Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Authorization with LCDS

Avatar

01-04-2009

I have a flex application and LCDS running on CF8 running on JRun4 on the server.



The flex application authenticates users with LCDS security that in term uses custom-authentication together with Jrun-security to authenticate against a MySQL DB.



I use various data services in LCDS that work together with CFC's to get and set data in my DB.



I would like to do server-side authorization (not authentication) to restrict users based on - for example - their role(s). What would be the best strategy in this setup?



Kind regards.



Alexandro

Replies

Avatar

Avatar
Level 2
Bill_Sahlas
Level 2

Likes

0 likes

Total Posts

23 posts

Correct Reply

0 solutions
View profile

Avatar
Level 2
Bill_Sahlas
Level 2

Likes

0 likes

Total Posts

23 posts

Correct Reply

0 solutions
View profile
Bill_Sahlas
Level 2

02-05-2009

Hello -

Since you're using CFCs on the backend (server side) you can secure the app there.  Maybe you've already solved this but incase you didn't implement anything yet you can take a look at this link.  You should get familiar with cflogin,

cfloginuser, cflogout, GetAuthUser, IsUserInRole, Securing Applications in Developing ColdFusion MX Applications.

HTH,

Bill Sahlas

LCDS QE