ColdFusion HTTP Basic Authentication

You can perform HTTP Basic Authentication at the ColdFusion level with a few lines of code.
<cfset reqData = GetHttpRequestData() />
<cfif IsStruct( reqData ) 
   AND StructKeyExists( reqData, "Headers" )
   AND IsStruct( reqData.Headers )
      AND StructKeyExists( reqData.Headers , "Authorization" ) 
	     AND REFindNoCase( 
        "Basic [A-Za-z0-9+/=]+", reqData.Headers.Authorization )>
		    <cfset credentials = ToString( ToBinary( 
        ListLast( reqData.Headers.Authorization , " " ) ) )/>
		    <cfset username = ListFirst( credentials, ":" ) />
			    <cfset password = ListLast( credentials, ":" ) />

	<cfif username eq "test" AND password eq "test">
		

	<cfelse>
	    <cfheader statuscode="401" statustext="Access Denied" /> 
		    <cfheader name="WWW-Authenticate" 
	        value="Basic realm=""MyApplication""" />
			    
	    <cfabort/>
	</cfif>
<cfelse>	    
	<cfheader statuscode="401" statustext="Access Denied" /> 
    <cfheader name="WWW-Authenticate" 
       value="Basic realm=""MyApplication""" />
  <cfabort/>

</cfif>
Posted by
Snippet Viewed 4295 times.

Share your ColdFusion code snippets:

  • Get some recognition & link back to your site.

 

Submit | Browse

Most Recent coldfusion snippets

Most Viewed