لطفا منتظر باشید ...
Authentication and Authorization
Securing sensitive areas of an application, such as administrative pages, prevents unauthorized access to protected functionality. This is done through an access control system with user authentication and authorization. Authentication is proving the user is who they say they are. Authorization is determining which resources the authenticated user can access.Such security models vary vastly from the simple, where authentication consists of a single username and/or password for all users, to the detailed, where user-authentication access control throughout the Web site is very granular. There are even single sign-on models in which logging into one application allows users to access a variety of other applications. Single sign-on models typically authenticate users with identity tokens, ranging from electronic technologies such as Smart Cards and X.509 certificates, to the more advanced biometric technologies such as fingerprinting and facial recognition.You can create feature-rich access control paradigms with just ColdFusion and a database, or you can integrate ColdFusion with a third-party security system for added "out-of-the-box" functionality. Whether custom built or out-of-the-box, many applications today use robust "role-based" security models, where users are grouped together based on their roles for an application.Chapter 8 discusses user security in ColdFusion MX 7 and how to code authentication and authorization with the new tags and functions.Databases are the storage facilities for these role-based group memberships. The database can be a simple RDBMS (Relational Database Management System) such as Oracle or SQL Server, or an LDAP (Lightweight Directory Access Protocol) server such as Active Directory, Novell, or Sun ONE, or even a simple flat-file system like the NT SAM. The access permissions or groups are properties in the database to which individual user IDs are added.
