Adobe 38043740 - ColdFusion Standard - Mac Development Manual page 1117
Developing applications
Hide thumbs
Also See for 38043740 - ColdFusion Standard - Mac:
- User manual (112 pages) ,
- Manual (87 pages)
Table of Contents
Advertisement
DEVELOPING COLDFUSION 9 APPLICATIONS
Using Web Elements and External Objects
<cfinvoke
webservice = "http://some.cfc?wsdl"
returnVariable = "foo"
...
username="aName"
password="aPassword">
<cfoutput>#foo#</cfoutput>
ColdFusion inserts the user name/password string in the
string, with a colon separating the user name and password. This method of passing the user name/password is
compatible with the HTTP basic authentication mechanism used by web servers.
The ColdFusion Administrator lets you predefine web services. As part of defining the web service, you can specify the
user name and password that ColdFusion includes as part of the request to the web service. Therefore, you do not have
to encode this information using the
Administrator, see
"Configuring web services in the ColdFusion
Using ColdFusion to control access
Instead of letting the web server control access to your web services, you can handle the user name/password string in
your Application.cfc or Application.cfm file as part of your own security mechanism. In this case, you use the
tag to retrieve the user name/password information from the
extract the user name and password, as the following excerpt from an Application.cfc
shows:
<cflogin>
<cfset isAuthorized = false>
<cfif isDefined("cflogin")
<!--- Verify user name from cflogin.name and password from
cflogin.password using your authentication mechanism. --->
>
<cfset isAuthorized = true>
</cfif>
</cflogin>
<cfif not isAuthorized>
<!--- If the user does not pass a user name/password, return a 401 error.
The browser then prompts the user for a user name/password. --->
<cfheader statuscode="401">
<cfheader name="WWW-Authenticate" value="Basic realm=""Test""">
<cfabort>
</cfif>
This example does not show how to perform user verification. For more information on verification, see
Applications" on page 339.
Best practices for publishing web services
ColdFusion web services provide a powerful mechanism for publishing and consuming application functionality.
However, before you produce web services for publication, consider the following best practices:
Minimize the use of ColdFusion complex types, such as query and struct, in the web services you create for
1
publication. These types require consumers, especially ones that consume the web service using a technology other
than ColdFusion, to create special data structures to handle complex types.
Locally test the ColdFusion components implemented for web services before publishing them over the Internet.
2
authorization
tag. For information on defining a web service in the ColdFusion
cfinvoke
Administrator" on page 1102.
authorization
Last updated 1/20/2012
request header as a base64 binary encoded
header, decode the binary string, and
onRequestStart
1112
cflogin
method
"Securing
Advertisement
Table of Contents
Related Manuals for Adobe 38043740 - ColdFusion Standard - Mac
Related Products for Adobe 38043740 - ColdFusion Standard - Mac
- Adobe 38040334 - Dreamweaver CS3
- Adobe 38040286 - Contribute CS3 - PC
- Adobe 38040165 - Visual Communicator - PC
- Adobe 38043755 - ColdFusion Enterprise - Mac
- Adobe 38000511 - Macromedia Flash Basic
- Adobe 38039927 - Fireworks CS3 - PC
- Adobe 38039481 - Flash CS3 Professional
- Adobe 38000827 - Macromedia ColdFusion MX Standard Edition