
</cfcatch>
</cftry>
</cffunction>
Code V
<!---#### Authenticates and Authorizes the user, and returns a structure
containing the user's attributes and roles. ####--->
<cffunction name="setAuthUser" access="remote" returntype="struct" output="No"
hint="Returns an authenticated LDAP user object.">
<cfargument name="Username" type="string" required="yes" default=""
hint="Username">
<cfargument name="Password" type="string" required="yes" default="" hint="User
password">
<cftry>
<!---#### Authenticates the user and retreives their attributes. ####--->
<cfldap action="QUERY"
name="getAuthUser"
attributes="uid, cn, dn, mail, givenName, sn, telephoneNumber, pager,
mobile"
start="#variables.Start#"
scope="#variables.Scope#"
filter="uid=#Username#"
server="#variables.Server#"
port="#variables.Port#"
username="uid=#arguments.username#,ou=Employees,#variables.Start#"
password="#arguments.password#">
<cfscript>
if (getAuthUser.RecordCount) {
this.siteUser = StructNew();
//Concatenate the User's name from the LDAP attributes for
convenience
StructInsert(this.siteUser, 'Name', getAuthUser.givenName & ' ' &
getAuthUser.sn, True);
attribs = getAuthUser.ColumnList;
//Loop the LDAP results and store them in a user structure
for (i=0; i LT ListLen(getAuthUser.ColumnList); i = i+1) {
col = ListFirst(attribs, ',');
val = "getAuthUser."&col;
StructInsert(this.siteUser, col, evaluate(val), True);
attribs = ListDeleteAt(attribs, 1, ',');
} //END FOR
} //END IF
//Retrieve the user's group memberships and add them to the siteUser
structure
this.roles = authorize(arguments.username, arguments.password);
StructInsert(this.siteUser, 'Groups', this.roles);
return this.siteUser;
</cfscript>
<!---#### Error Handling: Logs and throws error returned from LDAP.
####--->
<cfcatch type="any">
<cflog text="Error in auth.cfc method setAuthUser() - Error:
#cfcatch.message#" type="Error" file="setAuthUser" application="yes">
<cfthrow message="#CFCATCH.Message#">
</cfcatch>
</cftry>
</cffunction>
Code VI
<cfsilent><!---#### Remove the white space left by Application.cfm ####--->
<cfapplication name="CFMXAUTH" sessionmanagement="Yes" loginStorage="COOKIE">
<!---#### Logout Control: Clear user's Session information and logout ####--->
<cfif isdefined("form.logout") or isdefined("url.logout")>
<CFLOGOUT>
<cfset StructClear(Session)>
<cflocation url="index.cfm" addtoken="no">
</cfif>
<!---#### Security Container: Only runs if current user is not logged into CFMX. ####--->
<CFLOGIN>
<!---#### If the CFLOGIN scope is not instantiated, force user to login. ####--->
<cfif not IsDefined("cflogin")>
<cfinclude template="loginform.cfm">
<cfabort>
<cfelse> <!---#### CFLOGIN instantiated, begin authentication/authorization
code. ####--->
<cftry>
<!---#### Instantiate the component into a shared scope for reuse. ####--->
<cfscript>
if(not isDefined('Application.ldapLogin')) {
// Create CFC in Application scope if it does not exist.
Application.ldapLogin = createObject("component", "auth");
}
// Create Session-level object to hold returned authenticated user
object.
Session.User = Application.ldapLogin.setAuthUser(CFLOGIN.name,
CFLOGIN.password);
</cfscript>
<cfif isdefined('Session.User')>
<!---#### Log user into CFMX and authorize for specified roles.
####--->
<CFLOGINUSER name = "#CFLOGIN.name#" password = "#CFLOGIN.password#"
roles="#Session.User.Groups#">
<!---#### Create Session-level login indicator. ####--->
<cfset Session.goodLogin = true>
</cfif>
<!---#### Trap any errors, including those thrown by the CFC methods.
####--->
<cfcatch type="any">
<cfset Session.goodLogin = false>
<!---#### Login message to display on login form. ####--->
<cfset loginmessage = "Invalid Login: " & CFCATCH.Message>
<cfinclude template="loginform.cfm">
<cfabort>
</cfcatch>
</cftry>
</cfif>
</CFLOGIN>
<!---#### Additional CFML here. ####--->
<cfset Request.DSN = "test">
</cfsilent>
Code VII
<html>
<head>
<title>Customized CFMX Authentication</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
.Normal {
font-family: Arial, Helvetica, sans-serif;
font-size: 11 pt; font-weight: normal; color: #000000;
}
.header {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11 pt; font-weight: bold; color: #000000;
}
.Tasks {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10 pt;
}
</style>
</head>
<body class="Normal">
<cftry><!---#### Display currently logged in Username and Roles ####--->
<cfoutput><p>Welcome! You are currently logged in as <span
style="color:##00CC66;">#GetAuthUser()#</span> with the following roles: <span
style="color:##00CC66">#SESSION.User.Groups#</span></p></cfoutput>
<table width="*" border="0" cellpadding="5" cellspacing="3">
<tr>
<td class="Tasks" width="25%" valign="top">
<span class="header">Task Menu</span><br>
<a href="index.cfm">Personal Page</a><br>
<!---#### Check Roles for permission to view ####--->
<cfif isUserInRole("Engineers")>
<a href="index.cfm">Basic User Tasks</a><br>
</cfif>
<cfif isUserInRole("ColdFusion")>
<a href="index.cfm">ColdFusion Product Support</a><br>
</cfif>
<cfif isUserInRole("Professional Services")>
<a href="index.cfm">Professional Services</a><br>
</cfif>
<cfif isUserInRole("Managers")>
<a href="index.cfm">Manager's Task List</a><br>
</cfif>
<p><a href="index.cfm?logout=true">Log out</a></p>
</td>
<td width="*">
<cfoutput><table width="*" border="1" summary="User Info">
<caption class="Tasks">#SESSION.User.Name# <span style="font-size: 8
px">(#Session.User.DN#)</span></caption>
<tr>
<th scope="row">Firstname</th>
<td>#Session.User.Givenname#</td>
</tr>
<tr>
<th scope="row">Lastname</th>
<td>#Session.User.sn#</td>
</tr>
<tr>
<th scope="row">UserID</th>
<td>#Session.User.uid#</td>
</tr>
<tr>
<th scope="row">Dept.</th>
<td>#ReplaceNoCase(Session.User.Groups, ",", ", ", "ALL")#</td>
</tr>
<tr>
<th scope="row">Email</th>
<td>#Session.User.mail#</td>
</tr>
<tr>
<th scope="row">Phone</th>
<td>#Session.User.telephonenumber# </td>
</tr>
<tr>
<th scope="row">Cell</th>
<td>#Session.User.mobile# </td>
</tr>
<tr>
<th scope="row">Pager</th>
<td>#Session.User.pager# </td>
</tr>
</table></cfoutput>
</td>
</tr>
</table>
<cfcatch>
<cfdump var="#CFCATCH.Message#">
<p><a href="index.cfm?logout=true">Log out</a><br></p>
</cfcatch>
</cftry>
<cfdump var="#Session.User#">
</body>
</html>