Well, I thought when you turn on client variables, it looks for a
datasource in the registry or else the datasource specified in the CF
Administrator.. Shanje doesn't allow that. You have to use your own table
in your own datasource. So just turning on client vars doesn't work. Or
have I got it wrong?
You have to save and retrieve client vars using CFQuery calls.
Don't you?
Cheers,
Mike Kear
Windsor, NSW, Australia
AFP WebWorks
-----Original Message-----
From: Toby Tremayne [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 20, 2001 6:20 PM
To: CF-Talk
Subject: Re: Help with authorise/authenticate/session management
Mike,
Hope I'm not being completely unhelpful here <grin> but is there
a particular problem with using datasource client variables? I generally
employ one of two security models and they both use client vars to at least
keep the state of the logged in user etc. I've always used client vars for
everything - if you want some example code or anything like that please
feel free to give me a yell.
Otherwise I guess you could always use url vars but you're going to end up
in a mess of spaghetti code among other things.
Toby
At 04:49 PM 8/20/2001, you wrote:
>I have a problem with a site I am working on for a client. I am stuck with
>hosting it at Shanje.com for a variety of reasons that are outside the
scope
>of this discussion, but I have a big problem setting up a user
>access/authenticate/session management system.
>
>Shanje don't allow client variables on a central datasource or in the
>registry. So all client variables have to be done through a table in my
own
>SQL7 datasource. I can't use session management because the site is
>clustered. And no CFX custom tags are allowed.
>
>Kind of tying my hands behind my back I think. I can use the NT
>permissions management to restrict access if I'm happy to give everyone the
>same username and password. That's impossible in this site.
>
>
>Can anyone help me out here ... how the hell do I control access to users,
>and grant permissions for various parts of the site, without using client
>management, session management, CFX tags?
>
>The only way I have been able to think of up to now, is to set or test for
a
>cookie at the top of each page, and do a query on the users table. Is
there
>any other way? Because this implies I have to deny access to anyone who
>hasn't got cookies enabled. Has anyone set up an access control system in
>an environment like this?
>
>Please don't suggest moving away from Shanje, because in this case it's not
>an option.
>
>Cheers,
>Mike Kear
>Windsor, NSW, Australia
>AFP WebWorks
>
>
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
