Table of Contents
Advertisement
Defining a Security Context
Defining a Security Context
The Security Context is a logical set of resources grouped together from an
administrative perspective. It does not necessarily correspond to a ColdFusion
application or resource name. As its name suggests, the security context is used to
establish a context in which authentication and authorization actions are carried
out.
For example, you might create a security context for a particular application
development effort. Within this context, you define users, groups, and rules that
apply to the developers who are working on the project. Another example: You define
a context for intranet users of the application you want to deploy. According to their
group affiliation, different rules apply, enabling or preventing various actions based
on their login.
The context establishes which types of resources you want to protect.
To define a security context:
1
2
3
4
5
Open the Advanced Server Security page and click the Security Contexts button.
Enter a security context name and click Add.
This is a logical name that defines the scope of the security domain. Later, in your
application pages, developers use this name in the CFAUTHENTICATE tag.
In the New Security Context page, add a description of the security context.
Choose the Resource Types this context governs.
Avoid selecting ColdFusion resources that you do not intend to secure with this
context, since doing so can needlessly affect performance.
The Add Existing User Directories box is checked by default to let you add users to
this context automatically.
Click Add.
The security context is registered. Next, you define the resources and policies for
this context.
95
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the COLDFUSION 5-ADVANCED ADMINISTRATION and is the answer not in the manual?