> I disagree a little on that. Since if you store the password > in the CF admin, every application on the server can access > the datasource with the necessary rights. Whereas when you > use username and password inside cfquery, at least the > different web applications can not access all datasources > except if the proper username and password is used. And here > also lie the benefits of the attributecollection attribute in > CF8 and Railo 2 that allow you to define general username and > password for i.e. cfquery tags.
If all the applications on the machine belong to the same organization/person/whatever, it doesn't matter. If the username and password are embedded within your code, they can likely easily be retrieved from that code. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:281132 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4