在 ColdFusion 服务器之间共享登录凭据? [英] Sharing login credentials between ColdFusion servers?

问题描述

如果我有多个 CF8 服务器，一个用户是否可以在一台服务器上登录，但在所有服务器之间共享登录凭据(无需重新登录)?

If I have multiple CF8 servers, can a user login on one server, but share the login credential among all servers (no re-login required)?

推荐答案

也许问题是关于共享会话?这可以使用序列化的 J2EE 会话 或使用共享的客户端变量.

Maybe question is about sharing session? This can be done using serialized J2EE sessions or using shared client variables.

例如，这可以通过以下方式完成.

For example, this can be done in following way.

在其中一台服务器上创建空数据库(我创建了一个 MySQL).在所有 CF 服务器上创建指向该数据库的数据源.将此数据源用作服务器设置 > 客户端变量 > 客户端会话存储，名称为 SharedSessions(我们稍后将使用它).

Create empty database on one of servers (I've created MySQL one). Create datasources pointing to this DB on all CF servers. Use this datasource as Server Settings > Client Variables > client sessions storage with name SharedSessions (we'll use it later).

如果我们在 所有服务器 上的 Application.cfm 中使用 cflogin，它的代码可能看起来像这样(简化):

If we're using cflogin in Application.cfm on all servers, it's code can look this (simplified) way:

<cfapplication
    name="shared_session_test"
    sessionManagement="true"
    clientmanagement="true"
    clientstorage="SharedSessions" />

<cflogin>

    <cfif IsDefined( "cflogin" ) and cflogin.name eq "admin" and cflogin.password eq "admin">
        <cfset user_roles = "administrators" />
        <cfset user_name = cflogin.name />
        <cfset user_password = cflogin.password />
    </cfif>

    <cfif IsDefined( "user_roles" )>
        <!--- push login params into shared client scope --->
        <cfset CLIENT.user_roles = user_roles />
        <cfset CLIENT.user_name = user_name />
        <cfset CLIENT.user_password = user_password />
    <cfelseif IsDefined( "CLIENT.user_roles" )>
        <!--- restore login params from shared client scope --->
        <cfset user_roles = CLIENT.user_roles />
        <cfset user_name = CLIENT.user_name  />
        <cfset user_password = CLIENT.user_password  />
    </cfif>

    <cfif IsDefined( "user_roles" )>
        <cfloginuser name="#user_name#" password="#user_password#" roles="#user_roles#">
    <cfelse>
        <!--- authentication failed - send back 401 --->
        <cfsetting enablecfoutputonly="yes" showdebugoutput="no">
        <cfheader statuscode="401">
        <cfheader name="WWW-Authenticate" value="Basic realm=""MySecurity""">
        <cfoutput>Not authorized</cfoutput>
        <cfabort />
    </cfif>

</cflogin>

<cfoutput><p><a href="http://other.server.com/index.cfm?#CLIENT.urltoken#">other.server.com</a></p></cfoutput>

现在这些在两台服务器上显示相同:

Now these show the same on both servers:

<cfdump var="#getAuthUser()#">
<cfdump var="#CLIENT#">

当然，这里有很多事情要做，以使流程更好、更安全，只是描述了总体思路.

Sure, there's much to do here to make process better and more secure, just described the general idea.

希望这会有所帮助.

这篇关于在 ColdFusion 服务器之间共享登录凭据?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！