Greetings!
Our problem:
We are creating a user unique login page (using CF) with
LDAP authentication.Once the user is authenticated, we
need to re-direct them to a second party Vendor package
(that’s on a different server). The problem is so far
everything we have tried has either clearly displayed
the login Id and password on the receiving page’s
Address url line or the source is accessible (even with
using https), or has Not worked!
I tried going over some threads (thread232-1270633), but
couldn't find my answer.
What we have tried so far:
1) We have tried using cflocation with addtoken="no"
and ‘JavaScript’s self.location=’. Both clearly
display the user id and password on the address line
(in text format).
2) Passing the variables as hidden, but the source can
be viewed which again displays the variables.
3) We are currently trying to use cfhttp (which I’m not
that familiar with), the first Pass (cfhttp) seems to
be working (after the return trip from the vendor
application, we are getting a 200 return code and
show a cookie created. We then re-created the
cookie and pass it back to the other server location
(cfcookie with path defined).
I was told that at this point the cookie should have
been passed to the browser and the browser in turn
passes control back to the vendor application, but
all I get is a Blank page.
We also tried to create the cookie and then run
another cfhttp to pass the cookie and Control back to
the vendor application, it seems to work (at least we
are getting The 200 return code), but it’s not
passing control back to the vendor application.
Any suggestions would be helpful (Source can be
provided on request!)
Thank You!
Our problem:
We are creating a user unique login page (using CF) with
LDAP authentication.Once the user is authenticated, we
need to re-direct them to a second party Vendor package
(that’s on a different server). The problem is so far
everything we have tried has either clearly displayed
the login Id and password on the receiving page’s
Address url line or the source is accessible (even with
using https), or has Not worked!
I tried going over some threads (thread232-1270633), but
couldn't find my answer.
What we have tried so far:
1) We have tried using cflocation with addtoken="no"
and ‘JavaScript’s self.location=’. Both clearly
display the user id and password on the address line
(in text format).
2) Passing the variables as hidden, but the source can
be viewed which again displays the variables.
3) We are currently trying to use cfhttp (which I’m not
that familiar with), the first Pass (cfhttp) seems to
be working (after the return trip from the vendor
application, we are getting a 200 return code and
show a cookie created. We then re-created the
cookie and pass it back to the other server location
(cfcookie with path defined).
I was told that at this point the cookie should have
been passed to the browser and the browser in turn
passes control back to the vendor application, but
all I get is a Blank page.
We also tried to create the cookie and then run
another cfhttp to pass the cookie and Control back to
the vendor application, it seems to work (at least we
are getting The 200 return code), but it’s not
passing control back to the vendor application.
Any suggestions would be helpful (Source can be
provided on request!)
Thank You!
