Re: [OpenBD] Admin side of an app (advice)

['Alan Holden' via Open BlueDragon]

It looks to me as if you are at odds with yourself. Half of you wants the /admin/ folder to reside within the parent application, perhaps because it's easier to leverage available functionality and application scope parameters, etc The other half of you is paranoid, and really wants the admin folder to run as an entirely separate application, perhaps a separate J2EE deployment. That way you can apply some greater level of blanket security (like only respond to local VPN IPs or something). The solution you describe below is your way of reconciling both halves. It was just a guess. Am I close? It may be easier for us if you posted what specific type of threat you are battling with this design, whereby we could pontificate all the wonderful ways we have all dealt with such threats before. Like ssl, passwords, and well-built OnRequestStart methods. Take it from me: Beware of over-thinking your project's design to the detriment of actually releasing it in any form. I've done this myself so many times, that I actually made up the term (Application Publication Anxiety) and wrote a blog post about it to punish myself: http://akh.com/index.cfm/on-tech/it-anxieties/ Al On 8/25/2014 3:02 PM, Jason Allen wrote: Hi All,  I need some input on my plan to create an 'admin' component for my app.  I don't want to expose any of the administrative functions to the public app.  My idea is to create a 'private only' (accessible via vpn) version of the website. This website will be the public app + additional administrative functions.  I have all of the admin functions contained to a folder '/admin' In here are additional cfc's, forms, displays, etc. that relate to managing users and site features.  Anytime I update the public app, I can just deploy it over the admin app because it won't overwrite the admin folder (since it's not part of the app).  Does this make sense?  Another way to say it is that the 'full app' includes the /admin files, and I'll deploy the public app without that folder.  Eh? -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to openbd+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to openbd+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.