I've been tasked to modify a security layer for an existing catalog application. Right now it has security algorithms that are unwieldy and are proving difficult to scale. I need to redesign the security layer so that it is almost a pluggable object. Let me describe the application. It is a catalog application has multiple "resources", each resource has elements that are available to only a select group. The difficulty comes in because right now there are sub groups for every group. Example- Group A has sub groups a1,a2,a3, now, if a resource has a status of "declined" only people in group a2 or higher can see the resource and only people in group a1 can see any money that is involved with the resource. Also there is of course a listing element to the software that lists resources and some summary information that could involve pieces that are viewable to people that belong to the right combination of groups. That is why the current security has become unwieldy. The security was added as an after-thought so it was never designed properly and has been added to and added to over time so now it has reached it's limit of acceptability. I need to create a central template that I can call to calculate the security level. If this situation sounds familiar to anybody I would love to hear experiences. J ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
