About user directories

A user directory authenticates users against a list of user information, but does not authorize users. A directory can tell you if someone is a valid user of the system, but cannot assign ColdFusion security permissions to the user. When you create a security context, you select users and groups from a user directory, then individually assign them access rights to ColdFusion resource. ColdFusion developers then include code in the applications that check if a user has access rights.

 

You can incorporate any of the following industry-standard user directories into ColdFusion:

 

Because ColdFusion uses your existing LDAP directories, NT domains, or data sources, you do not have to create and maintain redundant user directories to develop or deploy ColdFusion applications. Using existing NT or LDAP provides an added bonus; user groups to whom you assign security privileges automatically inherit changes to group membership. You do not have to perform any additional maintenance.

 

For example, suppose your company's domain contains a user group called BigDev. You used Advanced Security to give the BigDev group access to a number of tags. Your company hires a new developer to work in the BigDev group. When the new developer is added to the BigDev group in your company's NT domain, she's automatically granted access to the custom tags because of her user group affiliation.

Related topics