Emile, >From your description, you really need to define what "authorized" and "not authorized" means.
This will help clarify to the people assisting you as to the approach they can suggest. As "authorization" and "authentication" often times are used interchangeably by developers when in fact they represent two distinctly different topics. Teddy R. Payne, ACCFD Google Talk - teddyrpa...@gmail.com On Thu, Dec 18, 2008 at 12:00 PM, Emile Melbourne <emile.melbou...@gmail.com > wrote: > Hey Everyone, > > I am currently in the process of building my first secured site. Most > pages of the site will be behind a login page. I'm using ColdFusion's > Application.cfc onRequestStart function to check if a user is logged in or > not. Thats pretty much boiler plate. > > My concern is how to prevent an non authorized user from accessing or > hotlinking to non ColdFusion page. (i.e, images, pdfs, swfs, .txt etc). > > Whats the best way to ensure a user can't link directly to these items but > instead be redirected to login.cfm instead? > > Is there a way to lock down an entire directory? > > Thank you for all your help > Emile > > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink <http://www.fusionlink.com> > ------------------------------------------------------------- ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
