Can anybody point me
to an object oriented approach to security? I am looking to implement a
role based security approach on a new application in which I am using an object
oriented model developed with CFCs and a controller/view developed using FuseBox
4.
I have two general
questions with this approach. First, CFCs and specifically <cffunction
tags have the roles security attribute. Utilizing this appears to require
setting up security using the <cflogin etc. tags. This is not a problem
with the exception that all of the examples I can find are showing these tags
utilized in a typical procedural fashion. This leans me into the second
question ... which objects know about security and how to manage it? Does
a document know how to determine which users have what level of access to it or
does a user object know all of the permissions that user has? At what
level to methods like authentication and authorization come into
play?
Does anybody have a
real obvious explanation on setting this up or know of any examples/articles I
can go look at?
Thanks
--
Jeff
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com).
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
