Dave,
I wouldn't use multiple application.cfc's, you usually need only 1 for
an entire application. Here are some idea's on how to implement this:
At the top of each page, include your login code. Make a separate file
that contains your <cflogin> tag and your form, then include this only
on pages that require authentication. If the user is already logged in,
anything between the <cflogin> and </cflogin> wont even be executed, but
if they are not logged in they should get your login form. Be sure to
<cfabort> at the end of your included login form, before your
</cflogin>, so the user does not accidentally get both the login form
and your secure content!
You could also setup either a table or an array that tells your
application if a page requires a login or not, in your application.cfc
take a look at the onRequest() tag. Do something like this:
<cffunction name="onRequest" returntype="void">
<cfargument name="thePage" type="string" required="true">
<!---// Check if the user is requesting a secure page, force a
login if they are //--->
<cfswitch expression="#arguments.thePage#">
<cfcase value="mySecurePage1.cfm">
<cfinclude template="myLoginPage.cfm">
</cfcase>
<cfcase value="mySecurePage2.cfm">
<cfinclude template="myLoginPage.cfm">
</cfcase>
<cfdefaultcase>
<cfinclude template="#arguments.thePage#">
</cfdefaultcase>
</cfswitch>
</cffunction>
There are many many ways to do this, just pick one that works for you
(obviously the 2nd one wont work well if you have 200 pages you need to
secure).
Chris Peterson
Gainey IT
Adobe Certified Advanced Coldfusion Developer
-----Original Message-----
From: Dave Francis [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 05, 2007 11:12 AM
To: CF-Talk
Subject: cflogin
Hi,
I can't quite get my head around this problem - I want to
allow
users open access to pages in a "common" sub-folder, but restricted
access
(based on roles) to other sub-folders. Users shouldn't be asked to Login
until they want access to the "restricted" pages. I tried doing it via
Application.cfc, but now I'm looking at an application.cfm in each
folder
that cfincludes a "forceUserLogin.cfm" page, and additionally
incorporates a
isUserInRoles(). Will this work, or do I need some code in each page?
And
will Application.cfc still be processed to set my application
variables?
BTW, I'm running the latest "free" version of Bluedragon
Grateful thanks in advance,
Dave
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 &
Flex 2
Free Trial
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:282962
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
