These four elements — user directories, resources, policies and security contexts — are the building blocks of every type of Advanced Security framework you create. You can implement the following levels of Advanced Security:
User security — Allows ColdFusion developers to secure functionality within the application, and offers runtime user authentication and authorization. Users receive authentication and privileges in an application based on the applicable ColdFusion security context. For details, see About user directories. For an overview list of steps to implement user security, see Implement user security.
Remote Development Services (RDS) security — Controls a ColdFusion Studio developer's access to ColdFusion resources, including data sources, files, and directories. For details, see Advanced RDS Security. For an overview list of steps to implement RDS security, see Implement RDS security.
Security Sandbox — For the Enterprise Edition of ColdFusion, provides administrative control over resources on a server and runtime security based on directory access at hosted sites. For details, see About security sandboxes. For an overview list of steps to implement sandbox security, see Implement sandbox security. Note that if you implement both user security and sandbox security, sandbox security takes precedence.
Administrator security — Secures the ColdFusion Server Administrator against unauthorized access, and allows you to decentralize administrative tasks by giving specific users various levels of administrative access. For details, see Secure the ColdFusion Administrator. For an overview list of steps to implement ColdFusion Administrator security, see Implement ColdFusion Administrator security.