Discussion Area
ask questions, discuss topics, solve problems
Thread
I'm working on porting a PHP script into CF and have found that PHP embeded in Apache has access to url properties that CF apparently does not. For example:
http://username:password@domain.com/whatever/etc
In PHP the username and password values are available to parse_url($_SERVER[REQUEST_URI]);
However, in CF with the same URI:
<cfdump var="#getPageContext().getRequest().getRequestURL().toString()#">
results in http://domain.com/whatever/etc
I'm using the parseUrl UDF from cflib, which if i have the url hardcoded into a var will process and make available the properties to cfhttp and cfhttpparam. Unfortunately the properties are not accessible otherwise. I've been told that it may be possible to configure Apache to provide these values to CF - would anyone have any additional information on this?
Thanks
Copyright © 2009 Adobe Systems Incorporated. All rights reserved.
Use of this website signifies your agreement to the Terms of Use and Online Privacy Policy (updated 07-08-2008).
Powered by HiveLive
Comments
I worked up a solution, with an assist by Andy Jarret on some Apache
Configs and a very useful post by Ben Nadel http://bit.ly/4GzzR.
The issue is related to Apache needing to see the folder where the url
is being parsed as a secure folder, otherwise Basic auth properties
will not be passed out.
In order to do this I did the following (see http://httpd.apache.org/docs/2.0/howto/auth.html
for reference):
I set up a password folder in Apache: "sudo htpasswd -c /path/to/
passwd/passwords username"
htpasswd will ask for password, then re-enter password, and then
confirm adding new pass for username (whatever your username is).
Then:
You can place directives in your main server config file (Preferred if
you have access to conf).
(i.e.
<Directory /path/to/project>
AllowOverride AuthConfig
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /path/to/passwd/passwords
Require user username
Options Indexes MultiViews
Order allow,deny
Allow from all
</Directory>
)
OR, as in my case, since I'm packaging this for others, you can create
a .htaccess file to be placed in root
(i.e
<IfModule mod_auth.c>
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /pathTo/passwd/passwords
Require user username
</IfModule>
)
In order to implement a test, I did the following (note that i am
using parseUrl.cfm UDF by Dan G. Switzer, II found on cflib http://bit.ly/i3UQR
):
************test.cfm**************
<!--- Set the URL address --->
<cfinclude template="parseUrl.cfm" />
<cfset urlAddress="http://doug:pass@someDomain/index.cfm">
<!--- Parse the url with parseURL.cfm UDF --->
<cfset request.url = parseURL(urlAddress) />
<!--- http request --->
<!--- <cfhttp url="#urlAddress#" method="get" resolveurl="Yes"
username="#request.url.username#" password="#request.url.password#" /
--->
<cfhttp method="post" url="#urlAddress#"
username="#request.url.username#" password="#request.url.password#">
<cfhttpparam name="Method" value="POST" type="url">
</cfhttp>
<cfoutput>#CFHTTP.FileContent#</cfoutput>
************index.cfm*************
<!--- dump the request authentication --->
<cfdump
var
=
"#toString
(ToBinary(replaceNoCase(GetHTTPRequestData().Headers.Authorization,
"Basic ", "")))#"><cfabort>
The resulting output is "doug:pass" which i can now parse into
username and password since its a colon delimited list.
Feedback appreciated - thanks!
Reply to this Comment