Michael
Could I suggest that you invesitage using the Advanced Security features on
CF Server, using either an LDAP directory or ODBC database as your user and
policy store. This feaure actually uses Netegrity's Siteminder v3.5 which is
bundled with CF4.5.1 (ver4.1 will be bundled with CF5 according to the Beta
reelase notes.)
Contrary to what is suggested in the Fusebox book (p70) I've recently been
using Advanced Security using an LDAP directory as the policy and user
directory store and I have to say it is then extremely simple to provide
robust authentication (IsAuthenticated) and very granular authorisation
(IsAuthorised) within Fusebox apps using it.
Best starting point is the Allaire KB:
http://www.allaire.com/Handlers/index.cfm?ID=19469&Method=Full
which has links to all the other relevant KB articles you'll need.
John Smith
[EMAIL PROTECTED] webhelp.ucs.ed.ac.uk
Information Tools +44 131 650 6915 Phone
Computing Services +44 0870 131 2788 eFax
The University of Edinburgh, Main Library
George Sq., Edinburgh EH8 9LJ
> -----Original Message-----
> From: Michel Gallant [mailto:[EMAIL PROTECTED]]
> Sent: 06 April 2001 13:05
> To: Fusebox
> Subject: User permissions
>
>
> Hi everyone,
> I'm a bit curious as to how people handle user permissions here in their
> fusebox apps.
> My current scheme seen in my by no means 100% XFB compliant apps
> is to store
> my fuseaction names in a DB table and have another table link between my
> fuseactions and my user groups.
> Seeing as I'm using nested fuseboxes, I can also specify a groups of
> fuseboxes, for example, I can give managers access to the users group of
> fuseboxes, but can implicitly imply that users.del is only accessible by
> administrators. Any fuseaction not listed in the table is freely
> accessible
> to all groups. I load this information in to a structure in the
> application
> scope of my application at runtime and I check against it for each fuse I
> call. I know this is a bit of added overhead, but on the scale
> I'm working,
> it's not really that bad. This is where I really like nested fuseboxes,
> because I can just set the permissions once at the parent level
> and have it
> inherited by all children. What I'd like to know if there are any big
> problems in my methodology and whether there is a much easier way.
>
> Thanks
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
