Actually it doesn't have to be in a separate directory, in fact you'll
soon find that this is one of the coolest things about the Fusebox
methodology.
Traditional CF recommended that a security script be placed in an
Application.cfm file. This works great IF you want to secure the entire
directory and sub-directories. Although this isn't always the case,
sometime you only want to secure a handful of Fuseactions or even a
section of a fuse. When that's the case you won't want to put the
security check in the Application.cfm, you will want to put it in the
individual CFCASE statement.
I've been pretty slack about posting code lately (for about 2 years,
sorry! :). I'll see if I can free up some time and post some examples of
what the hell I'm talking about on Fusebox.org.
Securing a Fusebox application is incredibly simple once you understand
the intricacies.
Steve
Todd Ashworth wrote:
>
> > Do you typically have your
> > login one level up from the area of the site to be secured? Can you do the
> > login in the same directory as the secured pages?
>
> You *have* to have your login seperate from your secured section (unless you
> make special provisions to ignore this file), or else your secured section
> will keep trying to kick you out to the login which is in your secured
> section which keeps trying to kick you out to the login which is in your
> secured section which keeps trying to kick you out to the login which is in
> the secured section which ..... well, you get the idea. ;)
>
> Todd
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
