on 3/17/03 10:23 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > The cflogin framework handles 2 basic things - authentication and > authorization. User data would still need to be handled as it is now. > For example, maybe on login you get info like the user's name and age. > You could then store that into the session scope(*). The 'roles-based > security' system is not concerned with stuff like that - it just handles > the low level stuff like determining if you are logged in and what roles > are you in (if any). > > * cflogin is NOT based on sessions. That means your cflogin > authentication could expire and your session vars would still exist. > Therefore, you kind of have to hack around it. This is a typical section > of code from an Application.cfm file using cflogin. I've added comments > to explain what I'm doing. Any XXX implies a string I changed for > privacy reasons. I've put ********** by the lines you really need to > care about.
Darn, that did more to confuse me than anything else... So lemme get this straight, I'm not going to be able to start my logic with "does a session exist?" because the cflogin tag isn't going to do anything with sessions? Like create one? What I'm looking for is basically the following: 1. Is the user logged in with a current session? (I would place this in the application.cfm of the directory I want to protect, so It's executed on every page in the directory, so people can't bookmark a page and come back to it without having to log back in) 2. If so, then display the page. If not, redirect them up one level to the home page, which has a link to the login popup. (should the login page itself, the one taking usernames and passwords reside in the lower, protected directory? Or should it sit up, outside of the directory with the application.cfm page and just pass successful logins to that directory?) My login is basically just a popup window that will refresh the parent and close itself upon successful login. In other words, you'd go to index.cfm, and click a link to popup login.cfm, and when you successfully logged in, the window would close and you'd be on the index page of the lower directory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
