Advanced Security
Security Zone
The emergence of web applications and "public" computing over the Internet creates new security challenges that IT managers and developers need to address. Visit the Security Zone for security bulletins and technical briefs.
Tutorials and Articles
Formal Trust and Authentication
This article discusses secure web application design in non-product specific terms. Subjects include formal trust, external resources, client applications, and authentication.
How to Design Secure Web Applications
This article, part of a series of security-related columns for the Allaire DevCenter, is primarily intended for developers and application architects, but many of these concepts are relevant to any application development cycle, including non-web applications.
Prioritizing Network and Server Security Procedures
This article, part of a series of security-related columns for the Allaire DevCenter, deals with the following topics: monitoring and applying vendor security fixes; server lock-down; security policies; and monitoring.
Top Five ColdFusion Security Issues
This is the first in a series of security-related columns for the Allaire DevCenter. This installment discusses the most prevalent security issues with server configurations and application implementations for ColdFusion.
Explore ColdFusion Server Advanced Security
This article acts as a guided tour through the wealth of information contained in the Allaire Knowledgebase regarding Advanced Security. The articles highlighted below cover the installation, configuration, and operational issues that web developers have encountered with the ColdFusion Advanced Security features.
TechNotes
- 960236cf—ColdFusion MX for J2EE on WebSphere View Source vulnerability
- e546373d—Strong Encryption in ColdFusion MX 7
- tn_19272—ColdFusion MX: Registry errors when accessing the ColdFusion Administrator
- tn_19116—CFFTP fails when using Sandbox Security
- tn_18947—NoClassDefFoundError reported when using cfobject with COM objects in ColdFusion MX 6.1
- tn_18669—ColdFusion 5: How to set up Advanced Security to secure RDS access to data sources
- tn_18360—Disabling cfregistry tag prevents access to the Administrator
- tn_18036—ColdFusion 5 documentation error: Securing the ColdFusion Administrator with advanced security
- tn_18031—ColdFusion 5 (Windows): Advanced Security fails with Oracle Policy Store
- tn_18030—ColdFusion 5: Advanced security fails after creation of new ODBC user directories
- tn_18014—Advanced Security: Migrating ODBC Policy Store data to an LDAP Policy Store
- tn_18013—ColdFusion Advanced Security: Error message occurs: 'A required privilege is not held by the client'
- tn_17997—ColdFusion 5: Initializing Netscape directory server 4.1x for Advanced Security Policy Storage
- tn_17992—ColdFusion 5: After installing MDAC 2.6, advanced security reports "Security Policy Action failed"
- tn_17971—ColdFusion 5 (Windows Only): Advanced security upgrade issues
- tn_17944—ColdFusion 5: Initializing iPlanet directory server 5.0 for Advanced Security Policy Storage
- tn_17937—ColdFusion 5: COM error in Advanced Security upgrade wizard
- tn_17388—Advanced security example - Part I
- tn_17383—Using cfauthenticate to secure your templates
