BackUp LevelNext

Implementing Server Sandbox Security

ColdFusion Server Enterprise edition supports server sandbox security for hosted sites. This security feature, controlled by the ColdFusion administrator of a hosted site, offers runtime security based on directory access at a hosted site.

Sandbox security is enforced by the ColdFusion Server, using the path location established for the security sandbox in the ColdFusion Administrator. When Server Sandbox security is turned on, ColdFusion Server will throw a security exception if a developer attempts to use tags or resource types that aren't authorized in the Sandbox.

To enable server sandbox security:

  1. Open the ColdFusion Administrator and choose Advanced Security.
  2. Select the Use Security Sandbox Settings check box. Then click the Security Sandboxes button.
  3. Enter a fully qualified path (using forward slashes) as a location for the Security Sandbox, and click Add to register the sandbox.
  4. Enter an existing security context for the sandbox.
  5. Enter a username and password for the sandbox user. This user must be a member of an already registered user directory.

Note

If both user security and server sandbox security are enabled, sandbox security takes precedence.


BackUp LevelNext

allaire

AllaireDoc@allaire.com
Copyright © 1998, Allaire Corporation. All rights reserved.