CFAjax
 
[ Home ]    [ Examples ]    [ Project / Download ]    [ FAQ / How To]    [ Docs/Articles]    [ About Me ]

Client Authentication

Example
Select a State :

Whats happening?

As soon you load this page, CFAjax is creating an authentication key based on your IP address and the server date and time and that authentication Key is encrypted using a private key defined in the settings. To take a peek at how the authentication key looks you can do the view source. Just to give a quick glimpse I am pasting a sample authentication Key 
DWREngine.setClientAuthenticationKey('F9%26%3B2%2B%22W0%20%3F%5F%22W%2F%22J1%5F%3D%5DFXOB%25IW%3CQ%5D%5C%');

Prework Required

In order to make client authentication work you will have to first define a private key for the encryption, though the private key exists by default but it’s strongly recommended to change it. To change the key open the “settings.cfm” located under the cfajax/core folder and update the following line with your own private key. 
<cfset cfajaxPrivateEncryptionKey = "somethingunique">
By default the authentication key is supposed to expire after 120 min past its creation, but you can change it to whatever value you desire! 
<cfset cfajaxExpireClientRequestsAfterXMinutes = 120>
Also once the basic settings is done, you will have to include the “clientInit.cfm” located in cfajax/core folder with your presentation page (i.e. the page that’s making CFAjax calls) 
<cfinclude template="/cfajax/core/clientInit.cfm">

How does this example works?

Before the page is loaded and rendered the createClientAuthenticationKey() CF function is called which generated the Authentication key and places that in the HTML. Once the page is loaded init() function will be called which is going to register the authentication key generated with DWREngine. Immediately after setting the key init also makes call to loadInfo() function. 
	function init()
	{
		DWREngine.setClientAuthenticationKey('<cfoutput>#createClientAuthenticationKey()#</cfoutput>');
		DWRUtil.useLoadingMessage();
		DWREngine._errorHandler =  errorHandler;
		loadInfo();
	}
When you select a state from drop down list onChange event gets called onChange=getCounty. The getCounty function looks like this: 
	function getCounty()
	{
		var state = DWRUtil.getValue("state");
		DWREngine._execute(_cfscriptLocation, null, 'stateinfoClientAuthentication', state, getCountyResult);
	}
getCounty function first gets the value of state selected , and then calls DWREngine._execute method which in turn calls stateinfoClientAuthentication coldfusion function with the parameter as state code. The DWREngine parameters are explained below: 
	_cfscriptLocation -> location of the coldfusion file that has the function implementation
	null, -> Default value
	'stateinfoClientAuthentication', -> Coldfusion function to be called
	state -> State code for which we need the county listing
	getCountyResult, -> Javascript function that will be called after countylookup CF function has been executed
Since we have enabled the authentication for this page and have passed the authentication key to DWREngine . All the CF function that will be called from this page will get the authentication key, weather they use it not is dependent upon the function definition. In our case stateinfoClientAuthentication CF function is called which has authentication enabled in hint section “hint="sessioncheckfunction='checkSessionExists'" listed below is the CF code: 
<cffunction name="stateinfoSessionAuthentication" hint="sessioncheckfunction='checkSessionExists'">
	<cfargument name="state" required="yes" type="string">
	<cfreturn getStaticStateInfoString(state=arguments.state)>
</cffunction>

IMPORTANT If you hint does not have sessioncheckfunction='checkSessionExists' attribute the key authentication will not be performed even though you has passed it to the DWREngine.

If the key authentication fails due to mismatch, the client will see alert box saying authentication failed. This is the default message that shows up. But you can always override the message and present the customer with your own custom made message or don’t show anything at all. To override the default authentication fail message you can define a javascript function in your code like this. 

function myErrorHandler(message)
{
	alert(‘hey who are you’);
}

DWREngine.setAuthenticationFailureHandler(myErrorHandler);
Now anytime the authentication fails, a JavaScript alert will show up with the message ‘hey who are you’

When the coldfusion method returns data, getCountyResult JavaScript function gets executed with displays the text in the info span: 

	function getCountyResult(result)
	{
		document.getElementById("info").innerHTML = result;
	}