We're so not there yet. Thanks, though. ----- Original Message ----- From: "Matt Liotta" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Wednesday, September 10, 2003 7:54 AM Subject: Re: Cracking the RDS protocol?
> I long ago stopped using the traditional web site security model based > on directory structure. I make use of request dispatchers that handle > all requests and then dispatch the request to the correct handler. This > allows among other things an easy way to handle security. Further, to > speak directly to your question about LDAP; I do use it. Only my > applications make use of JAAS for security, so they are decoupled from > the actual implementation. Thus, one of my applications can run locally > using a password database of my creation and use LDAP in production > with only a simple configuration change at deployment; read no code > changes. > > -Matt > > On Wednesday, September 10, 2003, at 08:42 AM, Deanna Schneider wrote: > > >> Why not just run the server on your local machine for development? > > Matt - this is what we're contemplating doing here. But, it brings up > > other > > issues - like how to handle directories that would be LDAP protected > > on the > > "live" (in our case development) server, where we rely on the > > cgi.remote_user variable to determine who someone is. Do you use LDAP > > to > > protect directories? Does this mean all your developers run LDAP on > > their > > desktops so they can mimic what happens on the server? Or, do you > > spoof code > > on the local machines - something like: > > <cfif NOT LEN(cgi.remote_user)> > > <cfset loggedinuser = "somehardcodedvalue"> > > <cfelse> > > <cfset loggedinuser = cgi.remote_user> > > </cfif> > > > > (I have no idea if it's even possible to run LDAP locally - let alone > > being > > able to replicate the data on the live server.) > > > > (I was trying to get at this and some other ideas with my development > > environment thread, but it never got there....) > > -Deanna > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com
