The first step to implementing Advanced security is setting up a security server. In a non-clustered environment, the security server is the server hosting ColdFusion, where your ColdFusion programming resources, files, data sources, custom tags, Verity collections and so on, are stored. In a clustered environment, you can define a single security server in the cluster to handle all security authentication and authorization. In this case, the other servers in the cluster all point to the security server to authenticate and authorize users and groups.
You can only administer Advanced security from the security server. You can't administer it from a client or from another server in a cluster.
Note | It's a good idea to take the ColdFusion server offline while you're configuring Advanced security. |
![]() |
To set up a security server: |
You see the Advanced Server Security page.
See "Caching Advanced Security Information" for a description of the Advanced security caches.
You can also change the Refresh Interval setting for any of the caches. This determines how often a cache gets flushed.
The Load Security Server Policy Store Cache at Startup option loads this cache every time you start ColdFusion services.
The Maximum Cache Entries option sets the maximum number of entries for each
cache buffer. If you exceed the number, a warning is written to the server.log
file.