I missed what your question was, Peter. Speaking for myself, I think its probably best to roll your own security. I do my own system that has tiered and group-based security. I wish I'd also built an expandable role model into it though, as upgrading existing installations will now be quite a pain.
------------------------------------------- Matt Robertson, [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com ------------------------------------------- ---------- Original Message ---------------------------------- From: "Peter Mayer" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Tue, 01 Jul 2003 00:39:17 +0200 >Hello! > >I'm currently working on a concept of a permission system for a large >coldfusion based website. > >The requirements: > >- Provide general role based permissions ("admins" can do >everything, "managers" almost everything, "guests" are just allowed to take >a look) > >- Provide object based permissions (f.e. let a single object only edit by >user a,b,c and group "managers" despite of the general role permissions) > > >Has someone provided a demo framework for such a case? > >ColdFusion itself provides already "IsUserInRole" and other functions but >these things do not seem to support the case above. > >I've been thinking about blackboxing the whole thing with cfcomponents >based on my own db pattern. > >Best regards, > >Peter > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
