Maybe I'm a bit daft, but I never really understood the logic of using
CFC roles.
Let's say I use CFLOGIN and I assign a user to a "normal" role, but not
to an "admin" role.
Then, I have a function with the roles attribute set to "admin".
When the user calls a page that uses the function, it's going to throw
an exception.
So, I then need to wrap it in a CFTRY/CFCATCH block and then determine
what to do when the exception occurs.
If the "normal" user is not allowed to call an "admin" function, why
would I just not use application logic to determine what functions a
user can actually call?
I have never really understood this functionality of CF:
<cftry>
<cfset result = myAdminFunc()>
<cfcatch type="any">
<cfset result = myNormalFunc()>
</cfcatch>
</cftry>
When I could do:
<cfif myUser.roles contains "admin">
do admin stuff here
<cfelse>
do normal stuff here
</cfif>
Am I missing the actual reason for CFC roles?
M!ke
-----Original Message-----
From: James Holmes [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 07, 2006 6:18 AM
To: CF-Talk
Subject: Re: User, Permission Management
I use CFLOGIN with CFC roles. This provides for the user/admin/etc
scenario and generally suffices for most of our security needs. The
authentication is done via LDAP and everything is secured via SSL.
Security checking for each page is done with IsUserInRole(), which
therefore works with memory.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:228702
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
