Implementing Application and Developer Security in CFMX(One Day Seminar)

ColdFusion MX introduces new possibilities for adding powerful security controls for your applications, in terms of authenticating and authorizing users as well as protecting your code from other developers on your server. Administrators will want to reign in the great power and file access CF gives to developers if unchecked. These are two sides of the security coin, and in this daylong seminar we'll introduce each, with a focus on the challenges you may find if you try to use these on your own. The docs are quite sparse (and sometimes wrong or misleading). Clearly the security features were changing right up to the release of CFMX.

Still, once you fully understand the capabilities, it's then easy to use them and considerable control to your applications and CF server configuration.

The new features for login processing offer new features unavailable in CF before, including tracking login timeouts separately from session timeouts (indeed, tracking logins without sessions at all) as well as logouts that occur on browser close (finally!).

The new features for developer resource controls are very easy to setup but have not been explained to most developers, let alone administrators. Both audiences should understand them fully, and even CFMX Professional users should setup some minimal server-wide controls.

Partial List of Topics:

  • Authentication (Login) and Authorization (Permissions) Processing
    • CFLOGIN and CFLOGINUSER Processing; The CFLOGIN structure
    • Logout: On Timeouts (vs Session Timeout), LOGOUT, Browser Close
    • Prompting Users Through Forms (Simple and J_Username), Programmatic, and Declarative Basic Authentication
    • Authenticating Against Databases, LDAPs, NT Domain, and more
    • Authorizing Users In Code Segments and Component Methods
  • Developer Resource Controls
    • Understanding Sandbox/Resource Security (and the difference)
    • Why Restricting Resource Access May Be Important
    • Understanding, Enabling, Configuring Sandbox/Resource Security
    • Configuring Resource Controls (Datasources, Tags/Functions, Files/Dirs, Servers/Ports)
  • Learning More

Cost: $219 per person at public classes; $2199 for an on-site presentation

To find available dates for public seminars, see the schedule/registration page. You can also in express interest in or help arrange a seminar your area. We offer complimentary seats in classes to those who can help to bring a seminar to their company or area, in terms of promotion or finding inexpensive locations for presentation.


Course topics and prices subject to change due to continuous improvement and refinement.

One Day Seminar Info:

| Home | ColdFusion | Articles | Presentations
| User Groups | Other Resources | Press Releases | Company

© 1998-2024, Charles Arehart, SysteManage
Our Practice Makes You Perfect