Advanced Security Concepts
|
Term
| Description
|
Security contexts
| At the top level of the security hierarchy, the security context is a kind of container in which rules, policies, and users are referenced.
|
Security rules
| You use rules to define the access restrictions you want for a particular ColdFusion resource, such as defining which SQL statements are allowed to be executed against a specific data source or which CFML tag ACTIONS are restricted.
|
Users/groups
| Individual users and groups are authenticated within a particular domain. A security domain can be a specified Windows NT domain or an LDAP directory.
|
User directories
| Defines the mechanism to use when authenticating users. Available mechanisms are: A Windows NT domain, which authenticates users with accounts on the server you specify; an LDAP directory to store user and group account information.
|
Security policies
| A policy associates specific users or groups with a set of resource restrictions that these users have access to. These restrictions are in the form of rules, such as allowing a particular user or group to execute a SQL UPDATE on a particular data source.
|
ColdFusion resources
| ColdFusion resources are things like data sources, Verity collections, ColdFusion tags, custom tags, specific files and so on.
|
Security server
| A hostname or IP address you specify where the security authentication and authorization services run. These services are used to authenticate individual users or groups.
|
Security sandboxes
| A security framework established by applying a particular security context, with all that it contains, to a directory structure. Intended mainly to help ISPs hosting ColdFusion applications to partition application pages in individually secure areas.
|