A couple of points: Yes, it's a bad idea to create artificial inheritance, like having user extend security. This *will* introduce problems in the future due to tight coupling between unrelated components.
I'm not sure why or where Adam got the idea that using the session or application scope with a CFC is bad. It's perfectly valid to instatiate CFCs into these scopes...in fact I would say that it can be highly beneficial. I have to run now but if anyone needs more descriptions of why I think this is so, shoot another email. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Adrocknaphobia > Sent: Wednesday, April 28, 2004 11:09 AM > To: [EMAIL PROTECTED] > Subject: Re: [CFCDev] CFC interaction (user log in) > > > I'm not sure what all you have in your security.cfc, but I > think you could nix it, and include security methods in your > user.cfc. Or make user.cfc extend security.cfc. Although > thats not really OO kosher with the whole 'is a' philosophy. > (example corvette.cfc extends car.cfc as a corvette 'is a' car.) > > If you find your cfc's are accessing SESSION scope in any > way, then there is probably a better way to go about it. > APPLICATION scope isn't as bad, but a Raymond said yesterday, > you should do your best to avoid it. > > -adam > > > -----Original Message----- > > From: Steve Bryant [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, April 28, 2004 02:53 PM > > To: [EMAIL PROTECTED] > > Subject: [CFCDev] CFC interaction (user log in) > > > > As I am sure that my question will reveal, I am pretty new to CFCs. > > > > I have toyed with CFCs, but this is my first attempt to use them in > > production. The site needs some separation between logic > and presentation > > and may eventually need to serve web services. > > > > I have a Security.cfc (that is actually called from a root-level > > System.cfc). I also have a Session-scoped User.cfc. > > > > I am trying to figure out the "correct" way to handle a login. My > > first > > thought was to have my login handled by my Security.cfc > which would in turn > > call Session.User.Login() if successful. > > > > That feels wrong, but I can't quite figure out what would be right. > > > > Should I have a User.CheckLogin() action that would call out to the > > Security.cfc? If so, do I call out to > > Application.System.Security.CheckLogin()? That still seems > wrong (although > > I am not sure why). The only other approach that comes to > mind is to invoke > > the CFC directly, but that seems pretty wasteful since it > is already in memory. > > > > What am I missing? Is my whole approach in need of > re-evaluation or am > > I > > just missing a small piece? > > > > Any help would be greatly appreciated. > > > > Thanks! > > > > Steve > > > > ---------------------------------------------------------- > > You are subscribed to cfcdev. To unsubscribe, send an email to > > [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the > > message of the email. > > > > CFCDev is run by CFCZone (www.cfczone.org) and supported > > by Mindtool, Corporation (www.mindtool.com). > > > > An archive of the CFCDev list is available at > > www.mail-archive.com/[EMAIL PROTECTED] > > > > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email > to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' > in the message of the email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported > by Mindtool, Corporation (www.mindtool.com). > > An archive of the CFCDev list is available at > www.mail-archive.com/[EMAIL PROTECTED] > ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED]
