Question
Coldfusion Login
Hi, sorry for the repeated posts but all these issues come to
mind after a couple days of research.
Anyway, I am reluctant (in part due to ignorance that I want to overcome by learning the solution vs. using prebuilt solutions) to use <cflogin> vs. using a SESSION.auth structure and then checking for SESSION.auth.isLoggedIn to determine user status.
Before I go further down this road, is there any severe security shortcomings from such a strategy?
Anyway, I am reluctant (in part due to ignorance that I want to overcome by learning the solution vs. using prebuilt solutions) to use <cflogin> vs. using a SESSION.auth structure and then checking for SESSION.auth.isLoggedIn to determine user status.
Before I go further down this road, is there any severe security shortcomings from such a strategy?
AdChoices