One benefit of going through a framework is that your request will follow the same access control restrictions as normal requests. Unless you manage application security at a service layer, instead of implicitly within the framework or at a controller level, then it would make sense to go directly to the service layer.
One other benefit of going through the framework is that you retain the ability to properly control the request in the event that the users session has timed out and then the request is issued. With ModelGlue, I typically append ".ajax" to my event handlers that are called in that manner, in the event that a request is made and session has timeout by common event handlers know to issue 403 status codes, which my ajax engine knows how to handle (alert the user then redirect to login). Again, depending on where you manage your application security and how you manage session (ie. alerting the user before their session times out), it might make more sense to go through the framework, or go directly against the service layer. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CFCDev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cfcdev?hl=en -~----------~----~----~----~------~----~------~--~---
