Security

From ADF Docs
Revision as of 23:12, 19 December 2009 by Renee.mckechnie (talk | contribs) (Overview)
Jump to: navigation, search

Overview

The ADF security framework contains measures to restrict direct access and remote component access.

Security Measures include:

  1. As a rule of thumb, none of the component methods within the ADF library have functions with methods with "remote" access
  2. Direct access to the ADF files are restricted to only valid, logged in CommonSpot users. This is controlled through the ADF root Application.cfc. In the onRequestStart function, logic is run to verify the user accessing the file directly is a logged in CommonSpot user.
  3. Remote access to component methods are requested through an Ajax Proxy that essentially allows access to methods in the ADF via a Proxy White List.