> my point here was that farCry is referencing its own security comonets at > #application.packagepath#.security
In a few places yes. But like it wrote earlier, this is mainly for internal functions like the install/deploy scripts and some migration stuff. It's very likely that this is done intentionally to avoid problems during the install. > and not using the setting from _serverSpecificVars.cfm, namely > application.securitypackagepath This is simply not true. A quick search of the core shows 25 places where application.securitypackagepath is used. In addition, Farcry creates instances of application.securitypackagepath.authorisation and application.securitypackagepath.authentication in request.dmSec as oAuthorisation and oAuthentication respectively. These two components handle the bulk of the security work for each request. In fact, together they're referenced 139 times in the core. I currently use a custom security package for our Intranet and I'm having no problems at all . ~tom --- You are currently subscribed to farcry-dev as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/
