I have the following roles based security model. Every resource in my applications have a permission. Use use actual plain text permission names so they are easy to remember, but a unique UUID can be generated instead.
E.G. USERS ->View Users ->Edit Users ->Delete Users ->Create users I have a permission configuration tool that is part of my framework admin interface. I create my resources and then create all the permissions. I then Create Groups (roles), and assign resources/permissions to those groups. A user is then assigned to a group. When a user logs in, all their permissions are read in and stored in their session. I then have a UDF that checks permissions for each page for each user. E.g. <cfif request.HasPermissions('permission required')> process as normal <cfelse> call my access denied module </cfif> The UDF can easily be replaced by a CFC for your OOP type application. -- Russ -----Original Message----- From: Dan Vega [mailto:[EMAIL PROTECTED] Sent: 05 January 2007 14:33 To: CF-Talk Subject: Re: ColdFusion OOP Security Framework What does your security manager need from your generic Authenticator? Got a quick uml of methods and variables from each? Im not sure what side of the fence im on yet as far as cf needing interfaces. I am testing bd out right now because their beta has interfaces. On 1/5/07, Tom Chiverton <[EMAIL PROTECTED]> wrote: > > On Friday 05 January 2007 13:28, Dan Vega wrote: > > II have some notes on a new security model I am working on. Any > > feedback > is > > welcome. > > We inject a project specific 'Authenticator' CFC into a generic > 'SecurityManager' using ColdSpring. > And it'd look a lot nicer with <cfinterface> too :-) > > -- > Tom Chiverton > Helping to apprehensively mesh viral initiatives > > **************************************************** > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in > England and Wales under registered number OC307980 whose registered > office address is at St James's Court Brown Street Manchester M2 2JF. > A list of members is available for inspection at the registered > office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. > Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above > and may be confidential or legally privileged. If you are not the > addressee you must not read it and must not use any information > contained in nor copy it nor inform any person other than Halliwells > LLP or the addressee of its existence or contents. If you have > received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:265784 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4