Contents > Developing ColdFusion MX Applications > Designing and Optimizing a ColdFusion Application > Elements of a ColdFusion application > Application security and user identification

Application security and user identification

All applications must ensure that malicious users cannot make improper use of their resources. Additionally, many applications require user identification, typically to control the portions of a site that the user can access, to control the operations that the user can perform, or to provide user-specific content. ColdFusion provides the following forms of application security to address these issues:

• Resource (file and directory-based) security Limits the ColdFusion resources, such as tags, functions, and data sources that application pages in particular directories can access. You must consider the resource security needs of your application when you design the application directory structure.
• User (programmatic) security Provides an authentication (login) mechanism and a role-based authorization mechanism to ensure that users can only access and use selected features of the application. User security also incorporates a user ID which you can use to customize page content. To implement user security, you include security code, such as the cflogin and cfloginuser tags, in your application.

For more on implementing security, see Securing Applications.

Contents > Developing ColdFusion MX Applications > Designing and Optimizing a ColdFusion Application > Elements of a ColdFusion application > Application security and user identification

ColdFusion 9 | ColdFusion 8 | ColdFusion MX 7 | ColdFusion MX 6.1 | ColdFusion MX | Forums | Developer Center | Bug Reporting

Version 6.1

Comments are no longer accepted for ColdFusion MX 6.1. ColdFusion 8 is the current version.

Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/coldfusion/6.1/htmldocs/appfram8.htm

Add Comment