#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2004
    Posts
    3
    Rep Power
    0

    CFldap Inappropriate authentication


    Hi All,

    I submit a form with the Network Userid/Password.

    In the action page I have an Lday query:
    <CFLDAP ACTION="query"
    NAME="LOCATE_USER"
    SERVER="mail.test.com"
    START="o=DEPT,c=us"
    SCOPE="subtree"
    FILTER="(uid=#form.username#)"
    ATTRIBUTES="dn">

    Here the query run is successfull.

    I see if the query retrieves 0 or > 0. Say recordcount = 1

    I then authenticate it against the server with the userid/password.
    <CFLDAP ACTION="query"
    NAME="qUSER_INFO"
    SERVER="mail.test.com"
    USERNAME="#LOCATE_USER.dn#"
    PASSWORD="#form.password#"
    START="o=Dept,c=us"
    SCOPE="subtree"
    FILTER="(uid=#form.username#)"
    ATTRIBUTES="cn,mail,uid"> This piece of code used to work well. It was written when we had CF5. We upgraded to CFMX 6.1

    Now its show an error "Inappropriate authentication "
    Exception LIne 26;

    24 : SCOPE="subtree"
    25 : FILTER="(uid=#form.username#)"
    26 : ATTRIBUTES="cn,mail,uid">

    Any help or suggestions are useful.

    tx,newbie
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,278
    Rep Power
    968
    LDAP can be tricky because depending on the LDAP server and the means you use to access it, the parameters you must pass to it can vary. For example, take a look at this link and not the difference in the "filter" attribute:

    http://www.its.monash.edu.au/web/sli...ion/cfm/cfldap

    I might take some playing to get CF's underlying Java engine to send the right information to the LDAP server, but it can definitely be done. Here's another example, which might not help directly but demonstrates yet another format for the information you send to the LDAP server:

    Code:
    <cfldap action="QUERY" 
    	name="getLdapUser"
    	attributes="uid, cn, dn, mail, givenName, sn, telephoneNumber"
    	start="dc=sargeway, dc=com"
    	scope="SUBTREE"
    	filter="uid=#lUsername#"
    	server="192.169.1.124"
    	port="389"
    	username="uid=#lUsername#,ou=Users,dc=Sargeway,dc=com"
    	password="#lPassword#">

IMN logo majestic logo threadwatch logo seochat tools logo