Robert Rawlins - Think Blue said:
> Wanted to run a couple of ideas past you with regards to a
> comprehensive user authentication system. Basically the system needs
> to be a 'role' or 'entitlements' based security system, so all users
> can login using the same process, they are then offered access to
> particular tasks dependant on their entitlements or roles.
>
> Now my thoughts are to have 4 CFC's that control this my user. The
> first of which is my User.cfc which contains the most basic of
> information, and almost acts as a container for my other user
> related cfc's, this would sit in the session scope and could be
> accessed via something like 'session.user'.
>
> The user.cfc then has instances of my 3 other user beans, the first
> of which being Profile.cfc which contains the general non security
> related information for my user, such as their name, postal and email
> address and suchlike. So if you wanted to access the users profile
> information you can do Session.User.getProfile().getName() and it
> would return the users name for output.
Can a user have more then one profile? Does every user have a profile?
> The next bean is what I would call 'credentials' and this contains
> the core security data, such as the 'Username', 'Password' and
> 'IsAuthenticated' settings, then at any point if I require that
> information I can access it through 'session.user.getCredentials()'
> This way once the user has logged in for the first time, I can set
> the value of that bean
> VARIABLE.isAuthenticated = true, then for future references I could
> simply pull on 'Session.User.getCredentials().isAuthenticated()' and
> it would return true or false if the user is logged in or not.
Can a user have more then one set of credentials? Does every user have
credentials? Is a user authenticated, or are credentials
authenticated?
> Finally I plan to have an 'Entitlements.cfc' which basically
> contains an array of 'entitlements' that are built when the user
> logs in from a table in the database. So if I need to authorize a
> user for a specific task I can go
> 'Session.User.getEntitlements().IsEntitled("DeleteUser")' and it
> would search the array for that entitlement and return true or false
> if they are entitled or not.
So a user always has one entitlement?
Jochem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Macromedia ColdFusion MX7
Upgrade to MX7 & experience time-saving features, more productivity.
http://www.adobe.com/products/coldfusion
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271853
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
