ColdFusion security options include two levels of security you can implement: Basic and Advanced. With Basic Security, separate passwords secure access to the ColdFusion Administrator, and to files, directories, and data sources from ColdFusion Studio. Knowing these passwords gives you complete access to all resources and all ColdFusion Administrator pages.
Advanced Security allows you to authenticate individual users and associate specific access rights based on user login or group association. ColdFusion Advanced Security gives you the ability to enforce security at a very granular level. For example, you can define security domains and policies that allow you to secure specific areas of the ColdFusion Administrator or specific ColdFusion resources, including the execution of specific ColdFusion tags. This security framework allows you to authenticate individual users, and, once authenticated, control access to a wide range of operations, such as adding or deleting data sources, setting server performance options and so on.
For detailed information about configuring security options in the ColdFusion Administrator, see the following chapters:
For more information about implementing runtime security measures, refer to Developing Web Applications with ColdFusion.