You can use the structured exception handling tags, CFTRY and CFCATCH, to catch security exceptions. Setting the TYPE attribute in CFCATCH to "Security" enables you to catch failures in the CFAUTHENTICATE tag. You can also catch catastrophic failures from the IsAuthorized or IsAuthenticated functions.
Set the THROWONFAILURE attribute to Yes and enclose the CFAUTHENTICATE tag in a CFTRY/CFCATCH block if you want to handle possible exceptions programmatically.
For information on exception handling strategies in ColdFusion, see "Exception handling strategies"
<!--- This exaple shows the use of excpetion handling with CFAUTHENTICATE in an Application.cfm file ---> <HTML> <HEAD> <TITLE>CFAUTHENTICATE Example</TITLE> </HEAD> <BODY> <H3>CFAUTHENTICATE Example></H3> <P>The CFAUTHENTICATE tag authenticates a user and sets the security context for an application. <P>Code this tag in the Application.cfm file to set a security context for your application. <P>If the user has not already been defined in the system, you can either reject the page, request that the user respecify the username and password, or define a new user. <!--- This code is from an Application.cfm file ---> <CFTRY> <CFAUTHENTICATE SECURITYCONTEXT="Allaire" USERNAME=#user# PASSWORD=#pwd#> <CFCATCH TYPE="Security"> <!--- The message to display ---> <H3>Authentication error</H3> <CFOUTPUT> <--- Display the message. Alternatively, you might place code here to define the user to the security context. ---> <P>#CFCATCH.Message# </CFOUTPUT> </CFCATCH> </CFTRY> <CFAPPLICATION NAME="Personnel"> </BODY> </HTML>