I
would say have some objects like:
user
document
accessrule
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Jeff Chastain
Sent: 21 January 2005 14:29
To: [email protected]
Subject: [CFCDev] OO Security
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Jeff Chastain
Sent: 21 January 2005 14:29
To: [email protected]
Subject: [CFCDev] OO Security
How does one go about build a security framework using an object oriented approach? The question I am getting at is that 'security' is not an object in the same sense that a user or a document is an object.So, does a user object have an authenticate method that accepts a username and password? Something about this does not seem right.Along the same lines, does a document object have an authorize method that accepts a user or group to determine if they have access?So, how does one handle security using an object oriented approach?Thanks-- Jeff
