1 Replies - 1837 Views - Last Post: 06 March 2012 - 09:33 AM Rate Topic: -----

#1 presuhn  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 06-March 12

LDAP query pulling the wrong information

Posted 06 March 2012 - 09:24 AM


I have a question about using LDAP and the REMOTE_USER commands. Here's a little background. I'm developing a company intranet that uses these functions to determine user name and department. Then it displays content tailored to that user/ department.

In my application file I have:
<!--- User Logged In --->
<cfset application.username = Mid(REMOTE_USER, 15, 20)>

<!--- Set Department --->
<cfinvoke component="#application.components#AD" method="get_logged_in" returnvariable="get_logged_in">
<cfquery name="my_dept" datasource="#application.dsn#">
   SELECT dept_name
   FROM departments
   WHERE ad_name = '#get_logged_in.department#'
<cfset application.dept = #my_dept.dept_name#>

The username pulled from the REMOTE_USER function is used in the get_logged_in function, which is the ldap query. From that it pulls the department and the my_dept query maps that to a custom department table.

All this works fine, except...

Sometimes a user will be on the site, and it will be displaying the wrong user name, and hence, the wrong department. It is usually fixed by refreshing, which then usually gets the correct info. I'm not quite sure how to stop this from happening in the first place.

Any help appreciated!!

Is This A Good Question/Topic? 0
  • +

Replies To: LDAP query pulling the wrong information

#2 Craig328  Icon User is offline

  • I make this look good
  • member icon

Reputation: 1995
  • View blog
  • Posts: 3,549
  • Joined: 13-January 08

Re: LDAP query pulling the wrong information

Posted 06 March 2012 - 09:33 AM

Hi presuhn and welcome to DIC.

I can't know for certain but I think your problem is right here:
<!--- User Logged In --->
<cfset application.username = Mid(REMOTE_USER, 15, 20)>

You're storing a user's username (the thing displaying incorrectly at times) in the application scope (application.username). The application scope contains variables that are associated with a single application on the server and are available to all user sessions running in that application. That means that 2 users in entirely different sessions within the same application can access the value of an application variable. If one sets that application variables value to say "John" then the other users of that same application would also see "John" when they access it.

If you're using sessions, your best bet is to set the username as a session variable (<cfset session.username = Mid(REMOTE_USER, 15, 20)>). Do that and you should see the problem disappear.

Good luck!
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1