create a UUID createUUID() set a cookie on their browser with that UUID that gets sent also to the db as well, and if the two don't match, sorry no login, must relogin, reauth yourself.xs
tony weeg uncertified advanced cold fusion developer tony at navtrak dot net www.navtrak.net office 410.548.2337 fax 410.860.2337 -----Original Message----- From: Scott Wilhelm [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 10:17 AM To: CF-Talk Subject: RE: More Info (WAS: Can the user's role in CFLOGIN be a list?) That's basically what I'm using now...Although, I'm in need of something that requires either encryption, or case sensitivity... Any ideas? -----Original Message----- From: Tony Weeg [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 10:14 AM To: CF-Talk Subject: RE: More Info (WAS: Can the user's role in CFLOGIN be a list?) I am still personally a firm believer that a smooth system that uses sql server (or any db server) mixed with some cf based login forms and username/password validation against the db server is prolly the best in my book, and something we use religiously...that way, if either of the two is compromised, the one requires the other to get into... tony weeg uncertified advanced cold fusion developer tony at navtrak dot net www.navtrak.net office 410.548.2337 fax 410.860.2337 -----Original Message----- From: Raymond Camden [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 10:10 AM To: CF-Talk Subject: RE: More Info (WAS: Can the user's role in CFLOGIN be a list?) Yes. Before that the 'native' security in CF was Advanced Security. Advanced Security was a wonderfully complex system. It had, unfortunately, um, a few issues. That's about as diplomatic as I can be. I can say that when I mentioned AS was removed from CFMX a while back, no one cried. :) You can also, of course, design your own security system. The nice thing about roles-based security is that it's tied to native CF stuff like CFCs. ======================================================================== === Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc (www.mindseye.com) Member of Team Macromedia (http://www.macromedia.com/go/teammacromedia) Email : [EMAIL PROTECTED] Blog : www.camdenfamily.com/morpheus/blog Yahoo IM : morpheus "My ally is the Force, and a powerful ally it is." - Yoda > -----Original Message----- > From: Scott Wilhelm [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 17, 2003 8:06 AM > To: CF-Talk > Subject: RE: More Info (WAS: Can the user's role in CFLOGIN > be a list?) > > > Oh, is role based security only for MX? > > Scott > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
