You are right, you pass every time the name of the user that is accessing the stored procedure (your last paragraph).
TK ----- Original Message ----- From: "Brad Wood" <[EMAIL PROTECTED]> To: "CF-Talk" <[email protected]> Sent: Tuesday, September 05, 2006 4:43 PM Subject: RE: ColdFusion as presentation engine and nothing more > Security is provided by SQL security stored procedures etc. > > I'm not sure how this would work. Surely you don't mean database > permissions. Is every user to your web site set up as a user in the > database. CF always connects to the database as the same user doesn't > it? > > Maybe you mean that you pass in the user with every db call. How does > your interface "know" who is logged in? To avoid being stateless you > would have to have some application management, wouldn't you? > > ~Brad > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:252104 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
