Implementing Single Sign on with IIS and ColdFusion

Posted At : February 27, 2007 4:41 PM | Posted By : Admin
Related Categories: ColdFusion

This is a step by step procedure for implementing single sign on in a ColdFusion application running on IIS.

1)Create a virtual directory for the application. This is needed because you want to set the security properties for this directory only.

2)Once this is created, click on the directory security tab

3)Click the edit button

4)Check integrated windows authentication note: do not uncheck enable anonymous access What this does is cause the server to pass a variable called cgi.auth_user which is the domain\username from Windows. ColdFusion can use this for authentication.

5)In order for user records to be tracked, the variable cgi.auth_user is written into a database and given an id. Each time an authorized user enters the site the database is queried silently and the user's information can be looked up and displayed.

Comments (2) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 2702 Views
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)
[Add Comment]
Shannon Watts's Gravatar In step #5, how is the cgi.auth_user variable written to a database?

Is it done using a special CF tag in ColdFusion? In other words, how do we capture this variable and store it in a database (along with a unique ID),
so we can use it to validate the user (without forcing the user to logon to a web page)?

Thanks,

Shannon
# Posted By Shannon Watts | 6/20/07 3:24 PM
Scott Stewart's Gravatar cgi.auth_user is part of the cgi scope which is returned by ColdFusion
it can be written to a database easily with a standard insert query statement.

cgi.auth_user contains the domain\user pair. It should be unique for your network
# Posted By Scott Stewart | 6/22/07 3:44 PM
[Add Comment]
BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.