All geek questions in one place

NTLM Authentication in ColdFusion

Is there a recommended (and preferably free) way in ColdFusion to access a remote file that is protected by NTLM authentication? The cfhttp tag only supports basic authentication.

+5
source share
5 answers

This CFX tag - CFX_HTTP5 - should do what you need. It costs $ 50, but maybe worth it? Sounds like a small price.

+4
source

Here is the code I found in:

http://www.bpurcell.org/downloads/presentations/securing_cfapps_examples.zip

There are also examples for ldap, webservices, etc. I will insert 2 files here so that you can have an idea, the code looks as if it should work anyway.

<cfapplication name="example2" sessionmanagement="Yes" loginStorage="Session"> <!-- Application.cfm --> <!-- CFMX will check for authentication with each page request. --> <cfset Request.myDomain="allaire"> <cfif isdefined("url.logout")> <CFLOGOUT> </cfif> <cflogin> <cfif not IsDefined("cflogin")> <cfinclude template="loginform.cfm"> <cfabort> <cfelse> <!--Invoke NTSecurity CFC --> <cfinvoke component = "NTSecurity" method = "authenticateAndGetGroups" returnVariable = "userRoles" domain = "#Request.myDomain#" userid = "#cflogin.name#" passwd = "#cflogin.password#"> <cfif userRoles NEQ ""> <cfloginuser name = "#cflogin.name#" password = "#cflogin.password#" roles="#stripSpacesfromList(userRoles)#"> <cfset session.displayroles=stripSpacesfromList(userRoles)><!--- for displaying roles only ---> <cfelse> <cfset loginmessage="Invalid Login"> <cfinclude template="loginform.cfm"> <cfabort> </cfif> </cfif> </cflogin> <!-- strips leading & trailing spaces from the list of roles that was returned --> <cffunction name="stripSpacesfromList"> <cfargument name="myList"> <cfset myArray=listtoarray(arguments.myList)> <cfloop index="i" from="1" to="#arraylen(myArray)#" step="1"> <!--- <cfset myArray[i]=replace(trim(myArray[i]), " ", "_")> out<br>---> <cfset myArray[i]=trim(myArray[i])> </cfloop> <cfset newList=arrayToList(myArray)> <cfreturn newList> </cffunction>

This is cfc, which may interest you:

 <!--- This component implements methods for use for NT Authentication and Authorization. $Log: NTSecurity.cfc,v $ Revision 1.1 2002/03/08 22:40:41 jking Revision 1.2 2002/06/26 22:46 Brandon Purcell component for authentication and authorization ---> <cfcomponent name="NTSecurity" > <!--- Authenticates the user and outputs true on success and false on failure. ---> <cffunction name="authenticateUser" access="REMOTE" output="no" static="yes" hint="Authenticates the user." returntype="boolean"> <cfargument name="userid" type="string" required="true" /> <cfargument name="passwd" type="string" required="true" /> <cfargument name="domain" type="string" required="true" /> <cftry> <cfscript> ntauth = createObject("java", "jrun.security.NTAuth"); ntauth.init(arguments.domain); // authenticateUser throws an exception if it fails, ntauth.authenticateUser(arguments.userid, arguments.passwd); </cfscript> <cfreturn true> <cfcatch> <cfreturn false> </cfcatch> </cftry> </cffunction> <!--- Authenticates the user and outputs true on success and false on failure. ---> <cffunction access="remote" name="getUserGroups" output="false" returntype="string" hint="Gets user groups." static="yes"> <cfargument name="userid" type="string" required="true" /> <cfargument name="domain" type="string" required="true" /> <cftry> <cfscript> ntauth = createObject("java", "jrun.security.NTAuth"); ntauth.init(arguments.domain); groups = ntauth.GetUserGroups(arguments.userid); // note that groups is a java.util.list, which should be // equiv to a CF array, but it not right now??? groups = trim(groups.toString()); groups = mid(groups,2,len(groups)-2); </cfscript> <cfreturn groups> <cfcatch> <cflog text="Error in ntsecurity.cfc method getUserGroups - Error: #cfcatch.message#" type="Error" log="authentication" file="authentication" thread="yes" date="yes" time="yes" application="no"> <cfreturn ""> </cfcatch> </cftry> </cffunction> <!--- This method combines the functionality of authenticateUser and getUserGroups. ---> <cffunction access="remote" name="authenticateAndGetGroups" output="false" returntype="string" hint="Authenticates the user and gets user groups if it returns nothing the user is not authticated" static="yes"> <cfargument name="userid" type="string" required="true" /> <cfargument name="passwd" type="string" required="true" /> <cfargument name="domain" type="string" required="true" /> <cftry> <cfscript> ntauth = createObject("java", "jrun.security.NTAuth"); ntauth.init(arguments.domain); // authenticateUser throws an exception if it fails, // so we don't have anything specific here ntauth.authenticateUser(arguments.userid, arguments.passwd); groups = ntauth.GetUserGroups(arguments.userid); // note that groups is a java.util.list, which should be // equiv to a CF array, but it not right now groups = trim(groups.toString()); groups = mid(groups,2,len(groups)-2); </cfscript> <cfreturn groups> <cfcatch> <cfreturn ""> </cfcatch> </cftry> </cffunction> </cfcomponent>
+1
source

If the code from Brandon Purcell, which uses the jrun.security.NTauth class, does not work for you in cf9 (this is not for me), the fix should use the coldfusion.security.NTAuthentication class. Everything worked well for me.

+1
source

You can try to be guided here: http://cfsilence.com/blog/client/index.cfm/2008/3/17/ColdFusionSharepoint-Integration--Part-1--Authenticating

Here is what you need:

 edit the client-config.wsdd

Edit

 <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"> </transport>

to

 <transport name="http" pivot="java:org.apache.axis.transport.http.CommonsHTTPSender"> </transport>
0
source

In my case, I fixed this problem using "NTLM Authorization Proxy"

http://www.tldp.org/HOWTO/Web-Browsing-Behind-ISA-Server-HOWTO-4.html

works great for me :)

0
source

Source: https://habr.com/ru/post/969415/

More articles:


All Articles