Best Practices For Publishing Web Services; Handling Complex Data Types; Consuming Web Services That Use Complex Data Types - MACROMEDIA COLDFUSION MX 61-DEVELOPING COLDFUSION MX Develop Manual

Using programmatic security
You can implement your own security within the a function to protect resources. For example you
can use the ColdFusion function
following example shows:
<cffunction name="foo">
<cfif IsUserInRole("admin")>
... do stuff allowed for admin
<cfelseif IsUserInRole("user")>
... do stuff allowed for user
<cfelse>
<cfoutput>unauthorized access</cfoutput>
<cfabort>
</cfif>
</cffunction>

Best practices for publishing web services

ColdFusion web services provide a powerful mechanism for publishing and consuming
application functionality. However, before you produce web services for publication, you might
want to consider the following best practices:
Minimize the use of ColdFusion complex types, such as query and struct, in the web services
1
you create for publication. These types require consumers, especially those consuming the web
service using a technology other than ColdFusion, to create special data structures to handle
complex types.
Locally test the ColdFusion components implemented for web services before publishing them
2
over the Internet.

Handling complex data types

When dealing with web services, handling complex types falls into the following categories:
•
Mapping the data types of a web service to consume to ColdFusion data types
•
Understanding how clients will reference your ColdFusion data types when you publish a web
service
This section describes both categories.

Consuming web services that use complex data types

The following table shows how WSDL data types are converted to ColdFusion data types:
ColdFusion data type
numeric
boolean
string
array
binary
date
728 Chapter 32: Using Web Services
to determine if a user is in particular role, as the
IsUserInRole
WSDL data type
SOAP-ENC:double
SOAP-ENC:boolean
SOAP-ENC:string
SOAP-ENC:Array
xsd:base64Binary
xsd:dateTime