The Registered Security Contexts for Security Server page allows you to define, edit, or delete security contexts. You can also display a security map from this page.
To define a new security context:
In the ColdFusion Administrator navigation frame, click Security>Security Configuration. The Advanced Security page appears.
Click Security
Contexts to see the Register Security Contexts page. The Registered
Security Contexts for Server page appears. Any existing security contexts
appear in the table, as shown in the next example:
Note: The Security Contexts button is also provided on the Security
Resources page.
In the text box provided at the top of the page, enter a name for the security context you want to define. This name is a logical name that defines the scope of the security domain. Later, in your application pages, developers use this name in the cfauthenticate tag.
Click Add Security Context. The New Security Context page appears.
Complete the fields on the New Security Context page as described in the following table:
Description |
Default | |
Name |
This field displays the name that you entered on the Register Security Contexts page. |
Filled |
Description |
Enter a description of the security context. |
Blank |
Resource Protection |
||
Protect all resources by default |
Enable this option if you want to protect all types of resources with this security context.
Note: Avoid selecting ColdFusion resources that you do not need to secure with this context. Doing so can needlessly slow performance processing. |
Disabled |
Enable security for X509 certificate authentication |
||
X509 Certificates |
ColdFusion works with a Secure Socket Layer (SSL) enabled Web server, such as Netscape Enterprise 3.5.1 or IIS 4.0, to request client authentication in the form of an X.5. Enable this option if you want to use client certificate authentication. |
Disabled |
Enable Security for Resource Types |
||
|
Enable the types of resources that this context encompasses. Only types enabled here are available later when you create new rules.
|
All disabled |
Add existing user directories |
Enable this option to add users in existing directories to this context automatically. If you disable this option, you must manually associate users with this security context. |
Enabled |
Click Add. The Edit Security Contexts page displays with additional buttons.
You can edit the security context now or later by managing user directories, rules, policies, and securing resources for the context.
To edit or delete a security context:
Access the Register Security Contexts page.
In the table of existing security contexts, click the name of the context. The ColdFusion Edit Security Context page appears.
To edit the security context, modify the fields or manage user directories, rules, policies, and securing resources to the context, then click Apply. The Register Security Context page appears with the modified context shown in the table.
To delete the security context, click Delete. The Register Security Context page appears; the table no longer shows the deleted context.