Page 1: Coldfusion Server
Administering ColdFusion Server ColdFusion 4.5 Allaire Corporation...
Page 2: Copyright Notice
Copyright Notice © 1999 Allaire Corporation. All rights reserved. This manual, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of such license. The content of this manual is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Allaire Corporation.
Page 3: Table Of Contents
Contents Preface: Welcome to ColdFusion ..............xi Intended Audience......................... xii Welcome to the ColdFusion 4.5 Web Application Server ............xii Products and System Requirements .................... xii New features in ColdFusion 4.5 ....................xiv New visual tools ........................xiv Enhancements to CFML ......................xiv Better reliability ........................xv Improved performance......................xv Enterprise connectivity features ...................xvi Security enhancements......................xvi...
Page 4 Administering ColdFusion Server Uninstalling ColdFusion......................16 Configuring Web servers for Solaris..................16 Using scripts to start and stop ColdFusion manually ............22 Installing ColdFusion on Linux .....................23 Installing ColdFusion......................23 Uninstalling ColdFusion......................25 Chapter 2: Introduction to ColdFusion Server..........27 Overview of Administering ColdFusion ..................28 Accessing the Administrator....................28 Initial ColdFusion administration tasks ................29 Summary of Administrative Tasks....................29 The ColdFusion Administrator ......................30...
Page 5 Contents ColdFusion Java Settings........................54 ColdFusion Version Information....................55 Solaris version information ....................55 The ColdFusion Logging Page .......................56 Administrator email address ....................56 Log directory..........................56 Log slow pages .........................57 Logging email messages ......................57 Log files created by ColdFusion ....................57 Log file format..........................58 Mapping Directories........................58 Using the Extensions Pages......................59 Managing CFX tags........................59 CFX tag samples ........................59...
Page 6 Administering ColdFusion Server Configuring Microsoft SQL Server Options (UNIX) .............88 Connecting to Visual FoxPro Databases ..................89 Configuring Visual FoxPro Options (Windows)..............89 Connecting to OpenIngress Databases..................90 Configuring OpenIngress Options (UNIX)................90 Connecting to dBase Databases ....................92 Configuring dBase Options (Windows) .................92 Configuring Inprise dBase Options (UNIX) ................93 Connecting to Microsoft Access Databases..................94 Configuring Microsoft Access Options (Windows) ..............94 Access Connectivity Tips (Windows)..................95...
Page 7 Contents Defining the Scheduler Refresh Interval ..................126 Logging Scheduled Events ......................127 Chapter 6: Creating Scalable and Highly Available Web Sites ....129 What is Scalability? ........................130 Performance ..........................130 Load management ........................132 Issues Affecting Successful Scalability Implementations............132 Designing and coding scalable applications...............133 Avoiding common bottlenecks ....................137 DNS effects on Web site performance and availability ............138 Load testing your Web applications ..................142...
Page 8 viii Administering ColdFusion Server Restricting a server from participating in a cluster ............224 Putting a cluster member in maintenance mode...............225 Updating software or content on an existing cluster ............228 Resetting a server’s configuration to its pre-clustered state..........230 Administering UNIX-based Clusters ...................231 Using the ClusterCATS Web Explorer..................231 Using the ClusterCATS server utilities.................261 Troubleshooting..........................267...
Page 9 Contents Advanced Security Basics......................290 User Directories........................291 Resources ..........................291 Policies ...........................292 Security Contexts........................293 Advanced Security Implementations..................294 Securing Applications with User Security ................294 Securing Resources with RDS Security................295 Securing Applications with a Security Sandbox ..............295 Securing the ColdFusion Administrator................296 Creating an Advanced Security Framework ................297 Implementation summary ....................297 Installing Advanced Security .......................298 Setting Up a Security Server......................299...
Page 10 Administering ColdFusion Server...
Page 11 Welcome to ColdFusion Preface Administering ColdFusion Server is intended for anyone who needs to install, configure, and maintain ColdFusion Server. Contents Intended Audience................... xii Welcome to the ColdFusion 4.5 Web Application Server......xii Products and System Requirements............... xii New features in ColdFusion 4.5 ..............xiv Developer Resources..................
Page 12: Intended Audience
Administering ColdFusion Server Intended Audience Administering ColdFusion Server is meant for anyone who needs to install, configure, and maintain one or more ColdFusion Server installations. Welcome to the ColdFusion 4.5 Web Application Server The ColdFusion 4.5 release focuses on fundamentals — the fundamentals of delivering your e-business: faster development, better reliability, enhanced scalability, expanded integration, and stronger security.
Page 13 Preface xiii ColdFusion Server 4.5 Enterprise Edition for Solaris SPARC Solaris 2.5.1, 2.6, or 7 (patch 103582-1B or higher) 128 MB RAM (256 MB recommended for clustering) 200 MB hard disk space ColdFusion Server 4.5 Enterprise Edition for Linux Red Hat Linux 6.0 or 6.1 Intel Pentium or above 128 MB RAM (256 MB recommended for clustering) 150 MB hard disk space...
Page 14: New Features In Coldfusion 4.5
Administering ColdFusion Server New features in ColdFusion 4.5 A wide range of new features are available in ColdFusion 4.5. New visual tools Universal File Browser — Access all your files from a single explorer that integrates access to the Windows file system, ColdFusion RDS servers, and FTP servers. Drag- and-drop between any of these services all in an integrated file browser.
Page 15: Better Reliability
Preface Better reliability Server Probes — Guarantee high availability by automatically detecting when a ColdFusion Server or Web server hangs or stops, failing-over to a new machine in a ColdFusion cluster, and restarting the server with problems. (Enterprise Edition only) Improved Automatic Server Recovery —...
Page 16: Enterprise Connectivity Features
Administering ColdFusion Server Enterprise connectivity features Transaction Commit and Rollback — Control database transactions with programmable commit and rollback support for more reliable and better-managed database interactions. Java Object and EJB Connectivity — Connect to any Java object or Enterprise JavaBean (EJB) hosted by any major EJB server to extend ColdFusion and access complex business logic or third party distributed components.
Page 17: Developer Resources
Preface xvii New Advanced Security Interface — Manage Advanced Security configuration more quickly and easily with a completely redesigned browser-based resource view. Scriptable Advanced Security Administration — Configure ColdFusion Advanced Security through your own CFML scripts for easier maintenance of ColdFusion Servers.
Page 18: About Coldfusion Documentation
xviii Administering ColdFusion Server About ColdFusion Documentation ColdFusion documentation is designed to provide support for all components of the ColdFusion development system. Both the print and online versions are organized to allow you to quickly locate the information you need. In addition to the book set, the documentation is provided in two other formats: HTML —...
Page 19: Coldfusion Server Online Documentation
Preface Using ColdFusion Studio Documents everything you need to know about using ColdFusion Studio, including features like projects, source control integration, as well as the Studio workspace and interface. Quick Reference to CFML A valuable quick reference to CFML tags, functions, and variables. ColdFusion Server online documentation To view the HTML documentation, open the following URL: http://127.0.0.1/...
Page 20: Documentation Conventions
Administering ColdFusion Server Documentation conventions When reading, please be aware of these formatting cues: Code samples, filenames, and URLs are set in a font monospaced Notes and tips are identified by bold type Bulleted lists present options and features Numbered steps indicate procedures Tool button icons are generally shown with procedure steps Menu levels are separated by the greater than (>) sign Text for you to type in is set in italics...
Page 21 Preface Postings to the ColdFusion Support Forum ( ) can be http://forums.allaire.com made any time. Sales Toll Free: 888.939.2545 Tel: 617.761.2100 Fax: 617.761.2101 Email: sales@allaire.com Web: http://www.allaire.com/store...
Page 22 xxii Administering ColdFusion Server...
Page 23: Chapter 1: Installing And Configuring Coldfusion
H A P T E R Installing and Configuring Chapter 1 ColdFusion This chapter describes ColdFusion’s system requirements and how to install and configure ColdFusion on your platform. Contents ColdFusion System Requirements..............2 Installing ColdFusion on Windows..............5 Installing ColdFusion on Solaris ..............13 Installing ColdFusion on Linux...............
Page 24: Coldfusion System Requirements
Administering ColdFusion Server ColdFusion System Requirements ColdFusion v4.5 runs on the following platforms: “Windows (NT, 98, or 95)” on page 2 “Solaris (Enterprise edition only)” on page 4 “Linux” on page 5 This section describes system requirements for each platform. Windows (NT, 98, or 95) The minimum requirements needed to install and run ColdFusion Server on Windows depend on which edition you install, Enterprise, Professional, or Express.
Page 25 Chapter 1: Installing and Configuring ColdFusion ColdFusion Server 4.5 Professional Edition for Windows To install and use ColdFusion Server 4.5 Professional edition on Windows, your system must meet the following minimum requirements: Windows 95/98 or Windows NT Server v 4.0 with Service Pack 4 Intel Pentium or higher 32 MB of RAM (128 recommended) MB of free disk space...
Page 26: Solaris (Enterprise Edition Only)
Administering ColdFusion Server ColdFusion Server 4.5 Express Edition for Windows To install and use ColdFusion Server 4.5 Express edition on Windows, your system must meet the following minimum requirements: Windows 95/98 or Windows NT Server v 4.0 with Service Pack 4 Intel Pentium or higher 32 MB of RAM (64 recommended) MB of free disk space...
Page 27: Linux
Chapter 1: Installing and Configuring ColdFusion Linux To install and use ColdFusion Server 4.5 Express, Professional, or Enterprise edition on Linux, your system must meet the following minimum requirements: RedHat operating system v6.0 or 6.1 (with glibc v2.1, gcc/egcs libstdc++ v2.9, and v2.2 kernel) Intel Pentium 200 Mhz or greater 64 MB of RAM (128 MB recommended) 50 MB of free disk space...
Page 28: Installing Coldfusion
Administering ColdFusion Server You can also check the Services icon in the Windows Control Panel or open your Web server administration utility to determine if your Web server is started or stopped. Installing ColdFusion The installation procedure assumes you are installing from a CD. If you purchased and downloaded ColdFusion from the Allaire Online Store, follow the download instructions found there.
Page 29 Chapter 1: Installing and Configuring ColdFusion Click Next in the Welcome and Software License Agreement dialog boxes. The User Information dialog box appears after the Software License Agreement dialog box. Enter your name, company, and ColdFusion serial number in the User Information dialog box and click Next.
Page 30 Administering ColdFusion Server Accept or change the default destination folder and click Next. The Select Web Server dialog box appears. If your Web server is already installed, the ColdFusion Setup program will automatically detect it. If your Web server is not one of the ones listed, select the Other option and click Next.
Page 31 Chapter 1: Installing and Configuring ColdFusion 10. Either accept the Web server’s default document directory or enter a different location for the default directory and click Next. Note ColdFusion documentation and example code are installed in a subdirectory below the Web server’s document directory. The Select Install Options dialog box appears.
Page 32 Administering ColdFusion Server see “Installing ClusterCATS” on page 185. To install Advanced Security, see “Installing Advanced Security” on page 298. The Select Administrator Password dialog box appears next. 12. Enter a password you will use to access the ColdFusion Administrator in the Password and Confirm fields and press Next.
Page 33: Uninstalling Coldfusion
Chapter 1: Installing and Configuring ColdFusion 14. Click Next or OK in the remaining dialog boxes to begin copying the ColdFusion files to the server. If your system has a previous version of ColdFusion, the setup wizard replaces ColdFusion program files but does not remove or change any existing application pages (template files) that may be present.
Page 34 Administering ColdFusion Server “Configuring the Apache Web server for ColdFusion” on page 12 “Changing the ColdFusion user account” on page 12 Configuring the Apache Web server for ColdFusion To configure the Apache Web Server v1.3.6 for use with ColdFusion, you need to: Get a copy of the Apache Web server from the Apache HTTP Server Project Web site at http://www.apache.org/.
Page 35: Installing Coldfusion On Solaris
Chapter 1: Installing and Configuring ColdFusion Select the ColdFusion Application Server service and click Startup. The Service Properties dialog box appears. Use this dialog to set startup options for the ColdFusion Application Server service. In the Log On As section, click the This Account radio button and enter the appropriate account information.
Page 36: Installing Coldfusion
Administering ColdFusion Server “Installing ColdFusion” on page 14 “Upgrading from a previous release of ColdFuison” on page 16 “Uninstalling ColdFusion” on page 16 “Configuring Web servers for Solaris” on page 16 “Using scripts to start and stop ColdFusion manually” on page 22 Installing ColdFusion Before installing ColdFusion please note the following considerations: The installation procedure assumes you are installing from a CD.
Page 37 Chapter 1: Installing and Configuring ColdFusion Note If you specified a directory other than the default, the installation script will create a symbolic link from to wherever /opt/coldfusion you installed ColdFusion. Enter the name of the Web server you are running and press Enter or just press Enter if you are running the default Web server (Netscape Enterprise Server).
Page 38: Upgrading From A Previous Release Of Coldfuison
Administering ColdFusion Server Upgrading from a previous release of ColdFuison When upgrading from an earlier release of ColdFusion on Solaris, you may need to edit the package installation defaults file before running the pkgadd utility. The package installation defaults file is located in the following location: /var/sadm/install/admin/default This file controls the behavior of the Solaris packaging commands.
Page 39 Chapter 1: Installing and Configuring ColdFusion Choosing the right plug-in version Netscape plug-ins for ColdFusion are installed in the <installdir>/coldfusion/ directory. Use the following table to select the proper plug-in file. webserver/nsapi ColdFusion Plugins for Netscape Use this Plugin With this Netscape Server Product With this Version of Solaris coldfusion2x.so...
Page 40 Administering ColdFusion Server If you run the Netscape Server Manager, Netscape’s browser-based administrator, you may get a warning about edits to the Netscape configuration files. This is normal. Follow the instructions and click on the Apply button to reload the new configuration files.
Page 41 Chapter 1: Installing and Configuring ColdFusion NameTrans fn="document-root" root="/local1/netscape/root-skagway" PathCheck fn="unix-uri-clean" PathCheck fn="check-acl" acl="default" PathCheck fn="find-pathinfo" PathCheck fn="find-index" index-names="index.html,home.html" ObjectType fn="type-by-extension" ObjectType fn="force-type" type="text/plain" Service method="(GET|HEAD)" type="magnus-internal/imagemap" fn="imagemap" Service method="(GET|HEAD)" type="magnus-internal/directory" fn="index- common" Service method="(GET|HEAD)" type="*~magnus-internal/*" fn="send-file" AddLog fn="flex-log" name="access" </Object>...
Page 42 Administering ColdFusion Server Configuring the Apache Web Server ColdFusion has been tested with Apache version 1.2.x and 1.3. To obtain Apache free of charge, go to the Apache Web site at http://www.apache.org You can build the ColdFusion module into your Apache Web server binary. This method is efficient because the server does not have to start a new process for every ColdFusion request.
Page 43 Chapter 1: Installing and Configuring ColdFusion Adding the ColdFusion module to Apache 1.3.x You can find the ColdFusion module in the installation directory (usually ) under /opt directory. The pre-built module shipped with coldfusion/webserver/apache ColdFusion 4.5 is built with Apache 1.3.6. This module will not work with earlier versions of Apache 1.3.x, and it may not work with later versions if the Apache Group changes the MODULE_MAGIC_NUMBER_MAJOR (src src/include/ap_mmn.h in the Apache source).
Page 44: Using Scripts To Start And Stop Coldfusion Manually
Administering ColdFusion Server Run the apxs command to build mod_coldfusion.so by entering the following command: make Run the apxs command to add the module to the Apache configuration by entering the following command: make install Restart your Apache server by entering the following command: apachectl restart To configure the Apache module that Allaire provides: Copy the ColdFusion module to the Apache modules directory:...
Page 45: Installing Coldfusion On Linux
Chapter 1: Installing and Configuring ColdFusion ColdFusion runs the following processes on the system: — Starts/stops the other processes and manages page scheduling cfexec — The application server process cfserver — Provides system support for the Administrator as well as cfrdsservice security and debugging services for ColdFusion Studio The following processes also run if you’ve installed the ClusterCATS for ColdFusion...
Page 46 Administering ColdFusion Server To install ColdFusion on Linux: Log in as root Load the ColdFusion CD-ROM into your CD drive. Mount the CD-ROM on if necessary. /mnt/cdrom Change directories to the directory on the CD. cf/linux Run the ColdFusion installation script by entering the following command: ./cfinstall The ColdFusion installation script starts.
Page 47: Uninstalling Coldfusion
Chapter 1: Installing and Configuring ColdFusion 14. Enter the user name under which ColdFusion will run or press Enter to run under the default user name ( nobody Note This user account must be a valid, existing account. 15. If you want to install ClusterCATS at this time, press Enter. Otherwise, enter press Enter to continue.
Page 48 Administering ColdFusion Server...
Page 49: Chapter 2: Introduction To Coldfusion Server
H A P T E R Introduction to ColdFusion Chapter 2 Server This chapter provides an overview of ColdFusion Server and describes how to access the ColdFusion Administrator pages. Contents Overview of Administering ColdFusion ............28 Summary of Administrative Tasks ..............29 The ColdFusion Administrator ...............
Page 50: Overview Of Administering Coldfusion
Administering ColdFusion Server Overview of Administering ColdFusion The ColdFusion Administrator is the administrative interface of the ColdFusion Server. ColdFusion Server is the component of the overall ColdFusion Web application development system that processes ColdFusion application pages and returns HTML pages to Web clients. The Administrator provides a browser-based interface allowing you to manage server performance, add and configure ColdFusion data sources, schedule pages, manage log files, and so on.
Page 51: Initial Coldfusion Administration Tasks
Chapter 2: Introduction to ColdFusion Server Initial ColdFusion administration tasks Immediately after installing ColdFusion Server, you’ll probably want to perform some of the following configuration tasks: Initial Adminitration Tasks If necessary, configure your Web server for ColdFusion If you are using Netscape or Apache Web servers on Solaris, you’ll need to perform some initial configuration tasks for ColdFusion.
Page 52: The Coldfusion Administrator
Administering ColdFusion Server You can learn more about each of these areas of ColdFusion administration by referring to the information in the following table: Information about ColdFusion Administration Subject Where to find it Installing ColdFusion See Chapter 1, “Installing and Configuring ColdFusion,”...
Page 53 Chapter 2: Introduction to ColdFusion Server The following table describes the purpose of each category in the Administrator. ColdFusion Administrator Options Category Description Server Includes options for tuning server performance, as well as: Configuring Administrator and ColdFusion Studio passwords and security options Enabling and configuring ColdFusion application, session, and client variables Mapping directories...
Page 54: Coldfusion Services On Windows Nt
Administering ColdFusion Server ColdFusion Services on Windows NT By default, ColdFusion employs four separate services under Windows NT. The following table explains the purpose of each one. ColdFusion Services on Windows NT Service Purpose Bright Tiger Service Manages ColdFusion Server load-balancing and failover. For more information about clustering, which enables load- balancing and failover in ColdFusion, see Chapter 6, “Creating Scalable and Highly Available Web Sites,”...
Page 55: Coldfusion Processes On Solaris
Chapter 2: Introduction to ColdFusion Server ColdFusion Processes on Solaris ColdFusion runs these processes on the system: - Starts/stops the other processes and manages page scheduling cfexec - The application server process cfserver - Provides system support for the Administrator cfrdsservice - Provides IP failover capability for ColdFusion Server ipaliasd...
Page 56: Windows Nt
Administering ColdFusion Server Windows NT During setup, ColdFusion is installed as a series of system services in Windows NT. Ordinarily, ColdFusion is launched at startup time. To manage how the services are run, use the Services Control Panel in Windows NT. To prevent ColdFusion from running at startup: Open the Services Control Panel.
Page 57: Stopping Coldfusion
Chapter 2: Introduction to ColdFusion Server When ColdFusion is running in Windows 95 or 98, two icons appear in the system tray: To halt the ColdFusion service or to access the ColdFusion Administrator, right mouse click the IDE service icon. To run ColdFusion at startup, place a shortcut for the ColdFusion icon in the Startup program group.
Page 58 Administering ColdFusion Server...
Page 59: Chapter 3: Configuring Coldfusion Server
H A P T E R Configuring ColdFusion Server Chapter 3 This section explains basic ColdFusion administration tasks. Contents The ColdFusion Administrator ............... 39 Starting and Stopping ColdFusion..............41 The Server Settings Page.................. 42 Configuring Administrator Security ............... 44 Managing Client Variables ................45 State Management and Server Clustering............
Page 60 Administering ColdFusion Server Using ColdFusion in a Distributed Configuration......... 68...
Page 61: The Coldfusion Administrator
Chapter 3: Configuring ColdFusion Server The ColdFusion Administrator You use the Administrator to perform a variety of administrative tasks for the ColdFusion Server, such as adding and configuring a data source, or scheduling application page execution, configuring security settings, and so on. During the ColdFusion installation process, you specify an Administrator password that is used to prevent unauthorized access to the Administrator pages.
Page 62 Administering ColdFusion Server Once the Administrator page loads, click one of the Administrator links to work with a specific area of the Administrator. ColdFusion Administrator Options Category Description Server Includes options for tuning server performance, as well as: Configuring Administrator and ColdFusion Studio passwords and security options Configuring cache settings Configuring settings that enable ColdFusion to work with Java...
Page 63: Starting And Stopping Coldfusion
Chapter 3: Configuring ColdFusion Server ColdFusion Administrator Options (Continued) Category Description Automated The Automated tasks pages provide options for: tasks Adding new scheduled tasks Specifying how often ColdFusion checks for new scheduled tasks to execute Miscellaneous Use the Mail page to specify a default mail server hostname as well as other mail-related configuration options.
Page 64: Using Scripts To Start And Stop Coldfusion (Solaris)
Administering ColdFusion Server Batch files, as well as other executables, can be scheduled in Windows NT. Refer to your Windows NT documentation for more information about scheduling, and stopping and starting NT services. Note You must be logged in with Administrator rights to execute these batch commands.
Page 65 Chapter 3: Configuring ColdFusion Server affect server performance. Use the following table to find out about options on the Server Settings Administrator page. Server Settings Options Option Description Limit Use this value to limit the number of simultaneous requests for the simultaneous ColdFusion server.
Page 66: Caching Settings
Administering ColdFusion Server Caching Settings The Administrator Caching Settings page contains several configuration options you can set or enable to cache templates, queries, and data sources. Caching Options Option Description Template cache Use this option to specify how much memory you want to reserve for size caching ColdFusion pages.
Page 67: Managing Client Variables
Chapter 3: Configuring ColdFusion Server Chapter 8, “ColdFusion Security,” on page 273 — Explains the differences between Basic and Advanced security so you can determine which features best suit your needs. Chapter 9, “Configuring Basic Security,” on page 283 — Describes how to configure Basic security options for developing and deploying coldFusion applications.
Page 68 Administering ColdFusion Server Client Variable Storage (Continued) Storage Type Advantages Disadvantages Browser cookies Simple implementation Users can configure browsers to disallow Good performance cookies Can be set to ColdFusion limits automatically expire individual cookie data to Client-side control 4 KB Netscape Navigator allows only 20 cookies from any one host;...
Page 69 Chapter 3: Configuring ColdFusion Server To increase maximum registry size: Open the System Control Panel and click the Performance tab. In the Virtual Memory group box, click the Change button to open the Virtual Memory dialog. At the bottom of the dialog, the current registry size is reported. Specify a new maximum registry size in MB.
Page 70: State Management And Server Clustering
Administering ColdFusion Server State Management and Server Clustering When using ClusterCATS for ColdFusion to cluster Web servers, and you want to use client variables, you must use an external repository to store client variables, since the system registry, which is bound to an individual system, can’t be dynamically accessed by any other system.
Page 71: Client Variable Storage Options
Chapter 3: Configuring ColdFusion Server supports the SQL required for the client variable repository. In addition, OLE DB data sources are not supported for use as a client data source repository. Click Create to create the new data source. To enable your client variable data source: Open the ColdFusion Administrator to the Variables page, which is in the Server group.
Page 72: Create Client Variable Data Source Tables
Administering ColdFusion Server Create client variable data source tables Use this option to allow ColdFusion to create the tables necessary for client variables when you first configure the data source for this purpose. As you configure other servers in your cluster to use this client variables data source, be sure to disable the option for ColdFusion to create the necessary tables.
Page 73: Sample Table Creation Page
Chapter 3: Configuring ColdFusion Server Sample table creation page  <CFQUERY NAME="data1" DATASOURCE="#DSN#"> CREATE TABLE CDATA cfid char(20), app char(64), data memo </CFQUERY> <CFQUERY NAME="data2"...
Page 74: Monitoring Coldfusion Performance
Administering ColdFusion Server for application variables is two days. The default timeout for session variables is 20 minutes. Monitoring ColdFusion Performance ColdFusion provides a set of counters for monitoring the performance of the ColdFusion Server. This allows you to use the Windows NT Performance Monitor administration utility to monitor ColdFusion performance.
Page 75: Locking Variables
Chapter 3: Configuring ColdFusion Server To configure the Performance Monitor: From the Windows Start menu, select Programs > Administrative Tools > Performance Monitor. In the Performance Monitor, select Edit > Add to Chart or File > Open to open an existing chart.
Page 76: Coldfusion Java Settings
Administering ColdFusion Server ColdFusion Java Settings The Java Settings Administrator page lets you specify a number of settings that let ColdFusion work with Java. Java Settings Setting Description Java Virtual Machine Path Specifies the location of the Java virtual machine (JVM). By default, ColdFusion installs the JDK 1.2 JVM in the ColdFusion directory structure.
Page 77: Coldfusion Version Information
Chapter 3: Configuring ColdFusion Server ColdFusion Version Information The Version Info Administrator page provides ColdFusion Server profile information. The values shown correspond to several ColdFusion server variables as follows: Windows NT Server Information Variables Variable Description Server.ColdFusion.ProductName Stores the ColdFusion product name, for example, ColdFusion Engine.
Page 78: The Coldfusion Logging Page
Administering ColdFusion Server Solaris Server Information Variables (Continued) Variable Description Server.ColdFusion.ProductLevel Stores ColdFusion product level information, for example, Enterprise. Server.ColdFusion.SerialNumber Stores ColdFusion serial number information. Server.OS.Name Stores the server operating system name, for example, UNIX. Server.OS.Version Stores the operating system version, for example, 5.5.1.
Page 79: Log Slow Pages
Chapter 3: Configuring ColdFusion Server Log slow pages ColdFusion allows you to track pages in your applications that take longer than a specified length of time to process. You can specify the amount of time ColdFusion allows before writing an entry to the file.
Page 80: Log File Format
Administering ColdFusion Server ColdFusion Log Files (Continued) Log Filename Description schedule.log Logs scheduled events that have been submitted for execution. Indicates whether the task submission was initiated and if it succeeded. Provides the scheduled page URL, the date and time executed, and a task ID. server.log Logs errors that occurred in the communication between ColdFusion and your Web server.
Page 81: Using The Extensions Pages
Chapter 3: Configuring ColdFusion Server you want to use ColdFusion with CGI or if you want to use absolute references to ColdFusion pages with the CFINCLUDE tag. For information about using ColdFusion with CGI instead of one of the standard Web server APIs (NSAPI, ISAPI, Apache API, or WSAPI), see Chapter 7, “Using CGI with ColdFusion,”...
Page 82: Registering A Java Applet
Administering ColdFusion Server To register a CFX tag: Open the CFX Tags page in the ColdFusion Administrator. Enter a name for the CFX tag you are adding. Tag names must be prefixed with CFX_ Click Add to open the New CFX Tag page. Enter the path to the library you want to use or browse your system to locate the library you want to use.
Page 83 Chapter 3: Configuring ColdFusion Server To register a Java applet: Install the Java class files and any other files required for the class. You’ll need to specify the codebase argument when registering the applet, so take note of the installed path. In the ColdFusion Administrator, open the Register New Applet page by clicking the Applets button.
Page 84: Debug Settings In The Coldfusion Administrator
Administering ColdFusion Server Java Applet Registration Fields (Continued) Field Description Java Not Supported This message is displayed by browsers that do not Message support Java applets. If you want to override this message, you specify a different message in the CFAPPLET tag NOTSUPPORTED attribute.
Page 85: Configuring Administrator Mail
Chapter 3: Configuring ColdFusion Server Debug Settings in ColdFusion Administrator (Continued) Setting Description Show processing time Display the time, in milliseconds, it took the ColdFusion Server to process the page request. The detail view shows the time it takes to process each page used to compose the final page.
Page 86: Indexing Data With Verity
Administering ColdFusion Server Indexing Data with Verity The Verity Search’97 indexing and searching technology, which has been incorporated into ColdFusion, provides a means for creating collections of indexed data optimized for fast retrieval. To use Verity searching and indexing technology you: Create a Verity collection using the ColdFusion Administrator Verity page or using the CFCOLLECTION tag at runtime.
Page 87: Populating A Collection
Chapter 3: Configuring ColdFusion Server Populating a collection Once you’ve created a collection, you can populate it with data from text and binary files in a directory you specify. Data from a ColdFusion query can only be indexed using the ColdFusion CFINDEX tag in a ColdFusion application page. Verity Supported File Types The ColdFusion Verity implementation supports a wide array of document types.
Page 88: Repairing, Optimizing, Purging, And Deleting Collections
Administering ColdFusion Server Supported Document Types (Continued) Documents Versions Spreadsheets Corel QuattroPro 7, 8 Lotus 1-2-3 for DOS/Windows 2.0, 3.0, 4.0, 5.0, ’96, ’97 Lotus 1-2-3 for OS/2 MS Excel 3, 4, 5, ’95, ’97 MS Works Presentation Corel Presentations 7.0, 8.0 Lotus Freelance 96, 97...
Page 89: Configuring Server-Side Source Control
Chapter 3: Configuring ColdFusion Server When you need to clear a collection of data, use the Purge feature to delete the contents of the collection without deleting the collection itself. Caution! A limitation in the Verity implementation may cause problems if you repair a Verity collection and then attempt another action such as a Purge before the repair has completed processing.
Page 90: Using Coldfusion In A Distributed Configuration
Administering ColdFusion Server Using ColdFusion in a Distributed Configuration ColdFusion 4.5 can be configured in a distributed manner where the ColdFusion engine is running on a separate computer from the Web server. Running ColdFusion in this way might be called distributed or remote ColdFusion. To run distributed ColdFusion, you must make the following changes to a standard installation: On the Web server side, you must notify the ColdFusion Web server plug-in that...
Page 91: Configuring Distributed Coldfusion
Chapter 3: Configuring ColdFusion Server standard, release version of ColdFusion 3.1.1 in this manner. To do so, it was necessary to purchase and install special versions of the ColdFusion Web server plug-in modules on the Web server side and a separate listener module on the ColdFusion engine side. In ColdFusion 4.0 all the necessary pieces are provided as part of the standard distribution.
Page 92 Administering ColdFusion Server Here is a sample of the INI file with comments explaining what the various fields do. This sample may be cut and pasted and used as a template to get started. ;------------------------------------------------------------------- ; Sample INI file for ColdFusion Remoting. ;...
Page 93: The Network Listener Module (Nlm)
Chapter 3: Configuring ColdFusion Server ENCRYPTION = "YES" ; Use this to specify the key used to encrypt the data. ; Valid values: any string of up to 127 ASCII chars. KEY = "doglips" ; Use this to have this INI file be deleted after it is read at ;...
Page 94: Installing The Module On Unix
Administering ColdFusion Server To install the network listener module as a service: Run the listener with the following special command line argument: cfdist.exe -sINSTALL If installation was successful, it should now appear on your Services list under the name ColdFusion NetListener. If it doesn’t show up, look in the module’s log file, in the log subdirectory of your ColdFusion installation, for distributed.log information about why the install failed.
Page 95: Listener Module Command Line Options
Chapter 3: Configuring ColdFusion Server Repeating the command should now return nothing, indicating the process is now dead. Listener Module Command Line Options The Network Listener Module (NLM) executable, on Windows cfdist cfdist.exe NT) takes the following command line options at startup. Of these options, you’ll probably only use the -p option on a regular basis.
Page 96: Using The Ini File To Specify Startup Options
Administering ColdFusion Server The program will print out a list of available options along with a brief description of their purpose anytime you enter an unknown option at the command line. Using the INI file to specify startup options It is also possible to specify startup options for the listener in an INI file. This INI file is similar to the INI file required on the Web server side, but is available on the ColdFusion engine side as a convenience (since all the required information may be supplied as command line options at startup time.) Below is a template for this INI file.
Page 97 Chapter 3: Configuring ColdFusion Server ; Valid values: Yes, No. DELETE = "NO" ; Use this to write a message to the ColdFusion "remote.log" confirming that ; remoting is active and what startup parameters (except the encryption ; key) were used. ;...
Page 98 Administering ColdFusion Server...
Page 99: Chapter 4: Managing Data Sources
H A P T E R Managing Data Sources Chapter 4 ColdFusion facilitates the delivery of dynamic database content to the Web in a very short time-frame Before you can use a database in a ColdFusion application, you must register data source in the ColdFusion Administrator. This chapter is organized by database type and connection type.
Page 100: About Coldfusion Data Sources
Administering ColdFusion Server About ColdFusion Data Sources For ColdFusion developers, the term "data source" can refer to a number of different types of structured content accessible locally or across a network. You can query Web sites, LDAP servers, POP mail servers, and documents in a variety of formats. Most commonly though, a database will drive your applications and for this discussion a data source is defined as the entry point for database operations.
Page 101: Supported Databases
Chapter 4: Managing Data Sources Supported Databases ColdFusion uses ODBC, OLE DB, and native database drivers to interact with data sources. However, not all ColdFusion Server editions support all database types. The following table shows database drivers available for each ColdFusion 4.5 edition. ODBC Drivers MERANT INFORMIX 7.x/9.x Driver MERANT Sybase 11 Driver...
Page 102: Where To Go From Here
Administering ColdFusion Server Where to go from here To use an existing database with your ColdFusion applications, you need to register or create the data source using the ColdFusion Administrator. If you are using Informix, DB2, Oracle, or Sybase database, and want to take advantage of the ColdFusion native drivers, you also need to install and configure database client software.
Page 103: Native Drivers
Chapter 4: Managing Data Sources documentation, including help files that might have been copied to your system when you installed ODBC drivers. If you are running ColdFusion Server on a UNIX machine, refer to the MERANT ODBC documentation, which is distributed with ColdFusion as an Acrobat file.
Page 104: Ole Db Drivers
Administering ColdFusion Server OLE DB Drivers ColdFusion developers can now access a range of new data stores through Microsoft OLE DB, including: MAPI-based data stores such as Microsoft Exchange and Lotus Mail Non-relational data stores, such as Lotus Notes LDAP 2.0 data Data from OLE applications like word processors and spreadsheets Mainframe data HTML and text files, flat-file data...
Page 105 Chapter 4: Managing Data Sources To add a data source to ColdFusion Open the ColdFusion Administrator. You see the Server Settings page of the ColdFusion Administrator. Under Data Sources, click the link that specifies the type of data source you want to add: ODBC Native Drivers...
Page 106: Coldfusion Settings
Administering ColdFusion Server . For detailed information about editing the ColdFusion start script for coldfusion/bin your particular database, see the section about your database in this chapter. ColdFusion Settings To define a number of advanced ODBC and ColdFusion options, select a data source and click the CF Settings button.
Page 107: Verifying Coldfusion Data Sources
Chapter 4: Managing Data Sources ColdFusion Data Source Settings (Continued) Option Description Connection timeout Specify the maximum amount of time after the database connection is made (in minutes) you want ColdFusion to cache a connection after it is used. This is different from the server setting to Limit database connection inactive time.
Page 108 Administering ColdFusion Server To verify a ColdFusion data source: Open the ColdFusion Administrator Under Data Sources, select Verify Data Sources. You see a list of all the ColdFusion data sources on the server. To verify all the data sources listed on the page, click Verify All. The word “Verified”...
Page 109: Connecting To Microsoft Sql Server Databases
Chapter 4: Managing Data Sources Connecting to Microsoft SQL Server Databases ColdFusion lets you access SQL Server databases from both Windows NT and UNIX, via ODBC and OLE DB drivers. Configuring Microsoft SQL Server Options (Windows) If ColdFusion Server is installed on a Windows NT server, you can configure Microsoft SQL Server as a ColdFusion data source using any either an ODBC or OLE DB driver.
Page 110: Configuring Microsoft Sql Server Options (Unix)
Administering ColdFusion Server Microsoft SQL Server ODBC Options (Continued) Option Description Login Info Database — The name of the SQL Server database. Language — The national language used by SQL Server. Generate Stored Procedure for Prepared Statement — Stored procedures are created for prepared statements when this option is selected.
Page 111: Connecting To Visual Foxpro Databases
Chapter 4: Managing Data Sources MERANT MS SQL Server ODBC Options (Continued) Option Description Performance Row Limit — The number of rows the driver retrieves from the server for a fetch. Enabling this option can increase performance by reducing network traffic. Disable database cursors for Select statements —...
Page 112: Connecting To Openingress Databases
Administering ColdFusion Server Microsoft Visual FoxPro ODBC Options (Continued) Option Description Database Info Path — The name, including the full path, of the database to which you want to connect. Visual FoxPro Database — Connect to a Visual FoxPro database (.dbc file) and to all the tables and local views in the database.
Page 113 Chapter 4: Managing Data Sources ODBC: MERANT OpenIngress 1.x/2.x Options (Solaris) The following table describes ColdFusion ODBC options for OpenIngress data sources. You set these options when you configure a ColdFusion data source. See “Adding Data Sources for ColdFusion” on page 82 for more information. MERANT OpenIngres 1.x/2.x ODBC Options Option Description...
Page 114: Connecting To Dbase Databases
Administering ColdFusion Server MERANT OpenIngres 1.x/2.x ODBC Options (Continued) Option Description Performance Repeated Cache Size — Determines whether all Update and Insert statements are to be run as repeated statements. This attribute improves the performance of applications that repeat the same set of SQL statements. Long Data Buffer —...
Page 115: Configuring Inprise Dbase Options (Unix)
Chapter 4: Managing Data Sources ODBC: Microsoft dBase and FoxPro Driver Options (Windows) The following table describes ColdFusion ODBC options for dBase data sources. You set these options when you configure a ColdFusion data source. See “Adding Data Sources for ColdFusion” on page 82 for more information Microsoft dBase Driver and Microsoft FoxPro driver ODBC Options Option Description...
Page 116: Connecting To Microsoft Access Databases
Administering ColdFusion Server MERANT dBase/FoxPro Driver ODBC Options Option Description Database Version The version number of the dBase/FoxPro database you want to use. Driver Settings Use lowercase file extension (.dbf) — Specifies whether lowercase file extensions are accepted. If enabled, lowercase extensions are accepted.
Page 117: Access Connectivity Tips (Windows)
Chapter 4: Managing Data Sources ODBC: Microsoft Access Options (Windows) The following table describes ColdFusion ODBC options for Microsoft Access data sources. You set these options when you configure a ColdFusion data source. See “Adding Data Sources for ColdFusion” on page 82 for more information. Microsoft Access ODBC Options Option Description...
Page 118: Connecting To Microsoft Excel Databases
Administering ColdFusion Server Cycle the ColdFusion services each night using the \cfusion\bin\cycle.bat file. Connecting to Microsoft Excel Databases ColdFusion lets you access Microsoft Access databases Windows NT, via ODBC and OLE DB drivers. Configuring Microsoft Excel Options (Windows) If ColdFusion Server is installed on a Windows NT server, you can configure Microsoft access databases as ColdFusion data source using either an ODBC or OLE DB driver.
Page 119: Connecting To Ascii Text Databases
Chapter 4: Managing Data Sources Connecting to ASCII Text Databases ColdFusion lets you access ASCII text databases on both Windows NT and UNIX, via ODBC drivers. Configuring Microsoft Text options (Windows) If ColdFusion Server is installed on a Windows NT server, you can configure ASCII text files as ColdFusion data sources using an ODBC driver.
Page 120: Connecting To Oracle 7.3/8.0 Databases
Administering ColdFusion Server MERANT Text ODBC Options Option Description Database Directory The directory where the text files are found. Extensions List Lists the file name extensions of the text files on the data source. To use all files in the directory, enter *.*. To use only those files with certain extensions, add each extension you want to use.
Page 121: Connecting To Oracle 7 And 8.0 Databases (Unix)
Chapter 4: Managing Data Sources Native Drivers: Oracle 7.3 and 8.0 Options (UNIX) The following table describes ColdFusion Native driver options for Oracle 7.3 and 8.0 native driver data sources on either Windows NT or UNIX. Oracle 8.0 Native Database Driver Options Option Description Data Source Name...
Page 122 Administering ColdFusion Server You’ll need to modify the script to include the /opt/coldfusion/bin/start ORACLE_HOME environment variable and add the directory to the $ORACLE_HOME/lib . See “The /opt/coldfusion/bin/start Script” on page 100 for an LD_LIBRARY_PATH example. Make sure you can connect to the Oracle server from Solaris with sql*plus before you try to connect from ColdFusion.
Page 123: Connecting To Oracle 8.0.X Through Odbc (Unix)
Chapter 4: Managing Data Sources # Example: LD_LIBRARY_PATH=$ORACLE_HOME/lib:$SYBASE/lib:/usr/dt/lib:/lib:/usr/ openwin/lib:$CFHOME/lib # This is the list of variables that ColdFusion will see # Add any special Database environment varaibles here VAR_LIST="LD_LIBRARY_PATH CFHOME SYBASE ORACLE_HOME INFORMIXDIR INFORMIXSERVER II_SYSTEM" #========================================================== # You should not need to touch anything below this point #========================================================== Troubleshooting If ColdFusion is unable to establish a connection to the Oracle 7.3 driver, try the...
Page 124: Troubleshooting The Oracle 7.3 Native Driver (Windows)
Administering ColdFusion Server To build a version of libclntsh.so for Oracle 8.0.x: From the shell, set ORACLE_HOME, CFHOME, and LD_LIBRARY_PATH as set in the start script. ORACLE_HOME should be set to the location of the Oracle client libraries. CFHOME should be set to the location of your ColdFusion application server. LD_LIBRARY_PATH needs to be set the same as in your start script.
Page 125: Configuring The Oracle 8 Client (Windows, Unix)
Chapter 4: Managing Data Sources If you do not have a copy in , search your hard drive for the file. winnt\system32 If you find a copy anywhere other than rename the orant\bin cfusion\bin file then restart ColdFusion services. Configuring the Oracle 8 Client (Windows, UNIX) This section includes the typical configuration steps you need to perform to use the Oracle 8 native database driver on either UNIX or Windows NT.
Page 126 Administering ColdFusion Server In the resulting dialog, select TCP/IP as the networking protocol to connect with and use the Oracle 8 database you want to use in your ColdFusion application. In the dialog that appears, you now need to enter the host name of the server where the Oracle 8 database resides.
Page 127: Connecting To Db2 Data Sources
Chapter 4: Managing Data Sources Creating the data source in ColdFusion: Open the ColdFusion Administrator to the Data sources, Native Drivers page. Enter a data source name and select the Oracle 8 native driver from the drop down list. When you click Add, ColdFusion opens the configuration page for the data source. Here you enter information that tells ColdFusion where to find the database.
Page 128: Configuring System And Services Files (Unix)
Administering ColdFusion Server Native Driver: DB2 Universal Database 5.2/6.1 Options (Solaris, Linux) ColdFusion native drivers are the same for both Windows NT and UNIX. To see ColdFusion options for the DB2 Universal Database 5.2/6.1 native driver, see the table in “Native Driver: DB2 Universal Database 5.2/6.1 Options (Windows)” on page 105. ODBC: DB2/6000 Options (Solaris) The following table describes ColdFusion options for the DB2/6000 ODBC driver.
Page 129: Installing And Configuring Db2 Client Enabler (Unix)
Chapter 4: Managing Data Sources Installing and Configuring DB2 Client Enabler (UNIX) Before you can create a ColdFusion data source with the DB2 native driver, you must install the DB2 version 5.2 Client Enabler Software and create an instance. The client software can be found on the DB2 version 5.2 Software Development Kit CDROM.
Page 130: Data Source And Start Script Settings For Db2 (Unix)
Administering ColdFusion Server ) the same as the database name ( ). The information database_alias database_name in the database directory, along with the information in the node directory, is used on the client to establish a connection to the remote database. You must add an entry to the client’s node directory to describe the remote node.
Page 131: Db2 Binding And Privileges For Odbc (Unix)
Chapter 4: Managing Data Sources Data source settings for the ColdFusion DB2 native driver The data source setting for the native driver need to point to the database name, and include a valid DB2 login name and password. The catalog procedures described above make the connection through the DB2 Client Enabler software.
Page 132 Administering ColdFusion Server Compile and link the .c file generated in step 1. At this point the .c file needs to be precompiled and this process will explode the source into the appropriate C code. Compile the C file and link to get .dll Place the library file (.dll) generated in step 2 in the appropriate directory on the server.
Page 133: Connecting To Informix Data Sources
Chapter 4: Managing Data Sources Connecting to Informix data sources Connections to Informix databases are supported through ODBC on both Windows and UNIX operating systems. On Windows, ColdFusion uses native drivers and on UNIX, ColdFusion uses both native and ODBC drivers to connect to Informix databases.
Page 134: Configuring Informix Options (Unix)
Administering ColdFusion Server Configuring Informix Options (UNIX) If ColdFusion Server is installed on a UNIX server, you can configure Informix ColdFusion data sources using either native or ODBC drivers. Native Driver: Informix 7.3 (UNIX) ColdFusion native drivers are the same for both Windows NT and UNIX. To see ColdFusion options for the DB2 Universal Database 5.2/6.1 native driver, see the table in “Native Driver: Informix 7.3 (Windows)”...
Page 135: Connecting To Informix Data Sources (Unix)
Chapter 4: Managing Data Sources Connecting to Informix Data Sources (UNIX) Before you can connect to an Informix data source through ColdFusion, you must perform the following tasks: Install the Informix ESQL.C9.13 client software. Edit the following files: ColdFusion start script, SQLHOSTS, master NIS services, and $INFORMIXDIR/etc/onconfig.
Page 136: Connecting To Informix Through Odbc/Cli (Windows, Unix)
Administering ColdFusion Server nettype determines what kind of network protocol to connect with. hostname is the hostname of the server where the database is, you can put the ip address or hostname service name is the entry in the or master NIS services file for /etc/services the port that informix listens on.
Page 137 Chapter 4: Managing Data Sources Modifying the services file entry After the installation is complete you will need to modify your workstations’ Services File located in the folder for Windows NT and \winnt\system32\drivers\etc\ for Windows 95/98. This entry is needed for the client software to \windows\system\ find the instance of the Informix service on our network.
Page 138 Administering ColdFusion Server Select the System DSN tab and click the add button. From the list of installed drivers, choose Informix-CLI 2.5 (32 bit). Fill out the ODBC INFORMIX 7.2 Driver Setup Dialog box as follows: Data Source Name: Inf_ol7 Description: Demo Data Database Name: stores7 Click the advanced button...
Page 139: Connecting To Sybase System 11 Data Sources
Chapter 4: Managing Data Sources To change the Windows NT account ColdFusion uses: Using the Services Control Panel, highlight the Allaire ColdFusion 4.0 service and click Startup. Make sure to choose a user name from the user list rather then typing it.
Page 140: Configuring Sybase System 11 Options (Unix)
Administering ColdFusion Server ColdFusion data source. See “Adding Data Sources for ColdFusion” on page 82 for more information about adding data sources to ColdFusion. Sybase System 11/Adaptive Server 11.5 Native Database Driver Options Option Description Data Source Name A name for your ODBC data source. Description Descriptive information about the data source.
Page 141: Tips For Connecting To Sybase System 11 (Unix)
Chapter 4: Managing Data Sources MERANT Sybase System 11 ODBC Options (Continued) Option Description Workstation ID The workstation ID used by the client. Performance Row Limit — The number of rows the driver retrieves from the server for a fetch. Enabling this option can increase performance by reducing network traffic.
Page 142: Using Coldfusion To Create A Data Source
Administering ColdFusion Server script is pointing to the Sybase client directory and not the Sybase server directory. Both of these directories contain an interfaces file. When you’ve completed all the steps in this section, you will need to stop and restart ColdFusion services to reload the file.
Page 143 Chapter 4: Managing Data Sources you need to create the newtable data source in the ColdFusion Administrator, specifying the MERANT dBase/FoxPro ODBC driver. If you don’t create the data source, you’ll receive an error when you try to execute this page. This example generates the following tables in the newtable data source.
Page 144 Administering ColdFusion Server INSERT INTO Beans1 VALUES ( 2, ’Sumatra’, ’21’, {ts ’1999-08-01 00:00:00.000000’}, ’Complex flavor, medium-bodied’) </CFQUERY> <CFQUERY NAME=xs DATASOURCE="newtable"> INSERT INTO Beans1 VALUES ( 3, ’Colombia’, ’89’, {ts ’1999-08-01 00:00:00.000000’}, ’Deep rich, high-altitude flavor’) </CFQUERY> <CFQUERY NAME=xs DATASOURCE="newtable"> INSERT INTO Beans1 VALUES ( 4,</P>...
Page 145: Chapter 5: Scheduling And Static
H A P T E R Scheduling and Static Page Chapter 5 Generation This chapter explains how you can use ColdFusion to perform scheduled processes and to generate static pages. Often the two are combined to allow the periodic regeneration of data that doesn’t need to be available dynamically to a ColdFusion application.
Page 146: About Scheduling Coldfusion Pages
Administering ColdFusion Server About Scheduling ColdFusion Pages The ColdFusion Administrator includes a scheduling facility that allows you to schedule the execution of ColdFusion pages and to generate static HTML pages. The scheduling facility can be very useful for applications that do not require user interactions or customized output.
Page 147: Specifying The Interval For A Scheduled Task
Chapter 5: Scheduling and Static Page Generation Specifying the Interval for a Scheduled Task Often, you’ll want to schedule a page to run at a regular interval for a fixed period of time. For example, to generate an employee list, it’s not usually necessary to generate the list dynamically.
Page 148: Specifying The Page To Execute
Administering ColdFusion Server Specifying the Page to Execute When you schedule a ColdFusion page to execute, the page can be local or remote. With the proper access rights, you can schedule a page on a remote server by specifying the server name in the URL field. Specify the application page to execute: Enter the URL for the page you want to execute in the URL text entry box.
Page 149: Logging Scheduled Events
Chapter 5: Scheduling and Static Page Generation To change the interval ColdFusion checks for newly scheduled tasks, enter an interval value, in minutes. After changing the Scheduler refresh interval, make sure you stop and restart the ColdFusion Executive and ColdFusion Application Server services (Windows NT) or run the stop and start scripts (Solaris).
Page 150 Administering ColdFusion Server...
Page 151: Chapter 6: Creating Scalable And Highly Available Web Sites
H A P T E R Creating Scalable and Highly Chapter 6 Available Web Sites This chapter describes the concepts involved in achieving scalable and highly available ColdFusion Web applications. The latter half describes ColdFusion’s built- in clustering technology, ClusterCATS, which provides intelligent load balancing and failover capabilities.
Page 152: What Is Scalability
Administering ColdFusion Server What is Scalability? As an administrator, it’s likely that you often hear about the importance of having Web servers that scale well, but what exactly is scalability? Simply, scalability is a Web server’s ability to maintain a site’s availability, reliability, and performance as the amount of simultaneous Web traffic, or load, hitting the Web server increases.
Page 153 Chapter 6: Creating Scalable and Highly Available Web Sites ColdFusion ensures that your Web applications perform well by including many performance-friendly features out of the box, including: Just-in-time compiling and client-side caching ColdFusion automatically compiles pages the first time they are requested in a session and stores the compiled representations in memory.
Page 154: Load Management
Administering ColdFusion Server operating system to manage the additional processor and is not available to help scale the application servers. It is important to note that application servers can only hope to scale relative to resources when the resource changes affect the constraining resources. For example, adding processor resources to an application server that is constrained by network bandwidth will provide, at best, minor performance improvements.
Page 155: Designing And Coding Scalable Applications
Chapter 6: Creating Scalable and Highly Available Web Sites dependencies between related but heterogeneous technologies. This section describes some of the major issues affecting successful scalability implementations. Note Although your immediate role and responsibilities as an administrator may not encompass all of the areas and issues described in this section, you can share the information with relevant members of your organization to help ensure successful development efforts.
Page 156 Administering ColdFusion Server the user always returns to the same server for the life of the session. ClusterCATS for ColdFusion automatically handles this for you. Another approach to solving the same problem is to store client variables in a back- end common state repository.
Page 157 Chapter 6: Creating Scalable and Highly Available Web Sites how an application manages multiple concurrent user requests when accessing the same database records. If an application does not impose any database locking mechanism on multiple requests to update the same record, data integrity can be compromised in the database.
Page 158 Administering ColdFusion Server powerful client-side processing available via your browser. Some of these technologies include Java Script, applets, Dynamic HTML, and ColdFusion’s WDDX components (for client-side form validation, for example). Well planned use of these client technologies can reduce unnecessary trips to the server, thereby minimizing performance degradation.
Page 159: Avoiding Common Bottlenecks
Chapter 6: Creating Scalable and Highly Available Web Sites Avoiding common bottlenecks In addition to application design and construction considerations, you must also plan accordingly to avoid common bottlenecks that can negatively affect a Web application’s performance. Following are typical bottlenecks that can affect your application’s ability to perform and scale well: Poorly written application logic —...
Page 160: Dns Effects On Web Site Performance And Availability
Administering ColdFusion Server reside on the database server. In short, tune your databases and queries for maximum efficiency. DNS effects on Web site performance and availability Improper Domain Name System (DNS) setup and configuration on Web servers is one of the most common problems administrators encounter. This section addresses the following topics: What is DNS DNS effects on site performance and availability...
Page 161 Chapter 6: Creating Scalable and Highly Available Web Sites server in a rote, sequential distribution manner. However, if a spike in user activity occurs and causes servers to overload or fail, round-robin DNS will keep distributing the requests among all of the servers, even if some of them are no longer operational. In short, Internet DNS is limited in its capabilities, and its round-robin distribution mechanism does not contain any intelligence that allows it to monitor, manage, and react to overloaded or failed servers.
Page 162 Administering ColdFusion Server The following figure illustrates these concepts. Allaire allaire.com Zone ntserver allaire.com Domain dev.allaire.com Zone DNS servers store information about the domain name space and are referred to as name servers. Name servers typically have one or more zones for which they are responsible.
Page 163 Chapter 6: Creating Scalable and Highly Available Web Sites server named fred.yourcompany.com, you could assign it an alias of www1.yourcompany.com so that users never see fred.yourcompany.com in the event of a server redirection. To see how all of these records work together, let’s look at a simple example. Suppose there are two Web servers named fred.yourcompany.com and barney.yourcompany.com, with aliases of www1.yourcompany.com and www2.yourcompany.com, respectively.
Page 164: Load Testing Your Web Applications
Administering ColdFusion Server Derfler, Frank and Steve Rigney. “TCP/IP , A Survival Guide for Users.” New York, New York: A Division of Henry Holt and Company, Inc.: MIS Press, Inc., 1998. ISBN #: 1-55828-5644. Available at your local computer book store. Also see http://www.mispress.com.
Page 165 Chapter 6: Creating Scalable and Highly Available Web Sites important to verify that your load testing tool can handle HTTP redirections properly before you initiate load testing. How to load test your Web applications One of the first things you need to do to be able to load test is purchase a load testing software tool and learn how to use it.
Page 166: What Is Web Site Availability
Administering ColdFusion Server servers, you can’t anticipate problems nor determine why they occur. The number of possibilities would be too large. Minimize distributed environment load testing Load testing in a distributed environment can be problematic if the network on which you are performing your load tests becomes congested, resulting in poor response times.
Page 167: Availability & Reliability
Chapter 6: Creating Scalable and Highly Available Web Sites Availability & reliability In the simplest of terms, availability and reliability means you can access your Web site whenever you request it by entering the site’s URL in your browser and all of its features work as intended.
Page 168: Common Failures
Administering ColdFusion Server support as a competitive service differentiator will typically specify in written service- level agreements (SLA) a percentage of time that they guarantee a Web site will be available. If the ISP has a sound scalability and failover strategy in place, this figure is usually in the range of 99% or better.
Page 169: Failover Considerations
Chapter 6: Creating Scalable and Highly Available Web Sites advanced personalization and membership capabilities to provide a customized experience and superior authentication ad management features to generate additional revenues and enrich partner relationships ordering and payment features, including shopping carts and secure sockets layer, to ensure easy and safe online transactions Upon finishing the development work and quality assurance testing, you deploy the Web site onto a single production Web server that is hosted within your IT department.
Page 170 Administering ColdFusion Server Hardware planning As illustrated in the availability example above, it’s important to acquire all of the necessary hardware and configure it before you deploy the application. All Web sites have different requirements, feature sets, purposes, audiences, and budgets. It all translates into determining appropriate needs.
Page 171: Techniques For Creating Scalable & Highly Available Sites
Chapter 6: Creating Scalable and Highly Available Web Sites availability and its service levels. These monitoring programs must not only be able to detect problems, but they must also be able to route alerts to the correct administrators for immediate notification of problems. Corrective actions The third major failover consideration is the corrective actions that need to occur if a failure causes a server to become unavailable.
Page 172: Hardware-Based Clustering Solutions
Administering ColdFusion Server Clustering for scalability works by distributing load among each server in the cluster (load balancing) using either an unintelligent-but-regular distribution sequence (round-robin DNS and routers) or a predefined threshold or algorithm that you specify and can adjust for each server in the cluster (specialized clustering software). Clustering for failover relies on redundant servers to ensure that business-critical applications remain available if one of the servers in a cluster fails.
Page 173 Chapter 6: Creating Scalable and Highly Available Web Sites selecting the best server to accommodate the traffic. This process is fast and efficient. The router device in conjunction with the Web servers comprise what is known as a virtual server. Routers are considered semi-intelligent devices because they can detect a server failure and redirect requests to other servers.
Page 174: Software-Based Clustering Solutions
Administering ColdFusion Server Semi-intelligent Routers can load balance in a round-robin fashion, and some can detect failures and automatically redirect traffic and remove failed servers from a cluster. Note Not all routers have the same features or offer the same capabilities. Considerations Carefully evaluate the following issues against a router’s attributes: Expense...
Page 175 Chapter 6: Creating Scalable and Highly Available Web Sites Backup clustering, in which two cloned systems provide redundancy for one another. This type of clustering does not provide any parallel server load balancing. Additionally, Cluster Server has some limitations. Its shortcomings include lengthy durations in detecting server failures (up to 10 minutes) and not being able to provide Exchange-specific failure detection.
Page 176: Combining Hardware And Software Clustering Solutions
Administering ColdFusion Server No single point of failure By distributing the load balancing and failover capabilities among multiple servers in a cluster, as opposed to relying on only a single device, no individual server failure will disable your application. Considerations Consider the following issues when evaluating software-based solutions for your environment: Differences among feature sets...
Page 177: Introducing Clustercats For Coldfusion
Chapter 6: Creating Scalable and Highly Available Web Sites Introducing ClusterCATS for ColdFusion ClusterCATS for ColdFusion is a Web server clustering technology that provides load balancing and failover services that assure high availability for your Web server and ColdFusion Server (CFS). ClusterCATS lets you cluster distributed servers into a single, high-performance, highly available environment of Web server resources.
Page 178 Administering ColdFusion Server Provides another level of ColdFusion-specific load balancing by actively monitoring the ColdFusion Server for failures via application probes that you create to periodically test a ColdFusion URL on your site. If the Probe’s validation test fails, it restricts the Web server on which the site resides and redirects the restricted server’s HTTP traffic to another server in the cluster.
Page 179 Chapter 6: Creating Scalable and Highly Available Web Sites Load Threshold Configuration ClusterCATS lets you configure maximum and gradual redirection thresholds for each server in a cluster. The maximum threshold indicates the point at which the server cannot handle any additional load. To prevent a server’s load from reaching this point and resulting in poor performance and unavailability, you can also configure a gradual redirection threshold that will redirect requests to a less loaded server when the load reaches the gradual redirection...
Page 180: Clustercats For Coldfusion Components
Administering ColdFusion Server If a server within a cluster fails or becomes unavailable and is no longer transmitting an IP signal, another available server in the cluster will automatically assume the IP address of the failed server. Subsequent HTTP requests that are bound for the downed server will be redirected to the server that has taken over for its failed counterpart.
Page 181: Clustercats Explorer
Chapter 6: Creating Scalable and Highly Available Web Sites ClusterCATS Explorer ClusterCATS Explorer is a Windows-based administration utility that you use to create and manage ClusterCATS clusters. Using a Windows Explorer-like graphical interface, you configure, view, monitor, and perform other management tasks, such as: Creating and removing clusters Adding and removing servers from a cluster Configuring load balancing and high availability features...
Page 182: Clustercats Server Administrator
Administering ColdFusion Server Left Pane — Contains views of cluster objects. Right Pane — Contains the view folder and files for the object currently selected in the left pane. ClusterCATS Server Administrator The ClusterCATS Server Administrator is a graphical, Windows-based utility that lets you perform various server administration activities, including: adding and removing the ClusterCATS filter from the Web server service stopping and starting the ClusterCATS service...
Page 183: Before You Install
Chapter 6: Creating Scalable and Highly Available Web Sites Note The ClusterCATS Server Administrator is installed on each Windows NT server you cluster. If your servers are UNIX servers, use the btadmin utility to perform the aforementioned server administration activities. See “btadmin utility”...
Page 184 Administering ColdFusion Server Windows NT system requirements for ClusterCATS Server Intel Pentium 200 Mhz or greater CPU 100 MB of free disk space 128 MB of RAM Windows NT operating system v4.0 or greater Windows NT Service Pack 4 or greater Internet Information Server v4.0 or greater or Netscape Enterprise Server v3.5.1 Administrative privileges on each server An IP address assigned to each server...
Page 185: Configure Your Primary Dns Server
Chapter 6: Creating Scalable and Highly Available Web Sites ClusterCATS Explorer system requirements You can install the ClusterCATS Explorer component on a computer separate from the cluster so that you can administer the cluster from a central location, but you don’t have to.
Page 186 Administering ColdFusion Server Note This section assumes that your primary DNS server is already set up correctly. If it is not, consult a DNS configuration book or a DNS consultant to help prepare your DNS server. We recommend that you do not use a Hosts file in a production environment, as it is less reliable than DNS.
Page 187 Chapter 6: Creating Scalable and Highly Available Web Sites resolve the name-to-IP mapping before the browser can send a request to the appropriate Web server. To summarize, primary and local DNS servers work together to resolve name-to-IP address mappings in the following way. A user enters a Web site URL in his or her browser and presses Enter.
Page 188 Administering ColdFusion Server Configuring DNS records on your primary DNS server You must configure DNS so that both the forward and reverse lookup translation entries are entered and registered correctly with your primary DNS server. To accomplish this, you must define required DNS records (A records and PTR records) for your Web servers on your primary DNS server.
Page 189 Chapter 6: Creating Scalable and Highly Available Web Sites Forward DNS Entries with Round Robin Enabled Host Name IP Address www.company.com 193.168.0.1 193.168.0.2 193.168.0.3 193.168.0.4 www1.company.com 193.168.0.1 www2.company.com 193.168.0.2 www3.company.com 193.168.0.3 www4.company.com 193.168.0.4 Reverse DNS Entries for Explicit Server Names IP Address Host Name 193.168.0.1...
Page 190 Administering ColdFusion Server The DNS Manager utility appears. Right-click the zone created for your site and choose New Host. The New Host dialog box appears. Enter in the Host Name field and enter the IP address of a server that will host the site in the Host IP Address field.
Page 191 Chapter 6: Creating Scalable and Highly Available Web Sites Your entries should look similar to the following entries when you’re done. Right-click the zone for your Web site again and select New Record. The New Resource Record dialog box appears.
Page 192 Administering ColdFusion Server Ensure that the A Record record type is selected from the Record Type list box. Note ClusterCATS requires that the explicit servers you use to host your Web site have associated A records defined for them in DNS, not CNAME records.
Page 193: Configure Your Web Server's Network Settings
Chapter 6: Creating Scalable and Highly Available Web Sites To configure DNS records on your UNIX-based DNS server See the operating system documentation that came with your UNIX server for specific procedures about how to define DNS records on your UNIX-based DNS server. Configure your Web server’s network settings Successful clustering depends highly on whether you’ve configured your Web server’s network settings properly.
Page 194 Administering ColdFusion Server In order for ClusterCATS to perform dynamic addressing, your Web server must have a specific network name and IP address configured for it. Additionally, it must reference a valid local DNS server so that it can properly translate names to correct IP addresses. This section describes the following Web server network configuration procedures: Configuring your Web server to point to your local DNS server Configuring ClusterCATS offline maintenance support (NT only)
Page 195 Chapter 6: Creating Scalable and Highly Available Web Sites Enter the name of the server that is hosting the Web application in the Host Name field. Enter the domain name (yourcompany.com) in the Domain Name field. In the DNS Service Search Order area, click Add to enter the IP addresses of your local DNS server(s).
Page 196 Administering ColdFusion Server This section describes the following topics: The ClusterCATS offline maintenance mode defined Understanding static and dynamic IP address configurations Configuring offline maintenance support (Windows NT only) The ClusterCATS offline maintenance mode defined ClusterCATS provides an offline maintenance feature (available on the Windows NT platform only) that requires you to perform some initial IP address configurations before being able to use the feature.
Page 197 Chapter 6: Creating Scalable and Highly Available Web Sites the Network icon in the Control Panel). Typically, you or someone else added the Web site IP addresses to the server’s IP stack before installing ClusterCATS and creating clusters. You now need to manually remove those IP addresses so that ClusterCATS can dynamically create them in the IP stack according to server load and availability in the cluster.
Page 198 Administering ColdFusion Server...
Page 199 Chapter 6: Creating Scalable and Highly Available Web Sites See the next section for step-by-step procedures about how to perform these required IP configurations for using the ClusterCATS offline maintenance support feature. Configuring offline maintenance support (Windows NT only) Configuring offline maintenance support involves the following tasks: Assigning a static IP address to each server’s NIC Removing Web site IP addresses from the NIC Adding your Web sites’...
Page 200 Administering ColdFusion Server Choose the Specify an IP Address option. Enter an IP address for the server in the IP Address field along with the corresponding Subnet Mask and Default Gateway. See your network administrator if you don’t know this information. Click OK.
Page 201 Chapter 6: Creating Scalable and Highly Available Web Sites If you do not want to remove the IP addresses of the Web sites that reside on the Web server from your NIC, ClusterCATS will still function properly but you will not be able to take advantage of the offline capabilities.
Page 202 Administering ColdFusion Server In the IP address section, select the Web site addresses that you want to remove from the NIC and click Remove. If there are no IP addresses, then they were not bound to the NIC or they were already removed.
Page 203 Chapter 6: Creating Scalable and Highly Available Web Sites Locate the Web server and expand its tree structure. Right-click the Web site for which you want to configure the IP address and choose Properties. The Web Site Properties dialog box appears.
Page 204 Administering ColdFusion Server Enter the Web site’s IP address in the IP Address field. You must manually enter the address because it won’t appear in the drop-down list at this time. ClusterCATS will dynamically add the address to the IP stack once you create the cluster.
Page 205 Chapter 6: Creating Scalable and Highly Available Web Sites Click the DNS tab.
Page 206: Configure Clustercats For Use Across Firewalls
Administering ColdFusion Server Verify that the name that appears in the Host Name field is the name assigned to the server (www1) and not the name of your Web site (most likely, www.). If the names are the same (www.), change one. Typically, it’s easier to change the server’s host name so that you don’t cause DNS mapping resolution problems for your customers when they type in your site’s URL.
Page 207: Installing Clustercats
Chapter 6: Creating Scalable and Highly Available Web Sites As you can see, this scenario involves Company ABC, which has an East Coast and a West Coast group of servers connected to the Internet via several firewalls. The ClusterCATS Explorer resides at the corporate headquarters behind a firewall with a direct connection to the Internet.
Page 208 Administering ColdFusion Server Enter the path location for where the ColdFusion Setup.exe resides or click Browse to drill down to it. Click OK. The ColdFusion v4.5 Setup program starts and displays the ColdFusion Setup Welcome page. Click Next in the Welcome and Software License Agreement dialog boxes. The User Information dialog box appears after the Software License Agreement dialog box.
Page 209 Chapter 6: Creating Scalable and Highly Available Web Sites Note You’ll find your ColdFusion serial number on the product box. The Choose Destination Directory dialog box appears next. Accept or change the default destination folder and click Next. The Select Web Server dialog box appears. If your Web server is already installed, the ColdFusion Setup program will automatically detect it.
Page 210 Administering ColdFusion Server Either accept the Web server’s default document directory or enter a different location for the default directory and click Next. Note ColdFusion documentation and example code are installed in a subdirectory below the Web server’s document directory. The Select Install Options dialog box appears.
Page 211 Chapter 6: Creating Scalable and Highly Available Web Sites 11. Leave the Yes option selected if you want ClusterCATS to provide transparent failover support for your clusters and click Next. This option ensures that the server is able to assume both the IP address of a failed server and any HTTP requests originally sent to the failed server.
Page 212 Administering ColdFusion Server Press Enter to have the installation program automatically configure the Web server. The program loads the necessary plug-in for Netscape or module for Apache 1.3.x Web servers. 10. When prompted with whether or not to install ClusterCATS, press Enter to do so. 11.
Page 213 Chapter 6: Creating Scalable and Highly Available Web Sites Note This procedure assumes you have already installed ColdFusion Server and now want to install ClusterCATS. If you need to install ColdFusion on Linux first before installing ClusterCATS, see “Installing ColdFusion on Linux” on page 23. Run the ClusterCATS installation script by entering the following command: ./cluster_install The ClusterCATS installation script starts.
Page 214: Creating Clusters
Administering ColdFusion Server Creating Clusters If you’ve performed the tasks described in “Before You Install” on page 161 and you’ve successfully installed ClusterCATS, you’re ready to begin creating your server clusters. This section explains: Creating clusters with the Cluster Setup Wizard Creating clusters manually Creating clusters with the Cluster Setup Wizard The ClusterCATS Explorer includes a Cluster Setup Wizard that makes creating and...
Page 215 Chapter 6: Creating Scalable and Highly Available Web Sites Choose Cluster Setup Wizard from the Configure menu. Alternatively, you can click the Cluster Setup Wizard icon that appears in the tool bar. The Create New Cluster dialog box appears. Enter a name for your cluster and in the License Key field and click GoColdFusion Next.
Page 216 Administering ColdFusion Server Make your cluster names logically consistent with their purpose. For example, Sales Web, Customer Support Web, and so on. Also, the License Key field is case-sensitive, so enter the key exactly as shown in step 3. The List of Web Servers dialog box appears. Click Add to add available Web servers to your cluster.
Page 217 Chapter 6: Creating Scalable and Highly Available Web Sites Note Offline maintenance support is only available on NT server clusters. You can only set the maintenance support option when creating a cluster or adding a cluster member to a cluster. You cannot configure or modify this option after you have created and added the cluster member to the cluster.
Page 218 Administering ColdFusion Server 12. Enter new numerical values (not higher than 100%) in the Peak and Gradual Redirect fields and click OK. Be sure to keep your Peak threshold below 100% to accommodate ColdFusion’s processing needs. Set your Gradual Redirection threshold to be 10% – 30% lower than your Peak threshold.
Page 219 Chapter 6: Creating Scalable and Highly Available Web Sites 16. Click an alert event and enter the e-mail address of the recipient. If you want the same person to receive the majority of alerts, click Propagate to automatically fill each event’s Recipient column with the same e-mail address. You can then manually change the few recipients that are different.
Page 220 Administering ColdFusion Server 18. If you are using a hardware-based load balancing device in addition to ClusterCATS to manage and distribute load, enter the name of the Web site that this device supports (for example, www.yourcompany.com) and click Next. 19. Click Finish. ClusterCATS creates the cluster you just configured and displays it in the ClusterCATS Explorer’s left pane.
Page 221: Creating Clusters Manually
Chapter 6: Creating Scalable and Highly Available Web Sites Congratulations — y ou’ve just created your cluster, added servers to it, and configured each server with load balancing and high availability capabilities using the Wizard. See “Configuring cluster administration security” on page 218 to learn how to secure your cluster environment.
Page 222 Administering ColdFusion Server Enter a unique name for the cluster in the Cluster Name field and enter GoColdFusion in the License Key field. Make your cluster names logically consistent with their purpose. For example, Sales Web, Customer Support Web, and so on. Also, the License Key field is case-sensitive, so enter the key exactly as shown in step 3.
Page 223 Chapter 6: Creating Scalable and Highly Available Web Sites Your cluster appears below the Cluster Manager icon in the ClusterCATS Explorer left pane. To manually add additional cluster members to it, see “Adding and deleting cluster members” on page 201. Adding and deleting cluster members You add servers to and delete servers from a cluster one at a time using the ClusterCATS Explorer.
Page 224 Administering ColdFusion Server In the Web Server Name field, enter the fully qualified TCP/IP host name of the Web server (for example, doc.allaire.com). If you are not configuring this Web server for offline maintenance support, go to step 7. However, if you already configured this Web server with a maintenance IP address as described in “Configuring ClusterCATS offline maintenance support (NT only)”...
Page 225: Configuring Load Balancing & High Availability Features
Chapter 6: Creating Scalable and Highly Available Web Sites Deleting a cluster To delete an entire cluster, individually delete each member from the cluster using the procedure above. When the last cluster member has been removed, the cluster itself is deleted.
Page 226 Administering ColdFusion Server Configuring Peak and Gradual redirection load thresholds For each cluster member, you configure a Peak load threshold and a Gradual Redirection threshold. The Peak load threshold represents the maximum load the server can handle before its performance degrades significantly or becomes unavailable.
Page 227 Chapter 6: Creating Scalable and Highly Available Web Sites Enter a new numeric value (less than 100%) in the Peak load field. Enable the Gradual Redirection checkbox and enter a new numeric value in the Gradual Redirection field. If you want the server to be able to handle as much load as possible, set both threshold values close to one another.
Page 228 Administering ColdFusion Server The load monitor shows three lines: Top line (red): Peak Load Threshold Middle line (yellow): Gradual Redirection Threshold Bottom line (green): ColdFusion Server Load Adjusting load threshold settings graphically You can view and set threshold settings relative to one another using the Server Load dialog’s visual display.
Page 229: Configuring Session-Aware Load Balancing
Chapter 6: Creating Scalable and Highly Available Web Sites Use your mouse to drag the Peak load threshold line (Red) up or down to reset the server’s Peak load threshold. As you move the line, the load threshold percentage changes. Enable gradual redirection by selecting the Gradual Redirection checkbox.
Page 230: Configuring Coldfusion Probes
Administering ColdFusion Server Note Session-aware load balancing may not work if you’ve used absolute hyperlinks in an application page. Absolute hyperlinks route the HTTP request back to the cluster entry point and redirect according to the current load threshold without regard to the state of the requesting client. To avoid this inadvertent loss of state, be sure to use only relative linking in your application pages.
Page 231 Chapter 6: Creating Scalable and Highly Available Web Sites The probe is a high availability feature that verifies that the ColdFusion Server is running properly on your clustered servers. It periodically tests a specific ColdFusion URL over periodic intervals and verifies its validity against a user-defined string contained in the returned page.
Page 232 Administering ColdFusion Server Enter a name you want to assign to this probe’s monitor in the Name field on the New Monitor dialog box and click OK. Click the New Probe button on the Probe Properties dialog box. The New Probe dialog box appears. Click OK.
Page 233: Integrating Clustercats With Load Balancing Devices
Chapter 6: Creating Scalable and Highly Available Web Sites If you want longer intervals for how often the probe checks the ColdFusion Server and for how much time can pass without a response from the ColdFusion Server before a failure is registered, change the Timeout and Frequency values to longer durations.
Page 234 Administering ColdFusion Server Combining ClusterCATS and LocalDirector provides a powerful ColdFusion-aware load balancing solution that LocalDirector cannot provide without ClusterCATS. LocalDirector by itself cannot accurately detect how busy a ColdFusion Server is nor can it redirect load from failed or busy servers to available servers. It, therefore, would continue to send new requests to a server even if ColdFusion is too busy to handle additional requests or if the server has failed.
Page 235 Chapter 6: Creating Scalable and Highly Available Web Sites Choose Properties from the Cluster menu or choose Administration from the Configure menu. Both menu selections display the Properties dialog box. The Properties dialog box appears. Select the Load Balance tab and choose Cisco LocalDirector from the Load Balancing Product drop-down list.
Page 236 Administering ColdFusion Server Enter the name of the virtual server (www.website.com) you created in step 2 in the Website Alias field. 10. Enter the IP address of the LocalDirector box in the LocalDirector IP Address field. 11. Enter the port number on which each cluster member’s agents should listen for incoming LocalDirector connection requests in the DFP Agent Listen Port field.
Page 237: Configuring Administrator Alarm Notifications
Chapter 6: Creating Scalable and Highly Available Web Sites The Bright Tiger selection that appears in the Load Balancing Product drop-down list indicates that ClusterCATS will actively load balance HTTP traffic across the cluster rather than the third-party device or software. Enter the name of the Web site in the Site Alias field and click OK.
Page 238 Administering ColdFusion Server To configure an alarm notification Open the ClusterCATS Explorer and select the cluster to which you want to add an alarm. Choose Alarm Notification from the Configure menu. Alternatively, you can right- click the cluster and select Configure > Alarm Notification. The Alarm Notification dialog box appears.
Page 239: Configuring Administration E-Mail Support
Chapter 6: Creating Scalable and Highly Available Web Sites Alarm Event Notification Schedule (Continued) Event type Notification occurs... Server Unreachable Immediately Web Server Failover Immediately ColdFusion Probe Failure Immediately Configuring administration e-mail support The ClusterCATS administration e-mail support feature sends vital statistics about your cluster to designated e-mail accounts in your organization.
Page 240: Configuring Cluster Administration Security
Administering ColdFusion Server Enter the name of the server through which outgoing e-mail will be sent in the SMTP Gateway field. Enter in the Support E-mail field the e-mail address of the person at your organization that should receive a copy of the e-mail that is sent nightly to Allaire’s Technical Support.
Page 241 Chapter 6: Creating Scalable and Highly Available Web Sites You may want to use this security setting if your organization is fairly large and contains many distributed administrator groups that need to access your server clusters. To use this setting, you must define your global administrators’ group in the form “BT_clustername”, where clustername is the exact name of the cluster you created with the ClusterCATS Explorer.
Page 242 Administering ColdFusion Server Within the Authentication area, select Local User from the Mode drop-down box. Enter a user name and password defined for a valid account and click OK. Note ClusterCATS requires you to enter a valid user name and password after selecting the type of authentication you are using so that you don’t inadvertently lock yourself out of the cluster.
Page 243 Chapter 6: Creating Scalable and Highly Available Web Sites ClusterCATS Explorer determines what servers exist in which NT domain by communicating with any Windows NT domain controller for the domain. The list of servers that exist in the Windows NT domain can be viewed by looking at the Network Neighborhood Windows NT utility.
Page 244 Administering ColdFusion Server 10. Within the Authentication area, select NT Domain from the Mode drop-down box. 11. Enter a valid user name and password that participates in the domain and click Note ClusterCATS requires you to enter a valid user name and password after selecting the type of authentication you are using so that you don’t inadvertently lock yourself out of the cluster.
Page 245: Performing Common Cluster Administration Tasks
Chapter 6: Creating Scalable and Highly Available Web Sites Choose Administration from the Configure menu or choose Properties from the Cluster menu. Both menu selections display the Properties dialog box. Alternatively, you can right-click the cluster and select Configure>Administration. The Properties dialog box appears. Within the Authentication area, select Disabled from the Mode drop-down box.
Page 246: Changing A Server's State
Administering ColdFusion Server Changing a server’s state All cluster members are added to a cluster in Active state by default. In Active state, ClusterCATS provides availability and failover services to your Web resources. From time to time, you may want to turn off these load balancing and failover services to help you troubleshoot problems or to add additional servers to the cluster.
Page 247: Putting A Cluster Member In Maintenance Mode
Chapter 6: Creating Scalable and Highly Available Web Sites software updates, verifying load configurations, or as an alternative method to managing load. To restrict a cluster member from participating in a cluster: Open the ClusterCATS Explorer, select a cluster member, and choose State from the Configure menu.
Page 248 Administering ColdFusion Server reset a clustered server’s configuration to its pre-clustered state access a server remotely even if the Web server on the machine is unavailable remove a server from an active cluster gracefully so that you can perform necessary updates or maintenance tasks without making your Web site unavailable to users To put a cluster member in maintenance mode: Open the ClusterCATS Explorer and select a cluster member that you want to...
Page 249 Chapter 6: Creating Scalable and Highly Available Web Sites Click the BT Service Status button to display the Manage ClusterCATS Services dialog box. Stop the ClusterCATS service by selecting the Stopped option and enter 10 minutes in the Drain Down Period field to allow current users to conclude their sessions.
Page 250: Updating Software Or Content On An Existing Cluster
Administering ColdFusion Server Click OK. When the drain-down period expires, the server will fail over to another server in the cluster. You can now update the server with new software or content or troubleshoot problems the server was experiencing. The next section describes how to perform a specific type of maintenance task once you’ve put the server in maintenance mode.
Page 251 Chapter 6: Creating Scalable and Highly Available Web Sites This will add the cluster member back into the cluster. To initially limit the amount of HTTP traffic sent to the server, return to the ClusterCATS Explorer and reconfigure the cluster member’s Peak Load threshold to a low value, like 10%.
Page 252: Resetting A Server's Configuration To Its Pre-Clustered State
Administering ColdFusion Server Observe your cluster member at low usage levels until you are satisfied that your new changes are working properly. 10. When you are certain that the updates you made have not adversely affected the server’s operation, set the Peak and Gradual Redirection load thresholds back to their original values.
Page 253: Administering Unix-Based Clusters
Chapter 6: Creating Scalable and Highly Available Web Sites A message appears confirming that the server has been reset. Exit the ClusterCATS Server Administrator. Return to the computer from which you run the ClusterCATS Explorer. Use the ClusterCATS Explorer to recreate a cluster that includes this server or create a new cluster that contains this server as a cluster member.
Page 254 Administering ColdFusion Server Configuring the communications port on your Web server Opening the Web Explorer Creating clusters Adding cluster members Deleting cluster members Configuring server load thresholds Configuring the ColdFusion probe Configuring session-aware load balancing Integrating ClusterCATS with a load balancing product Configuring alarm notifications Configuring administration e-mail support Configuring administrator authentication...
Page 255 Chapter 6: Creating Scalable and Highly Available Web Sites Enter your user name and password in the appropriate fields and click OK. Note The default user name and password is admin The ClusterCATS Web Explorer opens. Creating clusters From within the open Web Explorer, click the Create New Cluster link. The Create New Cluster page appears.
Page 256 Administering ColdFusion Server Enter a unique name for the cluster in the Cluster Name field. Make your cluster names logically consistent with their purpose. For example, Sales Web, Customer Support Web, and so on. Enter the fully qualified host name (for example, doc.allaire.com) in the Web Server Name field for the first server you want to be a member of this cluster.
Page 257 Chapter 6: Creating Scalable and Highly Available Web Sites Adding cluster members Open the ClusterCATS Web Explorer if it’s not already opened. Click the Add Server link. The Add Server page appears. Enter the fully qualified host name (for example, doc.allaire.com) in the Web Server Name field.
Page 258 Administering ColdFusion Server Click OK to add the cluster member to the existing cluster. Deleting cluster members Open the ClusterCATS Web Explorer if it’s not already open. Click the Delete Server link. The Delete Server page appears. Select the cluster member you want to delete from the Web Server Name drop- down box and click OK.
Page 259 Chapter 6: Creating Scalable and Highly Available Web Sites By default the Peak load threshold is 90% and the Gradual Redirection threshold is 70%. If you want to modify the threshold settings for one or more of your cluster members, perform the following procedures. To configure Peak and Gradual Redirection thresholds: Open the ClusterCATS Web Explorer if it’s not already open.
Page 260 Administering ColdFusion Server Click the Server Attributes link. The Connect to Server page appears. Select the server you want to connect to from the Web Server Name drop-down box and click OK. The selected server’s Properties page appears.
Page 261 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Administration link under Server Attributes. The Server Administration page appears for the selected server. Enter new values in the Standard and Gradual Load Threshold fields and click OK. If you want the server to be able to handle as much load as possible, set both threshold values close to one another.
Page 262 Administering ColdFusion Server apart. To achieve the desired effect described in the latter scenario, it’s best to set a differential of at least 10% between the two threshold values. Configuring the ColdFusion probe ClusterCATS load balances and provides failover support for your ColdFusion applications in two ways.
Page 263 Chapter 6: Creating Scalable and Highly Available Web Sites Enter the fully qualified host name of the server for which you want to configure the ColdFusion probe in the Web Server Name field and click OK. The Cluster Member List page appears. Click the Server Attributes link.
Page 264 Administering ColdFusion Server Select the server you want to connect to from the Web Server Name drop-down box and click OK. The selected server’s Properties page appears. Click the ColdFusion Probe link. The ColdFusion Application Probe page appears.
Page 265 Chapter 6: Creating Scalable and Highly Available Web Sites Leave the Web Server, Pathname, and Working Directory fields as they are unless you installed ColdFusion to a directory other than the default installation directory. In the Startup Parameters field, enter the actual URL of the site you want the probe to access (cabernet.allaireqa.com in the screen above) followed by a text string that appears on a page within the site you are probing (cfprobe.cfm in the screen above).
Page 266 Administering ColdFusion Server Configuring session-aware load balancing Sometimes referred to as a “sticky” session, session-aware load balancing guarantees that users won’t get bumped from the server on which they started their session until the session is complete, regardless of the load thresholds that have been defined for the affected server.
Page 267 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Administration link under Cluster Attributes. The Cluster Administration page appears. Enable the Session-Aware Load Balancing check box and click OK. Session-aware load balancing is now enabled for the selected cluster.
Page 268 Administering ColdFusion Server Integrating ClusterCATS with a load balancing product You can configure ClusterCATS to work in conjunction with a third-party hardware load balancing device or load balancing software product to provide more comprehensive load balancing and failover support for your server clusters. Note You cannot integrate ClusterCATS with Cisco LocalDirector using the Web Explorer.
Page 269 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Administration link under Cluster Attributes. The Cluster Administration page appears. In the Load Balancing Product field, enter the URL of the Web site for which the load balancing product has been set up to manage HTTP traffic. Click OK.
Page 270: Configuring Alarm Notifications
Administering ColdFusion Server Configuring alarm notifications The ClusterCATS alarm notification feature provides you with instant feedback about critical events that take place within a cluster. Once the event triggers the alarm, you are notified by e-mail. To configure administrator alarm notifications: Open ClusterCATS Web Explorer if it’s not already open.
Page 271 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Alarm Notification link. The Alarm Notification page appears. Enter the e-mail address of the person you want to be notified about the occurrence of an event in that event’s corresponding field. If you want multiple people to receive e-mail notification about the same event, separate each e-mail address with a comma.
Page 272 Administering ColdFusion Server Enter the name of the default SMTP mail server to which your mail is delivered in the Default SMTP Host field and click OK. The e-mail addresses you specified will now receive e-mail notification if the corresponding events occur. Configuring administration e-mail support The ClusterCATS e-mail support functionality makes it possible for you to receive vital statistics about your cluster using designated e-mail accounts in your organization.
Page 273 Chapter 6: Creating Scalable and Highly Available Web Sites Enter the fully qualified host name of a server for which you want to configure administrator e-mail support in the Web Server Name field and click OK. The Cluster Member List page appears. Click the Support link.
Page 274 Administering ColdFusion Server Enter in the Support E-mail field the e-mail address of the person at your organization that should receive a copy of the e-mail that is sent nightly to Allaire’s Technical Support. If more than one person should receive the e-mail, separate the e-mail addresses with commas.
Page 275 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Show Cluster link. The Show Cluster page appears. Enter the fully qualified host name of the server for which you want to configure administrator authentication in the Web Server Name field and click OK. The Cluster Member List page appears.
Page 276 Administering ColdFusion Server The Cluster Authentication page appears. Select either Disabled or Local User from the Authentication drop-down box. Note Disabled authentication mode is the default setting. It provides no security challenge and allows anyone to access the server using the Web Explorer.
Page 277 Chapter 6: Creating Scalable and Highly Available Web Sites To change a cluster member’s state from Active to Passive: Open ClusterCATS Web Explorer if it’s not already open. Click the Show Cluster link. The Show Cluster page appears. Enter the fully qualified host name of the server that you want to activate in the Web Server Name field and click OK.
Page 278 Administering ColdFusion Server Click the Server Attributes link under Other. The Connect to Server page appears. Select the server you want to connect to from the Web Server Name drop-down box and click OK. The selected server’s Properties page appears.
Page 279 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Administration link. The Server Administration page appears for the selected server. Select Active or Passive from the State drop-down box and click OK. If you selected Passive, the ClusterCATS load balancing and failover capabilities are now disabled for the selected server.
Page 280 Administering ColdFusion Server Restricting cluster members ClusterCATS lets you restrict a cluster member from receiving any HTTP requests by enabling a configuration option. You may want to do this for a variety of reasons, including server maintenance, server software updates, and as a load management method.
Page 281 Chapter 6: Creating Scalable and Highly Available Web Sites Click the Server Attributes link under Other. The Connect to Server page appears. Select the server you want to connect to from the Web Server Name drop-down box and click OK. The selected server’s Properties page appears.
Page 282 Administering ColdFusion Server Click the Administration link. The Server Administration page appears for the selected server. Select Restricted from the Restriction Status drop-down box and click OK. The selected server will no longer participate in the cluster and will not receive HTTP requests until you change its status back to Unrestricted.
Page 283: Using The Clustercats Server Utilities
Chapter 6: Creating Scalable and Highly Available Web Sites Using the ClusterCATS server utilities ColdFusion Enterprise ships with the following server utilities for configuring, administering, and troubleshooting your ClusterCATS clusters: btadmin utility bt-start and bt-stop utilities btcfgchk utility hostinfo utility sniff utility These server utilities work on both Windows and UNIX platforms.
Page 284 Administering ColdFusion Server Configure ClusterCATS options Use the following command-line syntax for configuring ClusterCATS options: btadmin [configure option ] You can configure the following ClusterCATS options using the btadmin utility: Configuring Bright Tiger options with btadmin Option Description btcats Bright Tiger ClusterCATS server failover Server failover (ipaliasd) load...
Page 285 Chapter 6: Creating Scalable and Highly Available Web Sites Show and reset clusters You can display the ClusterCATS configuration settings currently enabled using the btadmin utility. For example: btadmin show You can also reinitialize your cluster configuration settings on the current server using the btadmin utility: btadmin reset Display btadmin online help...
Page 286 Administering ColdFusion Server btcfgchk DNS error reporting The btcfgchk utility reports on DNS configuration problems. ClusterCATS requires that your DNS be configured with correct forward and reverse mappings. A forward mapping translates the host name to an IP address. Conversely, a reverse mapping translates an IP address to its host name.
Page 287 Chapter 6: Creating Scalable and Highly Available Web Sites btcfgchk DNS error reporting (Continued) Error Explanation <IP address 1> reverse btcfgchk did a lookup on <IP address 1> and found a host maps to <hostname> name to which it is mapped. It then attempted to verify that which then forward this host name maps back to the IP address specified, and the maps to <IP address...
Page 288 Administering ColdFusion Server #cd <btinstall-dir>/program/ Set the default directory to the Programs Directory under Bright Tiger. #<btinstall-dir>/program> hostinfo domain_name The following sample output from the hostinfo utility provides information about a set of round-robin DNS host names. ##<btinstall-dir>/program> hostinfo www.brighttiger.com Information for host ’www.brighttiger.com’: FQHN: www.brighttiger.com Primary Address: 0.0.0.0...
Page 289: Troubleshooting
Chapter 6: Creating Scalable and Highly Available Web Sites Use the "r" command within sniff to listen to intra-cluster packets: Listen Thread thread running on ’any’ interface... [ SrvHello @ Tue Jun 30 17:01:57 1998] 192.168.0.213 boston1.brighttiger.com (192.168.0.118 ) (255.255.255.0 sales_automation Mcast V1.2 Available...
Page 290: Web Sites
Administering ColdFusion Server Cisco Systems. “Cisco DistributedDirector” and “The Effects of Distributing Load Randomly to Servers,” April, 1999. Available for download on the Cisco Web site at http://www.cisco.com/warp/public/cc/cisco/mkt/scale/distr/ tech/index.shtml. Web sites Collaborative Research’s Internet Traffic Management Center is a comprehensive Web site dedicated to Web scalability and availability issues, products, and information.
Page 291: Chapter 7: Using Cgi With Coldfusion
H A P T E R Using CGI with ColdFusion Chapter 7 This chapter describes how to use ColdFusion with a Web server that does not support one of the major APIs. Contents CGI vs. Web Server APIs ................. 270 Limitations of CGI ..................
Page 292: Cgi Vs. Web Server Apis
Administering ColdFusion Server CGI vs. Web Server APIs The Common Gateway Interface (CGI) was introduced as a standard protocol for extending the functionality of Web servers with additional applications. Most CGI applications are simple executables that are launched every time they are requested. ColdFusion uses a more robust architecture.
Page 293: Referencing Application Pages With Cgi
Chapter 7: Using CGI with ColdFusion Relative mappings. When application pages are stored in the Web server document directory, you can use relative URLs to refer to graphics and other files. Increased performance. You will not realize the increased performance provided by the Web server APIs.
Page 294: Application Page References
Administering ColdFusion Server Application page references The reference to the file in the above example contains no path myquery.cfm information. You may be wondering how ColdFusion determines where on your system to locate this file. If you place ColdFusion application pages in the directory, you can reference cfdocs them using only their base name.
Page 295: Chapter 8: Coldfusion Security
H A P T E R ColdFusion Security Chapter 8 This chapter introduces ColdFusion Server Basic and Advanced security features that allow you to protect a wide variety of ColdFusion resources. Contents Why Is ColdFusion Security Important?............274 Types of ColdFusion Security ................ 275 Choosing a Level of ColdFusion Security.............
Page 296: Why Is Coldfusion Security Important
Administering ColdFusion Server Why Is ColdFusion Security Important? Today’s Web applications offer unique opportunities from e-commerce to global communication and collaboration. Today, developers and administrators alike must concern themselves with issues of security. The nature of the Web — global access, ease of connectivity and interaction, and lack of any real control over clients —...
Page 297: Types Of Coldfusion Security
Chapter 8: ColdFusion Security Types of ColdFusion Security ColdFusion Server provides two mutually exclusive security frameworks called Basic security and Advanced security. You can use either type of security to secure ColdFusion application development and deployment. Basic Security Basic security is the initial default security framework for ColdFusion and lets you secure the ColdFusion server with password access: Application development —...
Page 298: Choosing A Level Of Coldfusion Security
Administering ColdFusion Server inbound data and encrypt outbound data. Once the key is installed, the Web server automatically encrypts or decrypts data as it is received or transmitted. If your Web server connections are encrypted with SSL, all communications, including ColdFusion transmissions, are automatically encrypted.
Page 299: Developing Applications
Chapter 8: ColdFusion Security restrictive security plan. The more public the application or development environment, the lower the level of trust. Basic security covers all phases of application development and deployment. Basic security is a good solution for trusted users because it offers them a single access level —...
Page 300: Deploying Applications
Administering ColdFusion Server Generalized access control — Remote developers have access either to all files and data sources, or none. Basic security doesn’t let you protect individual directories or resources. Basic security is a good choice to protect ColdFusion resources if your company consists of a single development group or several small groups all physically located at the same site.
Page 301 Chapter 8: ColdFusion Security Deploying Applications with Basic Security Basic security lets you disable execution of CFML tags that could prevent security hazards if they were used in a ColdFusion application, because they could be used to upload, delete, or otherwise manipulate files on the ColdFusion server. ColdFusion displays an error when it encounters a disabled tag in an application.
Page 302: Securing The Coldfusion Administrator
Administering ColdFusion Server Securing the ColdFusion Administrator The ColdFusion Administrator is a powerful tool that lets you perform administrative tasks like managing server performance, adding and configuring ColdFusion data sources, scheduling pages, and managing log files. You can secure the Administrator with either Basic or Advanced Security.
Page 303: To Learn More About Security
Chapter 8: ColdFusion Security To Learn More About Security Security at the speed of the Web changes more frequently and over a broader spectrum than can be covered here. Allaire is dedicated to educating its customers about new security information as it becomes available. Visit the Allaire Security Zone (http://www.allaire.com/developer/securityzone/) to read Allaire’s latest security bulletins and technical briefs that provide information about issues Allaire believes are significant.
Page 304 Administering ColdFusion Server...
Page 305: Chapter 9: Configuring Basic Security
H A P T E R Configuring Basic Security Chapter 9 Basic ColdFusion security allows you to secure a number of ColdFusion Server resources with password access. This chapter describes configuration options for basic ColdFusion security. Contents About Basic Security ..................284 Configuring Basic Remote Development Security ........
Page 306: About Basic Security
Administering ColdFusion Server About Basic Security ColdFusion Server offers two levels of security: Basic and Advanced. Basic security allows you to impose the following types of control on the ColdFusion development environment: You can secure the ColdFusion Administrator with a password. You can secure access from ColdFusion Studio to data sources and files with a password.
Page 307: Securing Data Sources
Chapter 9: Configuring Basic Security example, you have several geographically dispersed participants in a development project. In addition, a group of widely dispersed developers may require different levels of access to files and data sources. Securing data sources In addition to your application pages, you also need to consider data source security. Using basic security measures, you can take several steps to ensure that your data sources remain secure even when your application page directories are partially accessible:...
Page 308: Securing Coldfusion File Resources
Administering ColdFusion Server Password vulnerability. The password can be lost, stolen, or hacked. Access control is generalized, that is, remote developers have access either to all files and data sources, or none. With Basic security, you can’t protect individual directories and or databases. Securing ColdFusion file resources The following table shows how ColdFusion Basic security compares with native OS options available to you in securing files for remote development.
Page 309: Using A Password To Restrict Access To Rds
Chapter 9: Configuring Basic Security By using a LAN based file access model and by restricting developer data source access to the local workstation, a very secure development environment can be achieved. Using a Password to Restrict Access to RDS The Server, Basic Security page of the ColdFusion Administrator is used to configure passwords for securing the Administrator and for preventing unauthorized access to ColdFusion data source and file resources through ColdFusion Studio.
Page 310: Configuring Basic Runtime Security
Administering ColdFusion Server Configuring Basic Runtime Security Basic security lets you disable execution of seven CFML tags that could present security hazards. You can, however, specify a special directory, called the Unsecured Tags Directory; this is the only directory from which ColdFusion will execute tags you disable with Basic security.
Page 311: Chapter 10: Configuring Advanced Security
H A P T E R Configuring Advanced Security Chapter 10 This chapter describes how to set up and configure the ColdFusion Server Advanced security features. Advanced security lets you protect a wide variety of ColdFusion resources. Contents What is Advanced Security?................290 Advanced Security Basics ................
Page 312: What Is Advanced Security
Administering ColdFusion Server What is Advanced Security? ColdFusion Server Professional and Enterprise editions include Advanced security features that provide scalable, granular security for building and deploying your ColdFusion applications: Application development — Control access to files, data sources and administration for each developer on your team. Coordinate team development on shared servers with the assurance that sensitive data and applications are secure.
Page 313: User Directories
Chapter 10: Configuring Advanced Security User Directories User directories provide a listing of user information, such as the user’s name, login password, and the names of any groups to which the user belongs. ColdFusion Advanced Security lets you incorporate any of the following industry-standard user directories: Lightweight Directory Access Protocol (LDAP) directory Windows NT domain...
Page 314: Policies
Administering ColdFusion Server Resources are not secured until you specifically choose to protect them. You can secure the following types of resources: Applications Verity Collections Components ColdFusion Tags ColdFusion Functions Custom Tags Data Sources Files and Directories User Objects Users Policies After you specify a resource to protect, you need to create a policy that gives access rights to a set of users.
Page 315: Security Contexts
Chapter 10: Configuring Advanced Security Security Contexts A security context is a container for logically-related groups of policies. You can create and implement as many security contexts as your application or development environment requires: You can reuse a single security context, implementing it across several applications.
Page 316: Advanced Security Implementations
Administering ColdFusion Server Advanced Security Implementations The four elements discussed in the previous section — user directories, resources, policies, and security contexts — are the building blocks of every type of security framework you’ll create. You can implement the following types of Advanced Security: User security —...
Page 317: Securing Resources With Rds Security
Chapter 10: Configuring Advanced Security Securing Resources with RDS Security Remote Development Services (RDS) provides a secure connection from ColdFusion Studio to the ColdFusion Server environment and is a prerequisite to accessing data sources, using server-based browsing, and running the interactive debugger. ColdFusion RDS security provides security services in a team-oriented ColdFusion development environment where groups of developers, working in ColdFusion Studio, require different levels of access to ColdFusion files and data sources.
Page 318: Securing The Coldfusion Administrator
Administering ColdFusion Server another company’s applications. It also ensures that no applications can tamper with system resources. The access permissions you assign to a directory tree through a security sandbox override any other access permissions users might have for the tree. For example, suppose you designate the directory c:/applications/hr_app as a security sandbox.
Page 319: Creating An Advanced Security Framework
Chapter 10: Configuring Advanced Security For example, as a ColdFusion Server administrator, you’ll probably want to assign Administrator access to one or two other users, thus ensuring you’ll have backup administrators and your company won’t have to forgo administrative support if you’re away.
Page 320: Installing Advanced Security
Administering ColdFusion Server Once you have decided on a method of storing security profile information, the implementation details are essentially the same regardless of platform and storage type. ColdFusion Advanced Security is implemented by defining the following elements in order: A security server.
Page 321: Setting Up A Security Server
Chapter 10: Configuring Advanced Security After you install Advanced security on Solaris, you should disable all caching options whenever you’re working in the Advanced Server Security page in the ColdFusion Administrator. Specifically, make sure you disable the following settings: Load Security Server Policy Store Cache at Startup Use Security Server Policy Store Cache After you disable these caching options, make sure you restart ColdFusion Server using the stop and start scripts in the /coldfusion/bin directory.
Page 322: Caching Advanced Security Information
Administering ColdFusion Server Under Security Server Cache settings, click to enable the Security Server Policy Store Cache, Security Server Authorization Cache, or ColdFusion Server Cache if you want ColdFusion to cache security information and transactions on the security server. See “Caching Advanced Security Information” on page 300 for a description of the Advanced security caches.
Page 323: Defining User Directories
Chapter 10: Configuring Advanced Security Defining User Directories User and group authentication is carried out against either an existing Windows NT domain, an LDAP directory, or an ODBC data source. When you set up Advanced security, you must specify at least one user directory. You can add as many user directories as you like.
Page 324 Administering ColdFusion Server To define a user directory: In the Advanced Server Security page of the Administrator, click the User Directories button. Enter a name for the user directory in the User Directory text box and click Add. The name you enter here is an internal name that ColdFusion uses to refer to this user directory.
Page 325 Chapter 10: Configuring Advanced Security Select a Search Scope from the drop-down list. Enter the depth of your search. For example, if you want to be able to access everything under the search root, select the Subtree option. Otherwise, select the One Level option. Click Add to define the user directory.
Page 326: Defining A Security Context
Administering ColdFusion Server [SmSampleUsers] Query_Enumerate=select Name, ’User’ as Class from SmUser Union select Name, ’Group’ as Class from SmGroup order by Class Query_InitUser=select Name from SmUser where Name = ’%s’ Query_AuthenticateUser=select Name from SmUser where Name = ’%s’ and Password = ’%s’ Query_GetGroups=select SmGroup.Name from SmGroup, SmUser, SmUserGroup where SmUser.Name = ’%s’...
Page 327: Specifying Resources To Protect
Chapter 10: Configuring Advanced Security To define a security context: Open the Advanced Server Security page and click the Security Contexts button. Enter a security context name and click Add. This is a logical name that defines the scope of the security domain. Later, in your application pages, developers use this name in the CFAUTHENTICATE tag.
Page 328 Administering ColdFusion Server To protect resources: In the Advanced Server Security page, click Resources. You see the Resource View page. Select a security context from the Current Security Context drop-down box. In the Resource Browser, any resource type you selected when you created the current security context appears next to an icon that depicts a closed lock.
Page 329: Implementing Coldfusion Rds Security
Chapter 10: Configuring Advanced Security To add users and groups to a policy: Click the Edit Users button at the bottom of the Resource View page to open the Users page for the current policy. Click the Add/Remove button. ColdFusion opens the Add/Remove Users page for the current policy.
Page 330: Implementing User Security
Administering ColdFusion Server Implementing User Security The user security feature allows ColdFusion developers to authenticate users and match protected resources with authorized users. See “Securing Applications with User Security” on page 294 to learn about user security concepts. In order to implement user security you must use the ColdFusion Administrator to: Set up the security server.
Page 331 Chapter 10: Configuring Advanced Security Specify individual resources to protect and set up policies that match secured resources with authorized users and groups.. See “Specifying Resources to Protect” on page 305 for more information. On the ColdFusion Administrator’s Advanced Server Security page, select the Use Security Sandbox Settings check box and then click the Security Sandboxes button at the bottom of the page.
Page 332: Securing The Coldfusion Administrator
Administering ColdFusion Server Securing the ColdFusion Administrator With ColdFusion Server, you can decentralize administrative responsibility by creating multiple administrators. Overall security is maintained because these additional administrators can control only the resources and policies for which you’ve given them explicit responsibility. You can assign the following types of administrative access to any user: Administrator —...
Page 333: Viewing A Map Of Your Security Framework
Chapter 10: Configuring Advanced Security Viewing a Map of your Security Framework ColdFusion lets you display and print a map that details all the components of your Advanced security framework. To view a map of your currently defined security framework: Open the ColdFusion Administrator and click the Advanced Security link.
Page 334: Enabling Advanced Security
Administering ColdFusion Server Enabling Advanced Security Before you can configure anything, you need to turn on ColdFusion Advanced security. To enable Advanced Security: Open the ColdFusion Administrator and click the Advanced Security link. You see the Advanced Server Security page. Select the Use Advanced Server Security check box.
Page 335: Specifying Resources To Protect
Chapter 10: Configuring Advanced Security Specifying resources to protect When you add a resource to protect, no one is authorized to access that resource until you give permission by adding the resource to a policy and then adding users and groups to that policy.
Page 336: Adding Policies
Administering ColdFusion Server Adding policies Now that you’ve selected the resources to protect, add two policies, one named MARS and one named VENUS. At the bottom of the Resource View page, you see the Policy Editor for the resource you just specified To add policies: Click Add Policy.
Page 337: Assigning Users/Groups To Policies
Chapter 10: Configuring Advanced Security For VENUS we want to add the following rules: VENUS_DSN VENUS_R_DIRECTORY VENUS_W_DIRECTORY VENUS_R_FILES VENUS_W_FILES C_R_FILE C_W_FILE C_DEVELOPMENT_R_FILE C_DEVELOPMENT_W_FILE. Now the VENUS policy has access rights to the and all files in the venus_dsn directory and sub directories. c:\development\venus Notice we did not add any of the wildcard rules named ALL_ , which protect all data sources and files.
Page 338: Enable Coldfusion Studio Security
Administering ColdFusion Server Enable ColdFusion Studio Security The last step is to actually enable Studio Security in the Administrator so that users trying to access ColdFusion Server resources from Studio will be properly authenticated before access is granted. To enable ColdFusion Studio security: On the Advanced Security page click the “Use ColdFusion Studio Authentication”...
Page 339: Undocumented Tags And Functions
Chapter 10: Configuring Advanced Security Undocumented Tags and Functions The ColdFusion Administrator makes use of several tags and functions not currently documented in the CFML Language Reference. In the context of the ColdFusion Administrator, access to the functionality provided by these undocumented tags and functions is restricted to people with administrative privileges.
Page 340: Administrative Functions
Administering ColdFusion Server Administrative Functions In addition to standard CFML functions, the ColdFusion 4.5 Administrator uses the following undocumented functions: CF_SETDATASOURCEUSERNAME() — Sets the default user name for a ColdFusion data source CF_SETDATASOURCEPASSWORD() — Sets the default password for the ColdFusion data source CF_ISCOLDFUSIONDATASOURCE() —...
Page 341: Index
Index Adminstrator email address 56 Application scope 53 Advanced security, Application variables, Access concepts 290, 294 enabling 51 connectivity tips 95 Alarm notifications application.log file 57 Adding configuring in Assigning data sources 78 ClusterCATS 216, 248 site address to Web Adding ColdFusion data frequency of in server 180...
Page 342 Administering ColdFusion Server displaying or resetting ClusterCATS Cluster admin tasks 223–231 other informational resources 267 configurations 263 Cluster members Report email defined 217 enabling and disabling ClusterCATS adding to clusters 201 restricting cluster members 224 options 262 changing state 224 security 218–223 start/stop daemons 261 deleting from clusters 202...
Page 343 Index with Microsoft Cluster Server 152 ColdFusion Administrator site IP address on UNIX Web Clusters categories 30 servers 182 adding cluster members to 201, ColdFusion counters System and services files 106 types of 52 Web server for ColdFusion on administering UNIX 231, 261 ColdFusion data sources Solaris 16–22 about 78...
Page 344 Administering ColdFusion Server OpenIngress databases 90 cfremote.ini 70 Excel 48 Oracle 7 and 8.0 Databases 99 configuring 69 Explorer, ClusterCATS Oracle 7.3/8.0 databases 98 Network Listener Module defined 159 Oracle 8.0.x through ODBC 101 (NLM) 68, 71 Web-based 231 Sybase System 11 databases 117 NLM command line options 73 Windows-based 159 Distributed ColdFusion, about 68...
Page 345 Index Verity Search’97 64 configuring session-aware 207, Logging, ColdFusion Indexing data 64 Administrator 56 Installing ClusterCATS 185–191 configuring the ColdFusion Login Timeout option 84 on Linux 190 Probe 208, 240 Login Timeout, Administrator ODBC on Sun Solaris 189 features in ClusterCATS 156 option 84 integrating ClusterCATS with other on Windows NT 185...
Page 346 Administering ColdFusion Server NT domains URL 271 Resetting servers to pre-clustered user directories 301 Peak load threshold 204 state 230 Perform cluster admin tasks 223–231 Resource types 305 Performance issues related to Resources 291 ODBC scalability 130 Restart unresponsive server 43 Performance monitor Restrict SQL operations option 85 FoxPro 93...
Page 347 Index Application 53 Limit connections option 84 DB2 108 Server 53 Limit database connection inactive Start script, Solaris 34 Session 53 time 44 Start time Scripts Limit maximum number of cached scheduling pages 125 root privileges on Solaris 42 queries 44 Starting and stopping ColdFusion Solaris start and stop 34 Limit simultaneous requests 43...
Page 348 Administering ColdFusion Server Timeout requests 43 ClusterCATS Server Web Explorer Timeouts Administrator 225, 230 adding cluster members 235 specifying for application and clustered session variables 207 administering UNIX clusters 231 session variables 51 hardware to load balance 151 configuring server states 254 tnsnames.ora file 101 hostinfo utility 265 creating clusters 233...
Page 349 Index defined 144 failover considerations 147 Web site scalability defined 130 implementations 132 linear 131 load management factors 132 performance factors 130 webserver.log file 57 WebSite 270 Website API (WSAPI) 270 Windows 95 starting ColdFusion 34 Windows NT domain authentication for clustering 220 Services Control Panel 32 starting ColdFusion 34...
Page 350 Administering ColdFusion Server...

This manual is also suitable for:

Coldfusion 4.5

MACROMEDIA COLDFUSION 4.5-ADMINISTRING COLDFUSION SERVER Manual

Chapter 1: Installing and Configuring Coldfusion

Chapter 2: Introduction to Coldfusion Server

Chapter 3: Configuring Coldfusion Server

Chapter 4: Managing Data Sources

Chapter 5: Scheduling and Static

Chapter 6: Creating Scalable and Highly Available Web Sites

Chapter 7: Using CGI with Coldfusion

Chapter 8: Coldfusion Security

Chapter 9: Configuring Basic Security

Chapter 10: Configuring Advanced Security

Quick Links

ColdFusion Server

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for MACROMEDIA COLDFUSION 4.5-ADMINISTRING COLDFUSION SERVER

Summary of Contents for MACROMEDIA COLDFUSION 4.5-ADMINISTRING COLDFUSION SERVER