addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupsimageimagesinstagramlinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1outlookpersonStartprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Bay Area ColdFusion User Group Message Board › Windows security denies sccess to all files except CF files

Windows security denies sccess to all files except CF files

A former member
Post #: 1
My setup is IIS7 with ColdFusion 9 on a virtual server, using windows authentication at the folder level to control access to files.

Adobe's manual describes the process:
How does the ColdFusion service interact with IIS in terms of security?
CF runs as a separate service, but it also integrates with IIS using an ISAPI extension. The ISAPI extension runs in-process with IIS, just like the ASP engine, and when a request is received that is mapped to the file extension associated with the ISAPI extension (typically .cfm and .dbm, although those can be changed in the IIS management console), the request is forwarded to the CF service for processing.

IIS and NT security are used to determine whether the user can request the file in the first place. This happens before the request is forwarded to the CF service**. So, you'll generally follow the same procedure for securing CF applications with ACLs that you would with an ASP application.

**I think this is where the problem is.

We have used this successfully on non virtual servers and using the previous version of IIS. IIS7 denys .css, .js, .asp, .htm and all graphic formats but allowing .cfm file information to be displayed.
Is there a setting in IIS that I am overlooking? From the description above, IIS should not be passing on documents to CF.

Carl Von S.
user 12283578
Group Organizer
Concord, CA
Post #: 1
When you say "ColdFusion 9 on a virtual server", what are you referring to specifically (a Windows Hypervisor or VMWare vSphere virtual server, or something else)? Might help focus the replies...

-Carl
Powered by mvnForum

Our Sponsors

  • PeachPit Press

    Big thanks for the books we raffle at our monthly meetings

  • O'Reilly

    Thanks for the books we raffle at meetings. Ask for discount code!

  • Lynda.com

    Discount training for BACFUG members. Ask for discount code.

  • eSyncTraining

    Web Technology Training Anywhere

  • Railo Technologies, Inc.

    Professional consulting for the Railo Open Source CFML engine.

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy