Mike it is in a cookie (unless you specify session for it in the cfapplication tag). It is a encrypted/encode varaible that cflogin nows how to decipher. Unless <cflogin> has been called you can not use getAuthUser() or isUserInRole()
Elliot "Michael Kear" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > Thanks Sean, > > In my 'homegrown' access control, I usually give users membership of various > groups, depending on their level and function, as most people do, but then I > found I couldn't control access based on parts of it. So a user who has a > "roles" value of "Admin,Owner" wouldn't be accepted as either "Admin" or > "Owner" If I used the function as follows: > > <cfif IsUserInRole("Admin")> > ...Admin stuff here ... > </cfif> > > Then my user who has the role "Admin,Owner" wouldn't get that info. > > The first thing I'd do when trying to debug this is to look at what value > was ACTUALLY stored as the user's roles, to verify it was what I thought it > ought to be. So I wanted to check what was actually in the scope for that > user, to check I hadn't made an error in the query. What I'd be doing if I > had rolled my own was look at a CFDUMP of the SESSION. That's how come I > tried to see where this info is stored. What scope holds the > struct/array/whatever that holds the user's details as provided in the login > routine? It's not in SESSION and its not in REQUEST or APPLICATION. > > > Cheers > Mike Kear > Windsor, NSW, Australia > AFP Webworks > http://afpwebworks.com > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Sean Corfield > Subject: [cfaussie] Re: Question about CFMX CFLOGIN framework > > On Tue, 10 Aug 2004 14:51:38 +1000, Michael Kear <[EMAIL PROTECTED]> > wrote: > > > [B] Am I understanding the roles functionality correctly in that users can > > only be in one group - that the isUserInRole() function can only reference > > an entire field and not a part of a field. (i.e. you can have roles like > > "Admin" and "Owner" but not "Admin,Owner,Contributor" unless you are > going > > to reference them as follows: isUserInRole("Admin,Owner,Contributor") ) > > When you log a user in, you specify a comma-separated list of roles > that they have. So if you said: > > <cfloginuser ... roles="Admin,Owner,Contributor" ... /> > > then you would say: > > isUserInRole("Admin") > > At least that's my understanding. > > What you can't get (easily) is the list of roles that the currently > logged in user has been assigned (if you know all possible roles you > can loop over them calling isUserInRole() to build the list - yuk!) > > > [C] Where are the user's variables stored? They don't appear to be part > of > > the session scope. > > What "user's variables"? The idea is that you you use <cflogin> / > <cfloginuser> to authenticate users but store whatever data you want > in session scope. > > > > > --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/
