office network where the site is protected using Windows ACLs and users logged
in agains an NT domain. My choices are basically 1) continue to use ACLs and
create a new domain (or use local user accounts) on the web server and create a
second 'remote' account for each employee, or 2) retrofit a CF/session/db based
validation scheme to the Intranet site.
There are actually some other options such as using Radius against a Radius
server at the home office, placing a DC at the datacenter that syncs with the
home DC, opening a VPN from the web server back to the corporate network,
solely for login validation. These tend to get increasingly involved and also
open up some rather sticky security problems.
Is it possible to add in a CF session based validation scheme to the site
purely by implementing it within application.cfm? There are many hundreds of
CF templates located on this site and just not enough time to modify them all
to add in validation template-by-template.
Secondly, while 99+% of the site is CF based, there is some content that is
either HTML or documents such as Word & PDF that are reports such as sales
figures, etc. that are highly sensitive. How can a CF session based system be
extended to protect that content?
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
