CFLOGIN  
Description

A container for user login and authentication code. ColdFusion checks the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. Used with cfloginuser tag.

 
Category

Extensibility tags

 
Syntax
    <cflogin
   idletimeout = "value"
   applicationToken = "token"
   cookieDomain = "domain"
   ...
   <cfloginuser
      name = "name"
      password = "password-string"
      roles = "roles">
   ...>
</cflogin>

  
 
See also

cfloginuser, cflogout

 
History

New in ColdFusion MX: This tag is new.

 
Usage

The body of this tag executes only if there is no logged-in user. When using application-based security, you put code in the body of the cflogin tag to check the user-provided ID and password against a data source, LDAP directory, or other repository of login identification. The body must include a cfloginuser tag to establish the authenticated user's identity in ColdFusion.

The following example shows a simple authentication. This code is typically in the application.cfm page.

 
Example
<cflogin>
   <cfloginuser 
      name  = "foo"
      password ="bar"
      roles = "admin">
</cflogin>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>
<cflogout>
<cfoutput>Authorized user: #getAuthUser()#</cfoutput>
IDLETIMOUT  
  Optional
 
Default value: "1800"

Time interval with no keyboard activity after which ColdFusion logs the user off. Seconds.

APPLICATIONTOKEN  
  Optional
 
Default value: "the application name"

Unique application identifier. Limits the login scope to an application context, so that logins cannot be created illegally.

COOKIEDOMAIN  
  Optional
 

Domain for which the security cookie is valid.