Contents > Developing ColdFusion MX Applications > Securing Applications > ColdFusion security features

ColdFusion security features

ColdFusion provides scalable, granular security for building and deploying your ColdFusion applications. ColdFusion provides the following types of security resources:

• Development ColdFusion MX Administrator is protected by a password. Additionally, you can specify a password for access to data sources from Macromedia Dreamweaver MX. For more information on configuring Administrator security passwords, see the ColdFusion MX Administrator online Help.
• Resource/Sandbox The ColdFusion MX Administrator can limit access to ColdFusion resources, including selected tags and functions, data sources, files, and host addresses. In Standard edition, you configure a single set of resource limitations that apply to all your ColdFusion applications.

  In Enterprise edition, you can have multiple sandboxes, based on the location of your ColdFusion pages, each with its own set of resource limitations. You can confine applications to secure areas, thereby flexibly restricting the access that the application has to resources.

• User ColdFusion applications can require users to log in to use application pages. You can assign users to roles (sometimes called groups); ColdFusion pages can determine the logged-in user's roles or ID and selectively determine what to do based on this information.

Note: You can also use the cfencode utility, located in the cf_root/bin directory, to obscure ColdFusion pages that you distribute. Although this technique cannot prevent determined hackers from determining the contents of your pages, it does prevent inspection of the pages.

Contents > Developing ColdFusion MX Applications > Securing Applications > ColdFusion security features

ColdFusion 9 | ColdFusion 8 | ColdFusion MX 7 | ColdFusion MX 6.1 | ColdFusion MX | Forums | Developer Center | Bug Reporting

Version 6.1

Comments are no longer accepted for ColdFusion MX 6.1. ColdFusion 8 is the current version.

Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/coldfusion/6.1/htmldocs/appsecu2.htm

Add Comment