Think of a security context as a container for a logical set of resources grouped together from an administrative perspective. It does not necessarily correspond to a ColdFusion application or resource name. You use a security context to establish a context in which authentication and authorization actions happen. You can set up as many security contexts as your environment requires.
For example, you could create a security context for a particular application development effort. Within this context, you define users, groups, and rules that apply to the developers who are working on the project.
Consider these guidelines as you decide how to use security contexts in your environment:
You can reuse a single security context by implementing it across several applications.
If you deploy a complex application, you might have to create more than one security context for that application.
If you manage a fairly small group of developers who have similar responsibilities, you can use a single security context for an entire ColdFusion application server.
You can create a separate security context for each of your development groups. This approach is recommended if you administer a hosted development environment or if you developers access ColdFusion resources remotely.