cflogin

Description

A container for user login and authentication code. ColdFusion checks the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. Used with cfloginuser tag.

Category

Extensibility tags

Syntax

<cflogin
  idletimeout = "value"
  applicationToken = "token"
  cookieDomain = "domain"
  ...
  <cfloginuser
    name = "name"
    password = "password-string"
    roles = "roles">
  ...>
</cflogin> 

See also

cfloginuser, cflogout

History

New in ColdFusion MX: This tag is new.

Attributes

Attribute Req/Opt Default Description
idletimout
Optional
1800
Time interval with no keyboard activity after which ColdFusion logs the user off. Seconds.
applicationtoken
Optional
the application name
Unique application identifier. Limits the login scope to an application context, so that logins cannot be created illegally.
cookiedomain
Optional
 
Domain for which the security cookie is valid.

Usage

The body of this tag executes only if there is no logged-in user. When using application-based security, you put code in the body of the cflogin tag to check the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. The body must include a cfloginuser tag to establish the authenticated user's identity in ColdFusion.

The following example shows a simple authentication. This code is typically in the application.cfm page.

Example

<cflogin>
  <cfloginuser 
    name  = "foo"
    password ="bar"
    roles = "admin">
</cflogin>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>
<cflogout>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>

Comments