[ColdBox 3.6.0] Secured private area using interceptors?

This is the scenario:

I have an app where customers can register and have a private area. I need a way to protect their personal data. I would like to implement an interceptor to check if the record they have permission to view the area they are accessing to.

So for example User1 try to access /area/1 and he can. But if user1 try to access /area/2 he is routed to an error page.

To make this I was thinking to implement an interceptor, announce the interceptor in the prehandler of area handler and check if he has the privilege to view the record.

Is this a good choiice?

Or I could make something different?

Check out the security interceptor. It allows you to load rules from wherever you want and restrict URLs by regex patterns.

http://wiki.coldbox.org/wiki/Security.cfm

Thanks!

~Brad

ColdBox Platform Evangelist
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com