tracker issue : CF-3127780

select a category, or use search below
(searches all categories and all time range)

Allow CFLOGIN to not use web server auth

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Raymond Camden / Raymond Camden (Raymond Camden)

Created: 03/01/2012

Components: Security

Versions: 10.0

Failure Type: Enhancement Request

Found In Build/Fixed In Build: Public Beta / 283724

Priority/Frequency: Trivial / Unknown

Locale/System: English / Platforms All

Vote Count: 0

From a comment I wrote:
My biggest issue with cflogin is one of it's features - web auth integration. Imagine an application like BlogCFC. It is meant to be deployed on your server. Now imagine the entire server is locked down with Apache's security system. 

Right now cflogin will notice that and assume you are logged in. But for BlogCFC, you aren't "really" logged in.

I get that it is a feature, and it makes sense, but I wish cflogin had a way to ignore any HTTP-based auth.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3127780


External Customer Info:
External Company:  
External Customer Name: cfjedimaster
External Customer Email:  
External Test Config: My Hardware and Environment details:



It is a valid enhancement but not something we can add at this stage. We will consider it for the next release.
Comment by Rupesh K.
20455 | March 04, 2012 08:31:58 PM GMT
Is this in CF10? It is marked fixed.
Comment by External U.
20456 | June 06, 2013 09:12:02 AM GMT
No, it is fixed for the next release.
Comment by Rupesh K.
20457 | June 06, 2013 09:16:27 AM GMT