"Single sign on" using windows authentication

[color gray]
<!--- first step is to enable session management (20 minutes) --->
[/color]
[b]<cfapplication name = "appName" sessionmanagement = "yes" setclientcookies = "yes" sessiontimeout = "#createtimespan(0,0,20,0)#">[/b]
[color gray]
<!--- When an invalid user tries to gain access we have to send them to a page that says they do not have access.  This cfif will make sure the login code is not run on "invalidUser.cfm", or we would get stuck in a loop.  we also check for a session variable called "session.loggedin" to keep this from running every time a valid user requests a page.  it will only run if the session does not exists or is false. --->
[/color]
[b]<cfif not findNoCase("invalidUser.cfm", cgi.SCRIPT_NAME) AND(not isdefined("session.loggedin") OR session.loggedin eq false)>[/b]
[color gray]
<!--- Now we get the user.  I prefer not to save the domain name into the database so I remove it.  If you want to save the domain name in the database you don't have to remove it here. cgi.remote_user stores a value similar to domainName\userName. I will use listLast to get the username after the \  --->
[/color]
[b]<cfset user = listLast(cgi.REMOTE_USER,"\") >[/b]
[color gray]
<!--- now we run the query to find the user. "networkID" is where the users nt login name is stored --->
[/color]
[b]<cfquery name="qLogin" datasource="dsn">
  SELECT networkID
  FROM usersTable
  WHERE networkID = '#user#'
</cfquery>[/b]
[color gray]
<!--- now we check to see if the user was found in the database --->
[/color]
[b]<cfif qLogin.recordCount>[/b]
[color gray]
<!--- Set session variables --->
[/color]
[b]<cfset session.networkID = qlogin.networkID>
<cfset session.loggedin = true>
[/b]
[color gray]<!--- if the user is not found send them to the invalid user page --->
[/color]
[b]<cfelse>
<cflocation url = "invalidUser.cfm" addtolken = "no">
</cfif>[/b]

[color gray]<!--- if the user was not redirected the rest of the page will continue from here. --->
[/color]