> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > My approach is different. I believe that the user should > never see an access security message. Users should only be > able to view/invoke processes for which they have permission. > Menu items, submit buttons, modification forms or fields > which need to be protected should be done so by the system. > If there are security related functions access level should > determine whether they are available. > > It is appropriate to disable an option but the user should > not get a message that says "Hey dork, you can't do that." > > If a user has not logged in or has timed out just re-direct > them to the appropriate login form (with a possible re-direct > back to the desired function).
I agree with you and had I been the one to architect the application I am working on the approach would have been MUCH different. However, I am making some changes to a pre-existing application where the budget does not allow for me to make major changes.... I will use one of the alternate approaches I have been toying with. This does raise a larger question though... if you throw exceptions or exceptions are thrown what is the best way to catch them, assuming you want to notify the user of the exception. Outside of fusebox this is easy for me to do, but once inside MVC Fusebox using CCVs for assembling layouts and content it becomes tricky... at least using a plugin to direct traffic so to speak. I would definitely like to hear how others approach this within the confines of MVC Fusebox / CCVs. Mike ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:12:6657 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/12 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:12 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.12 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
