Manage policies for a security context

Use the Resource Policies for Security Context page to add, edit or delete policies for a security context. Policies match rules to users or user groups. Because each rule governs a specific resource or action associated with it, by adding both rules and users to a policy, you can grant access to a resource for a group of users. If you do not add a rule to a policy, then no one has access to the resource assigned to the rule.

 

To add a resource policy for a security context:

  1. In the ColdFusion Administrator navigation frame, click Security>Security Configuration to see the Advanced Security page, then click Security Contexts. The Register Security Contexts page appears.

  2. In the table of security contexts, click the name of the context for which you want to manage policies. The Edit Security Context page appears.

  3. Click Policies. The Resource Policies for Security Context page appears.

  4. In the Policy Name text box, enter a name for the new policy. It should be easy to recognize and associate with the rule and users it protects.

  5. Click Add. The New Security Policy page appears.

  6. Enter a description for the policy.

  7. Click Add. The Resource Policies for Security Context page appears with the new policy listed in the table. You can edit the policy now or later to associate rules and users with it.

 

To edit or delete a resource policy for a security context:

  1. Access the Resource Policies for Security Context page.

  2. To edit a policy:
    a. Click the name of the policy. The Edit Security Policy page appears. If necessary, edit the description.
    b. To associate a rule with the policy, click Rules to see the Resource Rules for Policy page. For details on completing this form, see Manage rules for a policy.
    c. To associate users with the policy, click Users to see the Users for Policy page. For details on completing this form, see Manage users for a policy.
    d. Click Apply when you finish editing the policy. The Resource Policies for Security Context page appears with the modified policy listed in the table.

  3. To delete a policy:
    a. Click the name of the policy. The Edit Security Policy page appears.
    b. Click Delete. The Resource Policies for Security Context page appears; the deleted policy no longer appears in the table.

Related topics