I want to send a email to real gmail ID's to the end users. So I used smtp.gmail.com as mail server with my own email user name & password. But if I use this.smtpServersettings in my application.cfc it's not sending a email. All the mail's are went to undelivered options. My sample code,
App.cfc :
<cfset this.name='mailfn8'>
<cfset this.smtpServersettings={server:"smtp.gmail.com",username:"mygmail#gmail.com",password:"mypassword"}>
My.cfm :
<cfmail from='sender#gmail.com' to='receiver#gmail.com' subject='test' type='html' port="587" usetls="true">
I'm seding a email by using this.smtpServersettings options.
</cfmail>
But the credentials are working great in below scenario,
-- If I set my details in application scope and use that values in cfmail tag
-- Directly set it in coldfusion mail server setting
For example,
App.cfc :
<cfset this.name='mailfn8'>
<cffunction name='onApplicationStart'>
<cfset application.server='smtp.gmail.com'>
<cfset application.username='mygmail#gmail.com'>
<cfset application.password='mypassword'>
</cffunction>
My.cfm :
<cfmail from='sender#gmail.com' to='receiver#gmail.com' server= '#application.server#' username='#application.userName#' password='#application.password#' subject='test' type='html' port="587" usetls="true">
I'm seding a email by using application scope.
</cfmail>
The above working fine. So why this.smtpServersettings is send email to undelivered option instead of gmail. ? .Do I need to enable any other setting if I use this.smtpServerSetting ? Please help me on this. Correct me if I'm understood anything wrong. Thank you !.
The smtpServerSettings struct does not support port and usetls.
https://tracker.adobe.com/#/view/CF-4204467
My suggestion is to create your own struct in application scope then pass to cfmail tag with argumentCollection attribute.
Related
When receiving values in a url with a period ".", somehow Taffy doesn't like it and doesn't show results. For example:
Endpoint URL:
mydomain.com/v1/devices/f15566dc799casdfc0b042642casdf7b1/registrations/pa.com.cnn.com
CFComponent:
<cfcomponent extends="taffy.core.resource"
taffy:uri="/v1/devices/{deviceid}/registrations/{registrationid}" >
<cffunction name="get" access="public" output="false" >
<cfset var retCode = 200>
<cfreturn representationOf("/v1/devices/#arguments.deviceid#/registrations/#arguments.registrationid#").withStatus(retCode) />
</cffunction>
</cfcomponent>
When I remove the periods, for example:
Endpoint URL:
mydomain.com/v1/devices/f15566dc799casdfc0b042642casdf7b1/registrations/pacomcnncom
Results:
"/v1/devices/f15566dc799casdfc0b042642casdf7b1/registrations/pacomcnncom"
A bit late but I assume you're using Taffy.
Taffy, because it parses for file extensions to set mime-types of its responses, cannot have extraneous 'dots' in the URI. There are workarounds apparently . . .
You can use regex to refine the taffy_uri.
https://github.com/atuttle/Taffy/wiki/Custom-token-regular-expressions
I've tried this but not had success, opting to not have an end point requiring valid email address on the URI. Instead, posting the email address in the POST body.
More info here
https://groups.google.com/forum/#!msg/taffy-users/HbYCeCvuTLA/1-eco35pAwAJ;context-place=forum/taffy-users
B.
I need to post from a non-secure CF page to a secure CF page. I don't want to have to go through and implement the user authentication on the page sending the values because its a rather cumbersome process due to the way this legacy site was setup and secondly because the page sending the values is acting as a service between two unrelated order management systems as opposed to a user.
Right now, when I try to post to, the response result is a redirect to the login of the homepage. Is there a way to make an exception for a posting or receiving page from forcing user authentication?
I'm using <cfhttp> to post the values to post page which has a series of <cfparam>'s that I'm passing the values to. Once I pass those values into the post page is when the post page triggers a redirect to the home page because the post page is an internal page in the order management system and is displayed as a client logs in and a session is created for them.
Since you did not provide any code, here is a guess what it might look like and how you could add an exception for specific requests:
<cffunction name="onRequestStart" access="public" output="false" returnType="boolean">
<cfargument name="targetPage" type="string" required="true">
<!--- treat initialized SESSION or matching request token (rtoken) as successful authentication --->
<cfset LOCAL.isAuthenticated = (
isDefined("SESSION.userID")
or
( structKeyExists(FORM, "rtoken") and (FORM["rtoken"] eq "some-secret-only-you-know") )
)>
<cfif LOCAL.isAuthenticated>
<!--- do something... --->
<!--- not authenticated --->
<cfelse>
<!--- redirect to login --->
<cflocation url="login.cfm" statusCode="303" addToken="false">
</cfif>
</cffunction>
Now you could simple add the key-value-pair rtoken=some-secret-only-you-know (i.e. <input type="hidden" name="rtoken" value="some-secret-only-you-know" />) to your POST to bypass the session based authentification.
Disclaimer: Only use this method if the POST parameters (form fields) are not public/editable by the user.
Feel free to provide actual context so I can assist in a more concrete way.
I have written a couple of apps with similar, but not identical requirements. Here is how I handled those requirements in the last one I wrote. All this code is the Application.cfc file in the methods specified.
In onApplicationStart:
application.securityNotNeededPages =
"somePage.cfm,someOtherPage.cfm,someMorePages.cfm";
In onRequestStart
var ThisPage = listlast(cgi.PATH_INFO, "/");
...
if (ListFindNoCase(application.securityNotNeededPages, ThisPage) is false) {
security related code
}
else {
code for when the page does not to be secured
}
I created a new function in an existing REST cfc but when I am trying to call it I receive a 404 Error where the rest of the functions are working. All of the functions are following the same structure as the one I am about to link further down without any issues.
I saw another post like mine but I didn't find any answers in it. This is the link for the other post here
<cfcomponent restpath="student" rest="true">
<cffunction name="npssummary" access="remote" output="false" returntype="any" httpmethod="get" restpath="npssummary" produces="application/json">
<cfquery name="nps_summary" datasource="dpsigweb2">
select top 10 * from contact
</cfquery>
<cfreturn serializeJSON(nps_summary,"struct")>
</cffunction>
</cfcomponent>
And this is how I am calling it
<cfhttp url="http://dev.example.com/rest/IIT/student/npssummary" method="get">
<cfset results = "#cfhttp#">
<cfdump var="#results#">
When I am trying to call the function directly in the browser I receive the expected result.
Also, I am using this function to reset the REST services each time I make a change to my component it seems to be working as expected so far.
<cftry>
<cfset restInitApplication("Z:\Sites\testSites\API\","IIT")>
<cfcatch type="any">
<cfdump var="#cfcatch#">
</cfcatch>
</cftry>
This is a browser limitation:
Microsoft Internet Explorer has a maximum uniform resource locator (URL) length of 2,083 characters. Internet Explorer also has a maximum path length of 2,048 characters. This limit applies to both POST request and GET request URLs.
If you are using the GET method, you are limited to a maximum of 2,048 characters, minus the number of characters in the actual path.
However, the POST method is not limited by the size of the URL for submitting name/value pairs. These pairs are transferred in the header and not in the URL.
RFC 2616, "Hypertext Transfer Protocol -- HTTP/1.1," does not specify any requirement for URL length.
Does anyone know if the new websockets feature in CF10 can be used cross domain and cross server? And does anyone know or have some sample code to do this?
I have a simple live help chat working on my app but I want to apply it to other sites and have one central admin chat area where the support agents will interact with users cross domain.
As far as I know they do not. You can, however, use a <cfhttp> to call a file on the other site that will publish the message. Here is I accomplished this.
Create a file called socketPublisher.cfm and save it in a directory that does not require a login access a file.
socketPublisher.cfm
<cfparam name="Request.Attributes.msgType" default="newJob">
<cfparam name="Request.Attributes.channel" default="notify">
<cfparam name="Request.Attributes.Type" default="">
<cfoutput>
<cfswitch expression="#Request.Attributes.Type#">
<cfcase value="yourType">
<cfscript>
WSPublish('chat',{message: '', msgType: '#Request.Attributes.msgType#'});
</cfscript>
</cfcase>
<cfdefaultcase>
<cfscript>
WSPublish('#Request.Attributes.channel#',{message: '', msgType: '#Request.Attributes.msgType#'});
</cfscript>
</cfdefaultcase>
</cfswitch>
</cfoutput>
Then in you action page on the other site, you will need to make your http request to that file.
actionPage.cfm
<cfhttp method="Post" url="#socketURL#/_scripts/socketPublisher.cfm">
<cfhttpparam type="URL" name="msgType" value="pendingFiles">
</cfhttp>
That should do it.
There is also a know issue with CF10 WSPublish that it will change the CGI scope cause error when trying to do a redirect from an action page. I am using this as a workaround for that issue until I can find a better solution.
If I am using integration authentication in IIS, how can I determine if the current user is part of a specific active directory role, using ColdFusion.
This would be analogous to using the IsInRole() method of the User object in .net - how can it be done in ColdFusion
the only way to do this is to use cflap and query the active directory server to get a list of groups. after you've gotten the list, you will need to parse it to see if that user belongs to the group in question. below is some code i wrote with some comments for the people at work. values have been changed to protect the innocent.
<!--- getting the user login id --->
<cfset variables.thisuser = ListLast(cgi.AUTH_USER, "\")>
<!--- this is the group they must be a memberof --->
<cfset variables.groupname = "CN=<the group to search for>">
<!--- list of all groups that the user belongs to, will be populated later --->
<cfset variables.grouplist = "">
<cftry>
<cfldap action="query"
name="myldap"
attributes="memberOf"
start="OU=<your ou>,DC=<your dc>,DC=<your dc>"
scope="subtree"
filter="(sAMAccountName=#variables.thisuser#)"
server="<your AD server ip>"
port="<your AD server port>"
username="<network login if required>"
password="<network password if required>">
<cfset variables.grouplist = myldap.memberOf>
<cfcatch>
</cfcatch>
</cftry>
<cfif FindNoCase(variables.groupname, variables.grouplist)>
<cfcookie name="SecurityCookieName" value="">
</cfif>
In coldfusion to check a users role you would use IsUserInRole()
http://cfquickdocs.com/#IsUserInRole
Edit - And actually I hope I understood correctly, I don't know anything about IIS or active directory. As I understood the question you wanted to check a users role in Coldfusion.
I think you may be looking for something more like this: http://vincentcollins.wordpress.com/2008/08/20/active-directory-ldap-authentication/ or this: http://coldfusion.sys-con.com/node/154225
Just as a follow up, SQL server has ADSI providers that allow you to create a linked server to your LDAP servers.
From there you can do ldap queries to your AD and it returns like any other record set.
I find it a little easier to do complex ldap query then via CF.