I have the following roles based security model.
Every resource in my applications have a permission. Use use actual plain
text permission names so they are easy to remember, but a unique UUID can be
generated instead.
E.G.
USERS
->View Users
->Edit Users
->Delete Users
->Create users
I have a permission configuration tool that is part of my framework admin
interface.
I create my resources and then create all the permissions.
I then Create Groups (roles), and assign resources/permissions to those
groups.
A user is then assigned to a group.
When a user logs in, all their permissions are read in and stored in their
session.
I then have a UDF that checks permissions for each page for each user.
E.g.
<cfif request.HasPermissions('permission required')>
process as normal
<cfelse>
call my access denied module
</cfif>
The UDF can easily be replaced by a CFC for your OOP type application.
--
Russ
-----Original Message-----
From: Dan Vega [mailto:[EMAIL PROTECTED]
Sent: 05 January 2007 14:33
To: CF-Talk
Subject: Re: ColdFusion OOP Security Framework
What does your security manager need from your generic Authenticator? Got a
quick uml of methods and variables from each? Im not sure what side of the
fence im on yet as far as cf needing interfaces. I am testing bd out right
now because their beta has interfaces.
On 1/5/07, Tom Chiverton <[EMAIL PROTECTED]> wrote:
>
> On Friday 05 January 2007 13:28, Dan Vega wrote:
> > II have some notes on a new security model I am working on. Any
> > feedback
> is
> > welcome.
>
> We inject a project specific 'Authenticator' CFC into a generic
> 'SecurityManager' using ColdSpring.
> And it'd look a lot nicer with <cfinterface> too :-)
>
> --
> Tom Chiverton
> Helping to apprehensively mesh viral initiatives
>
> ****************************************************
>
> This email is sent for and on behalf of Halliwells LLP.
>
> Halliwells LLP is a limited liability partnership registered in
> England and Wales under registered number OC307980 whose registered
> office address is at St James's Court Brown Street Manchester M2 2JF.
> A list of members is available for inspection at the registered
> office. Any reference to a partner in relation to Halliwells LLP means a
member of Halliwells LLP.
> Regulated by the Law Society.
>
> CONFIDENTIALITY
>
> This email is intended only for the use of the addressee named above
> and may be confidential or legally privileged. If you are not the
> addressee you must not read it and must not use any information
> contained in nor copy it nor inform any person other than Halliwells
> LLP or the addressee of its existence or contents. If you have
> received this email in error please delete it and notify Halliwells LLP IT
Department on 0870 365 8008.
>
> For more information about Halliwells LLP visit www.halliwells.com.
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Create robust enterprise, web RIAs.
Upgrade & integrate Adobe Coldfusion MX7 with Flex 2
http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:265784
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
