if you have access to the Macromedia DRKs, have you taken a look at the
authentication API that was on DRK 7? It's a good example of how the
security framework can be implemented and a good interface to the
built-in security tags and functions as well.
~Simon
Simon Horwith
CTO, eTRILOGY ltd.
Member of Team Macromedia
Macromedia Certified Master Instructor
Blog - http://www.horwith.com
Jenny wrote:
Hi Duncan,
Files:
1. index.cfm containing login
2. login_process.cfm processed after login and sets session variables
3. *.cfm any other file on the system with security check
normal process, 1, 2, 3
what's happening, 1, 3 - splatt
reason for splatt:
session times out or user bookmarks any other file on the system apart
from index.cfm
comes back and tries to login
CF tries to be over helpful and after sending user to login page then
returns them to 3 and bypasses 2.
sooo .. i need to stop CF passing the user straight back to 3 from 1
and make sure they go through 2 first.
Hope that explains it!
Jenny
----- Original Message ----- From:
<[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 30, 2004 2:49 PM
Subject: Re: [ cf-dev ] session time out and security
so there's two pages: login_process.cfm and process.cfm? Can you
include
the session variable stuff from process.cfm into login_process.cfm?
"Jenny"
<[EMAIL PROTECTED] To:
<[EMAIL PROTECTED]>
place.org> cc:
Subject: Re: [ cf-dev ]
session time out and security
30/08/2004
14:15
Please respond
to dev
Hi Duncan,
The login_process.cam is acted on from the login page.
Trouble happens when a user book marks other pages in the site that have
security set and require variables to run. They try to return
directly to
the page, the security sends them to login page, then when they log
in the
process.cfm page is skipped and none of the variables are set.
Jenny
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 30, 2004 12:13 PM
Subject: Re: [ cf-dev ] session time out and security
so the login form has action="process.cfm", right? is there some
code in
process.cfm that is redirecting before the session variables are set?
"Jenny"
<[EMAIL PROTECTED] To:
<[EMAIL PROTECTED]>
place.org> cc:
Subject: [ cf-dev ]
session
time out and security
30/08/2004
11:18
Please respond
to dev
Hi all,
Got a problem with the above. Scenario is:
standard login: login on front page of site refers using to a process
cfm
which checks for further access rights and sets up a load of needed
session
variables.
messed up login: user bookmarks secure page, security bungs them
out to
the home page to login, they log in and then get directed by the
default
security to their bookmarked page, skipping the process cfm and it
errors
cos needed session variables haven't been set.
I've been through the docs a few hundred times, but can't see a
solution.
Anyone have any ideas please?
Jenny
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.744 / Virus Database: 496 - Release Date: 24/08/2004
--
These lists are syncronised with the CFDeveloper forum at
http://forum.cfdeveloper.co.uk/
Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/
CFDeveloper Sponsors and contributors:-
*Hosting and support provided by CFMXhosting.co.uk* :: *ActivePDF
provided
by activepdf.com*
*Forums provided by fusetalk.com* :: *ProWorkFlow provided by
proworkflow.com*
*Tutorials provided by helmguru.com* :: *Lists hosted by
gradwell.com*
To unsubscribe, e-mail: [EMAIL PROTECTED]
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.744 / Virus Database: 496 - Release Date: 24/08/2004
--
These lists are syncronised with the CFDeveloper forum at
http://forum.cfdeveloper.co.uk/
Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/
CFDeveloper Sponsors and contributors:-
*Hosting and support provided by CFMXhosting.co.uk* :: *ActivePDF
provided
by activepdf.com*
*Forums provided by fusetalk.com* :: *ProWorkFlow provided by
proworkflow.com*
*Tutorials provided by helmguru.com* :: *Lists hosted by
gradwell.com*
To unsubscribe, e-mail: [EMAIL PROTECTED]
--
These lists are syncronised with the CFDeveloper forum at
http://forum.cfdeveloper.co.uk/
Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/
CFDeveloper Sponsors and contributors:-
*Hosting and support provided by CFMXhosting.co.uk* :: *ActivePDF
provided by activepdf.com*
*Forums provided by fusetalk.com* :: *ProWorkFlow provided by
proworkflow.com*
*Tutorials provided by helmguru.com* :: *Lists hosted by
gradwell.com*
To unsubscribe, e-mail: [EMAIL PROTECTED]
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.744 / Virus Database: 496 - Release Date: 24/08/2004
--
These lists are syncronised with the CFDeveloper forum at
http://forum.cfdeveloper.co.uk/
Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/
CFDeveloper Sponsors and contributors:-
*Hosting and support provided by CFMXhosting.co.uk* :: *ActivePDF provided by
activepdf.com*
*Forums provided by fusetalk.com* :: *ProWorkFlow provided by proworkflow.com*
*Tutorials provided by helmguru.com* :: *Lists hosted by gradwell.com*
To unsubscribe, e-mail: [EMAIL PROTECTED]
