Hello!
I'd like to use cflocation to a gate.cfm file that has NTFS security (in an
Intranet environment) to secure a portion of my fusebox application.
Specifically, say there is a usergroup called HR_Users and I want them to be
the only ones to be able to enter data.
I can use cflocation in my <cfcase fuseaction="edit"> to go to a file called
gate.cfm. That file only allows HR_Users to read it. This file then sends
them back to the application (index.cfm) with a new fuseaction="edit_ok",
which takes them to the edit form.
What I'm concerned about is that anyone could just type in
index.cfm?fuseaction=edit_ok, thus bypassing my security right?
How can I stop that?
Thanks!
Dave
--
Web Applications Developer
Marconi PLC - MSI Division
425-519-2046
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
