cflogin

Description

A container for user login and authentication code. ColdFusion checks the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. Used with cfloginuser tag.

Syntax

<cflogin
  idletimeout = "value"
  applicationToken = "token"
  cookieDomain = "domain"
  ...
  <cfloginuser
    name = "name"
    password = "password-string"
    roles = "roles">
  ...>
</cflogin>

History

New in ColdFusion MX: This tag is new.

Attributes

Attribute Req/Opt Default Description

idletimout
Optional
1800
Time interval with no keyboard activity after which ColdFusion logs the user off. Seconds.

applicationtoken
Optional
the application name
Unique application identifier. Limits the login scope to an application context, so that logins cannot be created illegally.

cookiedomain
Optional

Domain for which the security cookie is valid.

Attribute	Req/Opt	Default	Description
idletimout	Optional	1800	Time interval with no keyboard activity after which ColdFusion logs the user off. Seconds.
applicationtoken	Optional	the application name	Unique application identifier. Limits the login scope to an application context, so that logins cannot be created illegally.
cookiedomain	Optional		Domain for which the security cookie is valid.

Usage

The body of this tag executes only if there is no logged-in user. When using application-based security, you put code in the body of the cflogin tag to check the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. The body must include a cfloginuser tag to establish the authenticated user's identity in ColdFusion.

The following example shows a simple authentication. This code is typically in the application.cfm page.

Example

<cflogin>
  <cfloginuser 
    name  = "foo"
    password ="bar"
    roles = "admin">
</cflogin>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>
<cflogout>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>