Authentication 为什么ColdFusion在身份验证后重定向到当前页面而不是目标页面?
我有一种情况,在用户验证后,它返回到当前页面,而不是目标页面Authentication 为什么ColdFusion在身份验证后重定向到当前页面而不是目标页面?,authentication,coldfusion,url-redirection,coldfusion-9,http-referer,Authentication,Coldfusion,Url Redirection,Coldfusion 9,Http Referer,我有一种情况,在用户验证后,它返回到当前页面,而不是目标页面 用户输入搜索词并单击enter 搜索页面在带有链接的页面上显示结果 用户单击链接以查看详细信息页面 详细信息页面需要身份验证 它将用户重定向到身份验证页面。在这一点上 custom_application.cfm页面,它将HTTP_引用显示为: 用户进行了身份验证,然后返回到 翻页而不是翻页 页面,即 用户单击并希望转到的链接 我发现本·纳达尔(Ben Nadal)的这篇文章与CFLocation讨论了这个问题,但它没有提供问题的解
<cfif cgi.query_string contains "login=1">
<cfif not cgi.query_string contains "forcelogin=1">
<cflog text="SERVER_NAME: #cgi.SERVER_NAME#" type="Information" file="Authentication">
<cflog text="PATH_INFO: #cgi.PATH_INFO#" type="Information" file="Authentication">
<cflog text="PATH_TRANSLATED: #cgi.PATH_TRANSLATED#" type="Information" file="Authentication">
<cflog text="SCRIPT_NAME: #cgi.SCRIPT_NAME#" type="Information" file="Authentication">
<cflog text="QUERY_STRING: #cgi.QUERY_STRING#" type="Information" file="Authentication">
<cflog text="REMOTE_HOST: #cgi.REMOTE_HOST#" type="Information" file="Authentication">
<cfif cgi.http_referer contains "search/?search=">
<cflog text="cgi.http_referer contains: #cgi.http_referer#" type="Information" file="Authentication">
<cfset tmp=ReReplace(cgi.http_referer, "^.+\.mysite\.com", "")>
<cfset scriptName=ReReplace(cgi.script_name, "^index.cfm\.+", "")>
<cflog text="scriptName: #scriptName#" type="Information" file="Authentication">
<!---<cfset qryString=ReReplace(#tmp#, "/search/?search=", "")>--->
<cfscript>
qryString = replace(#tmp#, "/search/?search=", "", "All");
</cfscript>
<cflog text="qryString: #qryString#" type="Information" file="Authentication">
<cfset session.preauthurl="#request.author_url#/kb/article/#qryString#">
<cflog text="After cfset session.preauthurl: #request.author_url#/kb/article/#qryString#" type="Information" file="Authentication">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
<cfelse>
<!---<cfset session.preauthurl="#cgi.http_referer#">--->
<cflog text="session.preauthurl-172: #session.preauthurl#" type="Information" file="Authentication">
<cflog text="cflocation url: #request.author_url#/authenticate.cfm" type="Information" file="Authentication">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
</cfif>
<!---<cfset session.preauthurl="#cgi.http_referer#">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">--->
<cfelse>
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
</cfif>
</cfif>
<!--- if this user is not marked as a "licensed contributor", mark them as such.--->
<cfif session.user.LICENSEDCONTRIBUTOR eq 0>
<cftry>
<CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">
<cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">
UPDATE Users
SET LicensedContributor = '1'
WHERE ID = #session.user.id#
</cfquery>
<cfset session.user.LicensedContributor = "1">
</CFLOCK>
<cfcatch>
<cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>
</cfcatch>
</cftry>
</cfif>
<cflog text="preAuthUrl-63: #session.preAuthUrl#" type="Information" file="Authentication">
<!---we are now logged in, so redirect somewhere--->
<cfif session.preAuthUrl eq "">
<!---not sure where we came from, so redirect to the homepage--->
<cflocation url="/" addtoken="no">
<cfelse>
<!---The tmp here will cause interna server error because it was not defined anywhere.--->
<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>
<cfif session.preAuthUrl contains "login=1">
<cfif tmp eq "">
<cflocation url="/" addtoken="no">
<cfelse>
<cflog text="tmp-75: #tmp#" type="Information" file="Authentication">
<cflocation url="#tmp#" addtoken="no">
</cfif>
<cfelse>
<!---<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>--->
<cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">
<cflocation url="#request.author_url##tmp#" addtoken="no">
</cfif>
</cfif>
</cfif>
<cflog text="http_referer: #cgi.http_referer#" type="Information" file="Authentication">
<!---go back to wherever we came from--->
<cflocation url="#cgi.http_referer#" addtoken="no">
问题是,您在会话中存储的是页面的refral url,而不是当前url,您希望在验证后返回该url。您不应该使用cgi.http\u referer,而应该使用path\u info和query\u string(如果您的参考URL不包含任何内容,则可以跳过query\u string)
但是在用户手动登录的情况下,您必须使用http\u referer 感谢您的回复和支持。我终于明白了。它进入循环的原因是因为我测试用户是否经过身份验证的方法是错误的。因为我们使用的是CommonSpot CMS,所以我尝试使用它们来检查。isLoggedIn是错误的。最后,我必须设置session.mySiteShibboleth.isAuthenticated变量,并在我的详细信息页面中检查该变量。如果不正确或未设置,则将用户重定向到身份验证页面。这似乎奏效了
<cfif IsDefined("session.mysiteShibboleth.isAuthenticated") >
<cfoutput>
mysiteShibboleth exists.
</cfoutput>
<cfelse>
<cflocation url="#request.author_url##cgi.script_name#?login=1" addtoken="no" >
</cfif>
mysiteShibboleth存在。
<cfif cgi.query_string contains "login=1">
<cfif not cgi.query_string contains "forcelogin=1">
<cfset session.preauthurl="https://devbox.mysite.com#cgi.path_info##cgi.query_string#">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
<cfelse>
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
</cfif>
</cfif>
<cfif IsDefined("session.mysiteShibboleth.isAuthenticated") >
<cfoutput>
mysiteShibboleth exists.
</cfoutput>
<cfelse>
<cflocation url="#request.author_url##cgi.script_name#?login=1" addtoken="no" >
</cfif>