Provides an interface to LDAP (Lightweight Directory Access Protocol) directory servers like the Netscape Directory Server. For complete examples of cfldap
usage, see Developing ColdFusion Applications.
<cfldap server = "server_name" port = "port_number" username = "name" password = "password" action = "action" name = "name" timeout = "seconds" maxRows = "number" start = "distinguished_name" scope = "scope" attributes = "attribute, attribute" filter = "filter" filterFile = "<file_name>,<stanza_name>" sort = "attribute[, attribute]..." sortControl = "nocase" and/or "desc" or "asc" dn = "distinguished_name" startRow = "row_number" modifyType = "REPLACE" or "ADD" or "delete" rebind = "Yes" or "No" referral = "number_of_allowed_hops" secure = "multi_field_security_string" separator = "separator_character" delimiter = "delimiter_character">
cfftp,
cfhttp,
cfmail,
cfmailparam,
cfpop
If you use the Query action
, cfldap
creates a query object, allowing access to information in the three query variables as described in the following table.
The CFSSL_BASIC type of security provides V2 SSL, and the CFSSL_CLIENT_AUTH type of security provides V3 SSL. V2 SSL provides encryption and server authentication. V3 SSL adds to this certificate-based client authentication.
Both forms of security encrypt the conversation, and the server always sends a digital certificate to confirm that it is the right server.
For CFSSL_BASIC, you must also specify the cfldap
attributes username
and password
to authenticate yourself. V2 encrypts the password before transmission.
For CFSSL_CLIENT_AUTH, you do not send a user name and password; authentication is by a digital certificate that you send to the server. CFSSL_CLIENT_AUTH is much more secure; however, it is difficult to administer because all clients must have certificates, which the server must be able to validate, and all the certificates must have keys associated with them and passwords to protect their keys.
Illegal ColdFusion characters can be used in LDAP attribute names. As a result, cfldap
could create columns in the query result set whose names contained characters which are illegal in ColdFusion and are, therefore, inaccessible in CFML. In this release of ColdFusion, any illegal characters are automatically mapped to the underscore character. Therefore, column names in the query result set may not exactly match the names of the LDAP attributes.
<!--- This example shows the use of cfldap ---> <html> <head> <title>cfldap Example</title> </head> <body bgcolor = silver> <H3>cfldap Example</H3> <P>cfldap provides an interface to LDAP (Lightweight Directory Access Protocol) directory servers like BigFoot (<a href = "http://www.bigfoot.com">http://www.bigfoot.com</A>). <P>Enter a name (try your own name) and search a public LDAP resource. ... <!--- If the server has been defined, run the query ---> <cfif IsDefined("form.server")> <!--- check to see that there is a name listed ---> <cfif form.name is not ""> <!--- make the LDAP query ---> <cfldap server = "ldap.bigfoot.com" action = "query" name = "results" start = "cn = #name#,c = US" filter = "(cn = #name#)" attributes = "cn,o,l,st,c,mail,telephonenumber" sort = "cn ASC"> <!--- Display results ---> <CENTER> <table border = 0 CELLSPACING = 2 CELLPADDING = 2> <TR> <TH COLSPAN = 5><cfoutput>#results.recordCount# matches found </cfoutput></TH> </TR> <TR> <TH><font size = "-2">Name</font></TH> <TH><font size = "-2">Organization</font></TH> <TH><font size = "-2">Location</font></TH> <TH><font size = "-2">E-Mail</font></TH> <TH><font size = "-2">Phone</font></TH> </TR> <cfoutput query = "results"> <TR> <TD><font size = "-2">#cn#</font></TD> <TD><font size = "-2">#o#</font></TD> <TD><font size = "-2">#l#, #st#, #c#</font></TD> <TD><font size = "-2"> <A href = "mailto:#mail#">#mail#</A></font></TD> <TD><font size = "-2">#telephonenumber#</font></TD> </TR> </cfoutput> </table> </CENTER> </cfif> </cfif> </body> </html>