You need to check to see if the user is being redirected to that page. If they are, then they should skip the authentication.
<cfif not isDefined("session.Auth") and listLast(cgi.path_info, "/") neq "int.cfm"> ----- Original Message ----- From: John Stanley <[EMAIL PROTECTED]> Date: Thursday, March 27, 2003 11:39 am Subject: Application security structure > Running CFMX > > Okay, this is a very basic question for alot of you, but one that > gives me > pause everytime it comes up. > > I am developing a large application-level web site that will house > severalsmaller applications inside of it. I am using application > and user-groups > defined roles for each user to limit their access to whatever I > want them to > see. This all works great. > > Here is my problem: > 1. The appliation.cfm loads with every page request. > 2. If there is no Session.Auth structure, it makes one. > 3. The session scope for the application tag in my application.cfm > is set to > timeout after 20 minutes. > 4. If the browser has had no activity for the prescribed length of > time, the > user on the next page request should be prompted to log in again. > 5. I cannot figuire out how to redirect the user by using code on the > application.cfm to do this. Sort of like the following: > > <cfif not isdefined("session.Auth")> > <cfset session.Auth = structNew()> > <cfset session.Auth.UserID = "0"> > <cfset session.Auth.LoginAttempts = "0"> > <cfset session.Auth.AppList = ""> > <cfelse> > <cfif session.Auth.UserID eq "0"> > <script> > document.location="int.cfm" > </script> > </cfif> > </cfif> > > This should be very easy, but I just cant get my head around it. I > keepgetting the million-page-loading problem. > > Any thoughts. > > :-) > > John > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4