how about having the user.cfc expose all the functions from the other CFCs
and it calls the correct function?
so Session.User.getProfile().getName()
would become Session.User.getName()
where getName() calls Profile.getName()
On 3/7/07, Robert Rawlins - Think Blue <[EMAIL PROTECTED]>
wrote:
>
> Hello Guys,
>
>
>
> Wanted to run a couple of ideas past you with regards to a comprehensive
> user authentication system. Basically the system needs to be a 'role' or
> 'entitlements' based security system, so all users can login using the
> same
> process, they are then offered access to particular tasks dependant on
> their
> entitlements or roles.
>
>
>
> Now my thoughts are to have 4 CFC's that control this my user. The first
> of
> which is my User.cfc which contains the most basic of information, and
> almost acts as a container for my other user related cfc's, this would sit
> in the session scope and could be accessed via something like
> 'session.user'.
>
>
>
> The user.cfc then has instances of my 3 other user beans, the first of
> which
> being Profile.cfc which contains the general non security related
> information for my user, such as their name, postal and email address and
> suchlike. So if you wanted to access the users profile information you can
> do Session.User.getProfile().getName() and it would return the users name
> for output.
>
>
>
> The next bean is what I would call 'credentials' and this contains the
> core
> security data, such as the 'Username', 'Password' and 'IsAuthenticated'
> settings, then at any point if I require that information I can access it
> through 'session.user.getCredentials()' This way once the user has logged
> in
> for the first time, I can set the value of that bean
> VARIABLE.isAuthenticated = true, then for future references I could simply
> pull on 'Session.User.getCredentials().isAuthenticated()' and it would
> return true or false if the user is logged in or not.
>
>
>
> Finally I plan to have an 'Entitlements.cfc' which basically contains an
> array of 'entitlements' that are built when the user logs in from a table
> in
> the database. So if I need to authorize a user for a specific task I can
> go
> 'Session.User.getEntitlements().IsEntitled("DeleteUser")' and it would
> search the array for that entitlement and return true or false if they are
> entitled or not.
>
>
>
> I just wanted to run this rough plan past you guys to catch your thoughts
> on
> it, does that make sense or is there a better way of handling a role based
> authentication system?
>
>
>
> Thanks guys,
>
>
>
> Rob
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Macromedia ColdFusion MX7
Upgrade to MX7 & experience time-saving features, more productivity.
http://www.adobe.com/products/coldfusion
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271962
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
