What's wrong with the roles attribute? I understand that you could useDon't get me wrong, I am not saying the roles attribute is on the same level as the output attribute. Clearly the semantics of the roles attribute is at least tolerable. The problem is that I just don't seem too many applications that need method level security. And if you don't need method level security then the roles attribute is useless. In fact, I would go further to say that using the roles attribute for some methods and not others would be a bad practice meaning that if you want to use the roles attribute at all then you would be committed to method level security.
IsUserInRole within your methods to get the same result, but what does it
hurt to have it? It doesn't strike me as being nearly as ambiguous as the
output attribute.
Matt Liotta President & CEO Montara Software, Inc. http://www.MontaraSoftware.com (888) 408-0900 x901
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email
to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' in the message of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com).
An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED]
