Authentication Using an Existing MSSQL Application

Owned by Matthew Williams
Last updated: Jul 18, 2007 by Geoff BowersVersion comment
2 min read

External Authentication - MSSQL Server

This document is intended to help outline the requirements for adding a new UserDirectory via an external database. The methods described below were written with MSSQL in mind, but should work with databases that support views. It is assumed that you have good working knowledge of databases, the external database to link in particular.

This can be useful if a customer relation management system, or similar, holds user information that is to be shared with the FarCry application.

To create a new UserDirectory , your required to have three database tables/views of the names dmUser , dmGroup , and dmUserToGroup . Below is layout of each of these tables/views. Note that if you're database does not have a matching field to any of the ones below, either substitute it with a similar field, or create a static field in the view. Also note that is not recommended to change this data via the FarCry security interface.

dmUser

These fields are required in the dmUser table/view

UserID

Int

UserLogin

Varchar

UserNotes

Varchar

UserPassword

Varchar

UserStatus

Int

If there is no field that matches in the database, just create an expression similar to what was done below for UserStatus. A UserStatus of 4 is active in FarCry, and since we're not using Farcry to modify the user active status (this is handled in the external database), it is set to always be 4.

dmGroup

These fields are required in the dmGroup table/view

GroupID

Int

GroupName

Varchar

GroupNotes

Varchar

Below is the dmGroup view. Note that SalesPersonID is substituted for GroupNotes . Notes, in the overall scheme, can be null.

dmUserToGroup

These fields are required in the dmUserToGroup table/view

UserID

Int

GroupID

Int

Below is the dmUserToGroup that was created.

Create a new ColdFusion DSN (datasource)

The next step in this process is to create a DSN to the external database within the ColdFusion administrator. This is demonstrated below.

Modify _ serverSpecificVars.cfm

Add the DNS, DBTYPE to the file. Be sure that the name in parenthesis matches the DSN name.

Modify _ dmSecUserDirectories.cfm

Add the following to the _dmSecUserDirectories.cfm file.

("myUD" can be any variable name, but note that this name is reflected in the security tab)

// External Authentication Client User Directory
application.dmSec.UserDirectory.myUD = structNew(); // choose a unique struct name in place of 'myUD'
temp = application.dmSec.UserDirectory.myUD;
temp.type = "Daemon"; // the type MUST be "Daemon" when using a SQL database
temp.datasource = "myDatasource"; // the name of the ColdFusion DSN created previously

Final Setup

You should now see your new UserDirectory in the Policy and Security tabs. You must add mappings from the normal FarCry policy groups to external groups you've just added. Since we already set up groups, and the mappings between the users and groups, all that's left to do is map the groups to policies.

That's it! You can now set up permissions to these new groups as if they were internal to FarCry. Your external application still functions the same.