Ask a Question related to Coldfusion - Advanced Techniques, Design and Development.
-
Gakusei #1
CFHTTP and secure sites
OK, I've used the CFHTTP tag with the URL, method, ResolveURL, UserName, and
Password parameters to connect to a remote server that requires authentication.
But here's the problem:
Although the page's source is retrieved without a problem, when the browser
attempts to render the returned source code, the browser gets stopped for a
login prompt at EVERY dependent file (images, stylesheets, even BASE HREF
tags)... I thought the whole idea of the username and password parameters was
to allow us to see and use a site requiring authentication, but it seems to me
that it works only on the original source code and not the dependencies... am I
missing something here?
Any help would be very much appreciated!
Thanks in advance,
bw
Gakusei Guest
-
secure intranet site with non secure sites?
I log into a domain open an secure intranet site and then when I go to yahoo.com it messes up my secure intranet site that I have open. Cant... -
Why can't I access secure sites??
If you have dsl/cable which does not require a username an password try booting into safe mode with networking. Does it work there? If so, you have... -
cannot access secure web sites
Goto http://support.microsoft.com, search the knowledge base for article 813444. times. -
locked out secure sites
no email, messengers,or msn explorer will work. i cant send pictures and access some web sites -
secure sites with xp
gentlemen: i have a new laptop with xp home ed access to the web is fine with cable...but with dialup only i can not access secure sites, ie... -
ssawka #2 Re: CFHTTP and secure sites
You need to think about how CFHTTP works. Essentially when you use CFHTTP, the
Cold Fusion server is mimicking the actions of your browser to retrieve the
page. When you log into a "secure" site, you enter in a User Id and a
Password. The remote site authenticates you and stores a token (cookie, etc.)
in your browser so the site can maintain a "session" with your browser, and
know that you have already "logged in". When you send the User Id and Password
via CFHTTP, the token is sent back to the ColdFusion server, not your browser.
However, when a link or object (image, style sheet, script, etc.) is embedded
within the code retrieved via CFHTTP, and you simply display that code "as is",
your browser is requesting the embedded objects. Hence your browser needs to
be "authenticated" not the CF Server. This is analogist to adding an item to
a shopping cart using IE, but then trying to check out using FireFox.
Hope this helps,
Sean
ssawka Guest
-
jdeline #3 Re: CFHTTP and secure sites
ssawka, would it make sense to parse CFHTTP.FILECONTENT, make a list of all
..jpg, .gif, .css, etc. and have the ColdFusion server get them. It would seem
that, since the CF server has the cookie, it would be authorized to do that.
There would be a small issue as to what to do with these files after the server
gets them, but that can be worked out so the page can render properly.
jdeline Guest
-
ssawka #4 Re: CFHTTP and secure sites
Sorry, I did not see your second post until today. Yes having ColdFusion
download the files is one method, however the links may need to be modified as
well. There may be other methods depending on how the session is being
maintaines by the third party site.
ssawka Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
