On Jul 17, 2004, at 1:05 AM, Jim Davis wrote:
>A rather brute-force way of handling permission changes is to force
>that (or all) user to re-login after a permission change, A bit
>inconvenient, but probably acceptable because you likely wouldn't do
>it often
That does work... but we can do
On Jul 17, 2004, at 1:05 AM, Jim Davis wrote:
>
> Most of the systems, for example, call the database then create some
> type of
> user object then store that in the session scope. Thats fine, but
> problems occur if an admin changes the persons permissions (since
> they
> wont take eff
Actually Michaels not quite that strict: you can write and post more than
100 lines, but you get a message reminding you to trim your posts if thats
the reason you went over. Im sure he also tracks them and will start
sending stinkbugs to anybody that flouts the rule too often. ;^)
Ive been
lp me immensely. ;^)
However if you mean the explanation. well, then I have to beg off: it was
hard enough getting the description I did out. ;^)
Jim Davis
From: Paul Kenney [mailto:[EMAIL PROTECTED]
Sent: Saturday, July 17, 2004 1:10 AM
To: CF-Talk
Subject: Re: Security with CFCs [LONG]
Is this pe
Is this perhaps something that could be generalized for public consumption?
On Fri, 16 Jul 2004 20:55:39 -0700, Dick Applebaum <[EMAIL PROTECTED]> wrote:
> Jim
>
> How did you do that?
>
> You got 233 lines past Michael's 100-line filter.
>
> Now as to the content.
>
> I read through it and y
Jim
How did you do that?
You got 233 lines past Michael's 100-line filter.
Now as to the content.
I read through it and you present a very good case (but that's what you
do).
I feel like here is a bit too much abstraction -- tho, I can't
specifically point to where
I also feel (and I hardl
[Just reviving an old topic - thanks to Matt, Barney and Dave for setting
some things straight.]
Now that I've had some time to consider things (and head down about 50
dead-ends) I think I've got something good. I just wanted to run it by
folks to get some opinions:
My goal is to create a securi
>My current thinking is that there are many functions specific to application
>security - things like authenticating, adding/editing/removing groups, etc.
>I've started putting them into a "DP_Security.cfc" which will be loaded as a
>property of the DP_Application.cfc (I could have put them inside
http://www.communitymx.com/abstract.cfm?cid=E4D4C
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
Say I log into an application. And then open another browser and log in
again. If my user object says I'm logged in, then I'll be able to identify
myself as that user in the second window, and be logged in, without actually
using a password. Same goes for Joe Hacker over in CountryXYZ. As soon
10 matches
Mail list logo
