RE: Application security structure

2003-03-27 Thread Bryan F. Hogan
You pretty much have it. Change this: cfif session.Auth.UserID eq 0 script document.location=int.cfm /script /cfif Into this: cfif session.Auth.UserID eq 0 and FindNoCase('int.cfm',Script_Name) script document.location=int.cfm

RE: Application security structure

2003-03-27 Thread Bryan F. Hogan
P.S. It should be: cfif session.Auth.UserID eq 0 and not FindNoCase('init.cfm',Script_Name) Bryan F. Hogan Director of Internet Development Team Macromedia Volunteer Macromedia Certified ColdFusion MX Developer Digital Bay Media, Inc. 1-877-72DIGITAL

RE: Application security structure

2003-03-27 Thread Ben Doom
You have to make an exception for the login page, else it keeps trying to redirect from the login page to the login page. You should also put a redirect at the bottom of the code block that handles creating the session variables, because if there is no autorization stored in session, then the

Re: Application security structure

2003-03-27 Thread ksuh
You need to check to see if the user is being redirected to that page. If they are, then they should skip the authentication. cfif not isDefined(session.Auth) and listLast(cgi.path_info, /) neq int.cfm - Original Message - From: John Stanley [EMAIL PROTECTED] Date: Thursday, March 27,

RE: Application security structure

2003-03-27 Thread John Stanley
thanks for your help -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 1:54 PM To: CF-Talk Subject: Re: Application security structure You need to check to see if the user is being redirected to that page. If they are, then they should

RE: Application security structure

2003-03-27 Thread John Stanley
bryan, thanks for your help -Original Message- From: Bryan F. Hogan [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 1:46 PM To: CF-Talk Subject: RE: Application security structure P.S. It should be: cfif session.Auth.UserID eq 0 and not FindNoCase('init.cfm',Script_Name

RE: Application security structure

2003-03-27 Thread John Stanley
ben, thanks for your help -Original Message- From: Ben Doom [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 1:49 PM To: CF-Talk Subject: RE: Application security structure You have to make an exception for the login page, else it keeps trying to redirect from the login page

RE: Application security structure -- ADDENDUM

2003-03-27 Thread Bryan F. Hogan
Yes it does matter, since this is a frame you do not want the login page loading inside the frame. You have: script document.location=int.cfm /script which will indeed load it into the frame. You want to do top.document.location instead. Example script