Jim, I'd love to see your sample application.
Thanks in advance, Chris On 10/5/06, Jim Davis <[EMAIL PROTECTED]> wrote: > > > On 10/5/06, Denny Valliant <[EMAIL PROTECTED]> wrote: > > > Heh. The silver bullet! > > > > > > If you find it, holler, I too would be interested... > > > > > > Other than that, you can try checking out the (sheesh, I'm bad today) > > > the MG list, as a nice discussion of this has been going down for a > > > few days. It's more geared for MG than just anything though (although > > > MG seems to be (sorta) a concept, so thus applicable elsewhere, if one > > > grokked it well enough), so that might not really be that great of a > > > resource for you. > > > > > > Hrm... I don't know of anthing that blew my socks off conceptually... > > > or I'm forgetting it. > > > > > > I would for sure take a look at depressedpress.com (Jim has shared > > > some really nice stuff, and has some modular whatnot going on). Yeah, > > > Props Jim, and thanks for sharing! > > I've actually got an example of an OO-based security at depressedpress as > part of the DPLibraries (look at the bottom for the security system): > > http://www.depressedpress.com/Content/Development/ColdFusion/DPLibraries > > Unfortunately I've never actually gotten around to documenting the > system... > but all of the components are fully documented (self-documenting > actually). > > The basic idea of the system is that it can be instantiated (either in the > server or the application scope) very easily and "bolted on" to system > very > quickly. > > The system represents users as three objects: Credentials (system > information like passwords or usernames), Entitlements (information about > what a user is allowed to do) and Profiles (personal information about the > user - phone numbers, addresses, etc). > > Each of these objects is abstracted - you can extend them or replace them > completely easily. > > I really love to use it - very simple. To check an entitlement you could > do > this (assuming that the security system was instantiated in the > application > scope and that Session.Key is the unique ID of the session): > > Application.DPSecurity.isEntitled(Session.Key, "Administrator"); > > The above would return a Boolean. > > To see if somebody is logged in you would do: > > Application.DPSecurity.isAuthentication(Session.Key) > > If the user was logged in then an "Authentication" object is linked to the > ID. If you wanted to get information out of the profile you could do: > > Application.DPSecurity.getAuthentication(Session.Key).getProfile() > > The system is pretty damn performant - access to persistent information is > done through various "Mediator" objects which intelligently cache > information for speed. > > This is only the "guts" of the system - essentially an API. There's > really > no interface to it. It makes building a full security system easier by > providing essential services. > > All that said the system is also somewhat old now - it was written with > CFMX > 6 in mind. > > Still - if anybody is interested I've got a sample site showing how it's > set > up and used. I'd be happy to zip it up and send it to anybody that wants > it. > > Jim Davis > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255626 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
