• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Security

ColdFusion provides two ways to secure the functionality that you encapsulate in a ColdFusion component: roles-based authorization, and access control. You've actually already had some exposure to each of these in previous chapters. Chapter 7 introduced you to application user authentication and authorization, which allows the assignment of roles to your application's users. This roles-based security can also be applied to the functions in a CFC. The second technique, access control, was used in the last chapter in every cffunction tag as the attribute access="...".

Access Control

The access attribute of the <cffunction> tag basically answers the question, “Who can use this function?” The attribute has four options: private, package, public (the default), and remote. These four options represent, in that order, the degree of openness that the function has (Figure 19.8).


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint