I'm not sure what all you have in your security.cfc, but I think you could nix it, and include security methods in your user.cfc. Or make user.cfc extend security.cfc. Although thats not really OO kosher with the whole 'is a' philosophy. (example corvette.cfc extends car.cfc as a corvette 'is a' car.)
If you find your cfc's are accessing SESSION scope in any way, then there is probably a better way to go about it. APPLICATION scope isn't as bad, but a Raymond said yesterday, you should do your best to avoid it. -adam > -----Original Message----- > From: Steve Bryant [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 28, 2004 02:53 PM > To: [EMAIL PROTECTED] > Subject: [CFCDev] CFC interaction (user log in) > > As I am sure that my question will reveal, I am pretty new to CFCs. > > I have toyed with CFCs, but this is my first attempt to use them in > production. The site needs some separation between logic and presentation > and may eventually need to serve web services. > > I have a Security.cfc (that is actually called from a root-level > System.cfc). I also have a Session-scoped User.cfc. > > I am trying to figure out the "correct" way to handle a login. My first > thought was to have my login handled by my Security.cfc which would in turn > call Session.User.Login() if successful. > > That feels wrong, but I can't quite figure out what would be right. > > Should I have a User.CheckLogin() action that would call out to the > Security.cfc? If so, do I call out to > Application.System.Security.CheckLogin()? That still seems wrong (although > I am not sure why). The only other approach that comes to mind is to invoke > the CFC directly, but that seems pretty wasteful since it is already in memory. > > What am I missing? Is my whole approach in need of re-evaluation or am I > just missing a small piece? > > Any help would be greatly appreciated. > > Thanks! > > Steve > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email > to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' > in the message of the email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported > by Mindtool, Corporation (www.mindtool.com). > > An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED] > ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED]
