MACROMEDIA COLDFUSION 4.5-ADMINISTRING COLDFUSION SERVER Manual - Getting Answers
xx
Administering ColdFusion Server
Documentation conventions
When reading, please be aware of these formatting cues:
•
Code samples, filenames, and URLs are set in a
monospaced
font
•
Notes and tips are identified by bold type
•
Bulleted lists present options and features
•
Numbered steps indicate procedures
•
Tool button icons are generally shown with procedure steps
•
Menu levels are separated by the greater than (>) sign
•
Text for you to type in is set in italics
Getting Answers
One of the best ways to solve particular programming problems is to tap into the vast
expertise of the ColdFusion developer community on the Allaire Forums. Other
ColdFusion developers on the forum can help you figure out how to do just about
anything with ColdFusion. The search facility can also help you search messages going
back 12 months, allowing you to learn how others have solved a problem you may be
facing. The Forums is a great resource for learning ColdFusion, but it’s also a great
place to see the ColdFusion developer community in action.
Contacting Allaire
Corporate headquarters
Allaire Corporation
One Alewife Center
Cambridge, MA 02140
Tel: 617.761.2000
Fax: 617.761.2001
http://www.allaire.com
Technical support
Telephone support is available Monday through Friday 8 A.M. to 8 P.M. Eastern time
(except holidays)
Toll Free: 888.939.2545 (U.S. and Canada)
Tel: 617.761.2100 (outside U.S. and Canada)
For complete details about Allaire Product Support options, please refer to the Allaire
Support pages on the Allaire web site:
http://www.allaire.com/support
.
Summary of COLDFUSION 4.5-ADMINISTRING COLDFUSION SERVER
Page 1
Allaire corporation administering coldfusion server coldfusion 4.5.
Page 2: Copyright Notice
Copyright notice © 1999 allaire corporation. All rights reserved. This manual, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of such license. The content of this manual is furnished for informational use only, is subje...
Page 3: Contents
Contents preface: welcome to coldfusion ...................................................................Xi intended audience......................................................................................................................... Xii welcome to the coldfusion 4.5 web application s...
Page 4
Iv administering coldfusion server uninstalling coldfusion.........................................................................................................16 configuring web servers for solaris.......................................................................................16 using scr...
Page 5
Contents v coldfusion java settings................................................................................................................54 coldfusion version information...................................................................................................55 solaris version in...
Page 6
Vi administering coldfusion server configuring microsoft sql server options (unix) .............................................................88 connecting to visual foxpro databases .......................................................................................89 configuring visual foxpro...
Page 7
Contents vii defining the scheduler refresh interval .....................................................................................126 logging scheduled events ...........................................................................................................127 chapter 6: creating sc...
Page 8
Viii administering coldfusion server restricting a server from participating in a cluster ............................................................224 putting a cluster member in maintenance mode ...............................................................225 updating software or content on an...
Page 9
Contents ix advanced security basics.............................................................................................................290 user directories.....................................................................................................................291 resources .......
Page 10
X administering coldfusion server.
Page 11: Welcome To Coldfusion
Preface welcome to coldfusion administering coldfusion server is intended for anyone who needs to install, configure, and maintain coldfusion server. Contents • intended audience........................................................................................... Xii • welcome to the coldfusio...
Page 12: Intended Audience
Xii administering coldfusion server intended audience administering coldfusion server is meant for anyone who needs to install, configure, and maintain one or more coldfusion server installations. Welcome to the coldfusion 4.5 web application server the coldfusion 4.5 release focuses on fundamentals...
Page 13
Preface xiii coldfusion server 4.5 enterprise edition for solaris • sparc solaris 2.5.1, 2.6, or 7 (patch 103582-1b or higher) • 128 mb ram (256 mb recommended for clustering) • 200 mb hard disk space coldfusion server 4.5 enterprise edition for linux • red hat linux 6.0 or 6.1 • intel pentium or ab...
Page 14
Xiv administering coldfusion server new features in coldfusion 4.5 a wide range of new features are available in coldfusion 4.5. New visual tools universal file browser — access all your files from a single explorer that integrates access to the windows file system, coldfusion rds servers, and ftp s...
Page 15
Preface xv better reliability server probes — guarantee high availability by automatically detecting when a coldfusion server or web server hangs or stops, failing-over to a new machine in a coldfusion cluster, and restarting the server with problems. (enterprise edition only) improved automatic ser...
Page 16
Xvi administering coldfusion server enterprise connectivity features transaction commit and rollback — control database transactions with programmable commit and rollback support for more reliable and better-managed database interactions. Java object and ejb connectivity — connect to any java object...
Page 17: Developer Resources
Preface xvii new advanced security interface — manage advanced security configuration more quickly and easily with a completely redesigned browser-based resource view. Scriptable advanced security administration — configure coldfusion advanced security through your own cfml scripts for easier mainte...
Page 18
Xviii administering coldfusion server about coldfusion documentation coldfusion documentation is designed to provide support for all components of the coldfusion development system. Both the print and online versions are organized to allow you to quickly locate the information you need. In addition ...
Page 19
Preface xix using coldfusion studio documents everything you need to know about using coldfusion studio, including features like projects, source control integration, as well as the studio workspace and interface. Quick reference to cfml a valuable quick reference to cfml tags, functions, and variab...
Page 20: Getting Answers
Xx administering coldfusion server documentation conventions when reading, please be aware of these formatting cues: • code samples, filenames, and urls are set in a monospaced font • notes and tips are identified by bold type • bulleted lists present options and features • numbered steps indicate p...
Page 21
Preface xxi postings to the coldfusion support forum ( http://forums.Allaire.Com ) can be made any time. Sales toll free: 888.939.2545 tel: 617.761.2100 fax: 617.761.2101 email: sales@allaire.Com web: http://www.Allaire.Com/store.
Page 22
Xxii administering coldfusion server.
Page 23: Installing and Configuring
C h a p t e r 1 chapter 1 installing and configuring coldfusion this chapter describes coldfusion’s system requirements and how to install and configure coldfusion on your platform. Contents • coldfusion system requirements.................................................................... 2 • inst...
Page 24
2 administering coldfusion server coldfusion system requirements coldfusion v4.5 runs on the following platforms: • “windows (nt, 98, or 95)” on page 2 • “solaris (enterprise edition only)” on page 4 • “linux” on page 5 this section describes system requirements for each platform. Windows (nt, 98, o...
Page 25
Chapter 1: installing and configuring coldfusion 3 coldfusion server 4.5 professional edition for windows to install and use coldfusion server 4.5 professional edition on windows, your system must meet the following minimum requirements: • windows 95/98 or windows nt server v 4.0 with service pack 4...
Page 26
4 administering coldfusion server coldfusion server 4.5 express edition for windows to install and use coldfusion server 4.5 express edition on windows, your system must meet the following minimum requirements: • windows 95/98 or windows nt server v 4.0 with service pack 4 • intel pentium or higher ...
Page 27
Chapter 1: installing and configuring coldfusion 5 linux to install and use coldfusion server 4.5 express, professional, or enterprise edition on linux, your system must meet the following minimum requirements: • redhat operating system v6.0 or 6.1 (with glibc v2.1, gcc/egcs libstdc++ v2.9, and v2.2...
Page 28
6 administering coldfusion server • you can also check the services icon in the windows control panel or open your web server administration utility to determine if your web server is started or stopped. Installing coldfusion the installation procedure assumes you are installing from a cd. If you pu...
Page 29
Chapter 1: installing and configuring coldfusion 7 6. Click next in the welcome and software license agreement dialog boxes. The user information dialog box appears after the software license agreement dialog box. 7. Enter your name, company, and coldfusion serial number in the user information dial...
Page 30
8 administering coldfusion server 8. Accept or change the default destination folder and click next. The select web server dialog box appears. If your web server is already installed, the coldfusion setup program will automatically detect it. 9. If your web server is not one of the ones listed, sele...
Page 31
Chapter 1: installing and configuring coldfusion 9 10. Either accept the web server’s default document directory or enter a different location for the default directory and click next. Note coldfusion documentation and example code are installed in a subdirectory below the web server’s document dire...
Page 32
10 administering coldfusion server see “installing clustercats” on page 185. To install advanced security, see “installing advanced security” on page 298. The select administrator password dialog box appears next. 12. Enter a password you will use to access the coldfusion administrator in the passwo...
Page 33
Chapter 1: installing and configuring coldfusion 11 14. Click next or ok in the remaining dialog boxes to begin copying the coldfusion files to the server. If your system has a previous version of coldfusion, the setup wizard replaces coldfusion program files but does not remove or change any existi...
Page 34
12 administering coldfusion server • “configuring the apache web server for coldfusion” on page 12 • “changing the coldfusion user account” on page 12 configuring the apache web server for coldfusion to configure the apache web server v1.3.6 for use with coldfusion, you need to: • get a copy of the ...
Page 35
Chapter 1: installing and configuring coldfusion 13 2. Select the coldfusion application server service and click startup. The service properties dialog box appears. Use this dialog to set startup options for the coldfusion application server service. 3. In the log on as section, click the this acco...
Page 36
14 administering coldfusion server • “installing coldfusion” on page 14 • “upgrading from a previous release of coldfuison” on page 16 • “uninstalling coldfusion” on page 16 • “configuring web servers for solaris” on page 16 • “using scripts to start and stop coldfusion manually” on page 22 installi...
Page 37
Chapter 1: installing and configuring coldfusion 15 note if you specified a directory other than the default, the installation script will create a symbolic link from /opt/coldfusion to wherever you installed coldfusion. 8. Enter the name of the web server you are running and press enter or just pre...
Page 38
16 administering coldfusion server upgrading from a previous release of coldfuison when upgrading from an earlier release of coldfusion on solaris, you may need to edit the package installation defaults file before running the pkgadd utility. The package installation defaults file is located in the ...
Page 39
Chapter 1: installing and configuring coldfusion 17 choosing the right plug-in version netscape plug-ins for coldfusion are installed in the /coldfusion/ webserver/nsapi directory. Use the following table to select the proper plug-in file. Note the netscape 3.0 servers will not work on solaris 2.6 w...
Page 40
18 administering coldfusion server if you run the netscape server manager, netscape’s browser-based administrator, you may get a warning about edits to the netscape configuration files. This is normal. Follow the instructions and click on the apply button to reload the new configuration files. 6. Te...
Page 41
Chapter 1: installing and configuring coldfusion 19 nametrans fn="document-root" root="/local1/netscape/root-skagway" pathcheck fn="unix-uri-clean" pathcheck fn="check-acl" acl="default" pathcheck fn="find-pathinfo" pathcheck fn="find-index" index-names="index.Html,home.Html" objecttype fn="type-by-...
Page 42
20 administering coldfusion server configuring the apache web server coldfusion has been tested with apache version 1.2.X and 1.3. To obtain apache free of charge, go to the apache web site at http://www.Apache.Org . You can build the coldfusion module into your apache web server binary. This method...
Page 43
Chapter 1: installing and configuring coldfusion 21 adding the coldfusion module to apache 1.3.X you can find the coldfusion module in the installation directory (usually /opt ) under the coldfusion/webserver/apache directory. The pre-built module shipped with coldfusion 4.5 is built with apache 1.3...
Page 44
22 administering coldfusion server 4. Run the apxs command to build mod_coldfusion.So by entering the following command: make 5. Run the apxs command to add the module to the apache configuration by entering the following command: make install 6. Restart your apache server by entering the following ...
Page 45
Chapter 1: installing and configuring coldfusion 23 coldfusion runs the following processes on the system: • cfexec — starts/stops the other processes and manages page scheduling • cfserver — the application server process • cfrdsservice — provides system support for the administrator as well as sec...
Page 46
24 administering coldfusion server to install coldfusion on linux: 1. Log in as root . 2. Load the coldfusion cd-rom into your cd drive. 3. Mount the cd-rom on /mnt/cdrom if necessary. 4. Change directories to the cf/linux directory on the cd. 5. Run the coldfusion installation script by entering th...
Page 47
Chapter 1: installing and configuring coldfusion 25 14. Enter the user name under which coldfusion will run or press enter to run under the default user name ( nobody ). Note this user account must be a valid, existing account. 15. If you want to install clustercats at this time, press enter. Otherw...
Page 48
26 administering coldfusion server.
Page 49: Introduction to Coldfusion
C h a p t e r 2 chapter 2 introduction to coldfusion server this chapter provides an overview of coldfusion server and describes how to access the coldfusion administrator pages. Contents • overview of administering coldfusion ......................................................... 28 • summary of...
Page 50
28 administering coldfusion server overview of administering coldfusion the coldfusion administrator is the administrative interface of the coldfusion server. Coldfusion server is the component of the overall coldfusion web application development system that processes coldfusion application pages a...
Page 51
Chapter 2: introduction to coldfusion server 29 initial coldfusion administration tasks immediately after installing coldfusion server, you’ll probably want to perform some of the following configuration tasks: summary of administrative tasks the things you may need to do to set up and run the coldf...
Page 52: The Coldfusion Administrator
30 administering coldfusion server you can learn more about each of these areas of coldfusion administration by referring to the information in the following table: the coldfusion administrator the administrator is a web application you use to configure the coldfusion server and to set various serve...
Page 53
Chapter 2: introduction to coldfusion server 31 the following table describes the purpose of each category in the administrator. Coldfusion administrator options category description server includes options for tuning server performance, as well as: • configuring administrator and coldfusion studio ...
Page 54
32 administering coldfusion server coldfusion services on windows nt by default, coldfusion employs four separate services under windows nt. The following table explains the purpose of each one. You can use the windows nt services control panel to view and manage these and other windows nt services....
Page 55
Chapter 2: introduction to coldfusion server 33 coldfusion processes on solaris coldfusion runs these processes on the system: • cfexec - starts/stops the other processes and manages page scheduling • cfserver - the application server process • cfrdsservice - provides system support for the administ...
Page 56
34 administering coldfusion server windows nt during setup, coldfusion is installed as a series of system services in windows nt. Ordinarily, coldfusion is launched at startup time. To manage how the services are run, use the services control panel in windows nt. To prevent coldfusion from running a...
Page 57
Chapter 2: introduction to coldfusion server 35 when coldfusion is running in windows 95 or 98, two icons appear in the system tray: to halt the coldfusion service or to access the coldfusion administrator, right mouse click the ide service icon. To run coldfusion at startup, place a shortcut for th...
Page 58
36 administering coldfusion server.
Page 59
C h a p t e r 3 chapter 3 configuring coldfusion server this section explains basic coldfusion administration tasks. Contents • the coldfusion administrator ....................................................................... 39 • starting and stopping coldfusion.....................................
Page 60
38 administering coldfusion server • using coldfusion in a distributed configuration......................................... 68.
Page 61: The Coldfusion Administrator
Chapter 3: configuring coldfusion server 39 the coldfusion administrator you use the administrator to perform a variety of administrative tasks for the coldfusion server, such as adding and configuring a data source, or scheduling application page execution, configuring security settings, and so on....
Page 62
40 administering coldfusion server once the administrator page loads, click one of the administrator links to work with a specific area of the administrator. Coldfusion administrator options category description server includes options for tuning server performance, as well as: • configuring adminis...
Page 63
Chapter 3: configuring coldfusion server 41 starting and stopping coldfusion generally speaking, you should always stop and restart coldfusion server after making any changes that affect a data source, connection parameter such as caching, thread count, and so on. Specifically, you stop and restart ...
Page 64: The Server Settings Page
42 administering coldfusion server batch files, as well as other executables, can be scheduled in windows nt. Refer to your windows nt documentation for more information about scheduling, and stopping and starting nt services. Note you must be logged in with administrator rights to execute these bat...
Page 65
Chapter 3: configuring coldfusion server 43 affect server performance. Use the following table to find out about options on the server settings administrator page. When changing values on this page, be sure to stop and restart coldfusion for these options to take affect. For more information on stop...
Page 66: Caching Settings
44 administering coldfusion server caching settings the administrator caching settings page contains several configuration options you can set or enable to cache templates, queries, and data sources. Configuring administrator security coldfusion security options include two levels of security you ca...
Page 67: Managing Client Variables
Chapter 3: configuring coldfusion server 45 • chapter 8, “coldfusion security,” on page 273 — explains the differences between basic and advanced security so you can determine which features best suit your needs. • chapter 9, “configuring basic security,” on page 283 — describes how to configure bas...
Page 68
46 administering coldfusion server increasing maximum registry size (windows nt) windows nt notifies you if your registry data is approaching the limit defined for registry size in the system properties dialog. If you receive this message, you can open the system properties dialog and increase the s...
Page 69
Chapter 3: configuring coldfusion server 47 to increase maximum registry size: 1. Open the system control panel and click the performance tab. 2. In the virtual memory group box, click the change button to open the virtual memory dialog. 3. At the bottom of the dialog, the current registry size is r...
Page 70
48 administering coldfusion server state management and server clustering when using clustercats for coldfusion to cluster web servers, and you want to use client variables, you must use an external repository to store client variables, since the system registry, which is bound to an individual syst...
Page 71
Chapter 3: configuring coldfusion server 49 supports the sql required for the client variable repository. In addition, ole db data sources are not supported for use as a client data source repository. 4. Click create to create the new data source. To enable your client variable data source: 1. Open ...
Page 72
50 administering coldfusion server create client variable data source tables use this option to allow coldfusion to create the tables necessary for client variables when you first configure the data source for this purpose. As you configure other servers in your cluster to use this client variables ...
Page 73
Chapter 3: configuring coldfusion server 51 sample table creation page create table cdata ( cfid char(20), app char(64), data memo ) create unique index id1 on cdata (cfid,app) create table cglobal ( cfid char(20), data memo, lvisit date ) create index id2 on cglobal (cfid) create index id3 on cglob...
Page 74
52 administering coldfusion server for application variables is two days. The default timeout for session variables is 20 minutes. Monitoring coldfusion performance coldfusion provides a set of counters for monitoring the performance of the coldfusion server. This allows you to use the windows nt pe...
Page 75: Locking Variables
Chapter 3: configuring coldfusion server 53 to configure the performance monitor: 1. From the windows start menu, select programs > administrative tools > performance monitor. 2. In the performance monitor, select edit > add to chart or file > open to open an existing chart. In the add to chart dial...
Page 76: Coldfusion Java Settings
54 administering coldfusion server coldfusion java settings the java settings administrator page lets you specify a number of settings that let coldfusion work with java. Java settings setting description java virtual machine path specifies the location of the java virtual machine (jvm). By default,...
Page 77
Chapter 3: configuring coldfusion server 55 coldfusion version information the version info administrator page provides coldfusion server profile information. The values shown correspond to several coldfusion server variables as follows: solaris version information on solaris, these server variables...
Page 78: The Coldfusion Logging Page
56 administering coldfusion server the coldfusion logging page coldfusion generates log files you can use to help monitor coldfusion server activity as well as activity in your coldfusion applications. Coldfusion generates several different log files, most of which are written to \cfusion\log on win...
Page 79
Chapter 3: configuring coldfusion server 57 log slow pages coldfusion allows you to track pages in your applications that take longer than a specified length of time to process. You can specify the amount of time coldfusion allows before writing an entry to the server.Log file. Logging email message...
Page 80: Mapping Directories
58 administering coldfusion server log file format all coldfusion log files share the same comma-delimited format consisting of five separate fields as follows: mapping directories the mappings page in the coldfusion administrator allows you to create logical aliases for physical directories on your...
Page 81: Using The Extensions Pages
Chapter 3: configuring coldfusion server 59 you want to use coldfusion with cgi or if you want to use absolute references to coldfusion pages with the cfinclude tag. For information about using coldfusion with cgi instead of one of the standard web server apis (nsapi, isapi, apache api, or wsapi), s...
Page 82
60 administering coldfusion server to register a cfx tag: 1. Open the cfx tags page in the coldfusion administrator. 2. Enter a name for the cfx tag you are adding. Tag names must be prefixed with cfx_ . 3. Click add to open the new cfx tag page. 4. Enter the path to the library you want to use or b...
Page 83
Chapter 3: configuring coldfusion server 61 to register a java applet: 1. Install the java class files and any other files required for the class. You’ll need to specify the codebase argument when registering the applet, so take note of the installed path. 2. In the coldfusion administrator, open th...
Page 84
62 administering coldfusion server debug settings in the coldfusion administrator coldfusion can provide important debugging information for every application page requested by a browser. When enabled, debugging output is shown in a block following normal page output. Note by default, when you enabl...
Page 85
Chapter 3: configuring coldfusion server 63 note by default, when you enable any of these options, debug output becomes visible to all users. You can, however, restrict debug output to a selected ip address. To restrict debug output to a specific ip number: 1. Enter the ip number you want to receive...
Page 86: Indexing Data With Verity
64 administering coldfusion server indexing data with verity the verity search’97 indexing and searching technology, which has been incorporated into coldfusion, provides a means for creating collections of indexed data optimized for fast retrieval. To use verity searching and indexing technology yo...
Page 87: Verity Supported File Types
Chapter 3: configuring coldfusion server 65 populating a collection once you’ve created a collection, you can populate it with data from text and binary files in a directory you specify. Data from a coldfusion query can only be indexed using the coldfusion cfindex tag in a coldfusion application pag...
Page 88
66 administering coldfusion server to create an index of data from a directory: 1. Create a collection in the administrator. 2. If not already selected in the list of collections, select the collection you want to populate and click index. 3. Edit the list of file extensions, if necessary. 4. Enter ...
Page 89
Chapter 3: configuring coldfusion server 67 when you need to clear a collection of data, use the purge feature to delete the contents of the collection without deleting the collection itself. Caution! A limitation in the verity implementation may cause problems if you repair a verity collection and ...
Page 90
68 administering coldfusion server using coldfusion in a distributed configuration coldfusion 4.5 can be configured in a distributed manner where the coldfusion engine is running on a separate computer from the web server. Running coldfusion in this way might be called distributed or remote coldfusi...
Page 91
Chapter 3: configuring coldfusion server 69 standard, release version of coldfusion 3.1.1 in this manner. To do so, it was necessary to purchase and install special versions of the coldfusion web server plug-in modules on the web server side and a separate listener module on the coldfusion engine si...
Page 92
70 administering coldfusion server here is a sample of the ini file with comments explaining what the various fields do. This sample may be cut and pasted and used as a template to get started. ;------------------------------------------------------------------- ; ; sample ini file for coldfusion re...
Page 93
Chapter 3: configuring coldfusion server 71 encryption = "yes" ; use this to specify the key used to encrypt the data. ; ; valid values: any string of up to 127 ascii chars. ; key = "doglips" ; use this to have this ini file be deleted after it is read at ; startup. (this is a security feature as it...
Page 94
72 administering coldfusion server to install the network listener module as a service: 1. Run the listener with the following special command line argument: cfdist.Exe -sinstall 2. If installation was successful, it should now appear on your services list under the name coldfusion netlistener. If i...
Page 95
Chapter 3: configuring coldfusion server 73 repeating the ps command should now return nothing, indicating the process is now dead. Listener module command line options the network listener module (nlm) executable, cfdist ( cfdist.Exe on windows nt) takes the following command line options at startu...
Page 96
74 administering coldfusion server the program will print out a list of available options along with a brief description of their purpose anytime you enter an unknown option at the command line. Using the ini file to specify startup options it is also possible to specify startup options for the list...
Page 97
Chapter 3: configuring coldfusion server 75 ; ; valid values: yes, no. ; delete = "no" ; use this to write a message to the coldfusion "remote.Log" confirming that ; remoting is active and what startup parameters (except the encryption ; key) were used. ; ; valid values: yes, no. ; message = "yes" ;...
Page 98
76 administering coldfusion server.
Page 99: Managing Data Sources
C h a p t e r 4 chapter 4 managing data sources coldfusion facilitates the delivery of dynamic database content to the web in a very short time-frame before you can use a database in a coldfusion application, you must register data source in the coldfusion administrator. This chapter is organized by...
Page 100
78 administering coldfusion server about coldfusion data sources for coldfusion developers, the term "data source" can refer to a number of different types of structured content accessible locally or across a network. You can query web sites, ldap servers, pop mail servers, and documents in a variet...
Page 101: Supported Databases
Chapter 4: managing data sources 79 supported databases coldfusion uses odbc, ole db, and native database drivers to interact with data sources. However, not all coldfusion server editions support all database types. The following table shows database drivers available for each coldfusion 4.5 editio...
Page 102: Choosing The Right Drivers
80 administering coldfusion server where to go from here to use an existing database with your coldfusion applications, you need to register or create the data source using the coldfusion administrator. If you are using informix, db2, oracle, or sybase database, and want to take advantage of the col...
Page 103
Chapter 4: managing data sources 81 documentation, including help files that might have been copied to your system when you installed odbc drivers. If you are running coldfusion server on a unix machine, refer to the merant odbc documentation, which is distributed with coldfusion as an acrobat file....
Page 104
82 administering coldfusion server ole db drivers coldfusion developers can now access a range of new data stores through microsoft ole db, including: • mapi-based data stores such as microsoft exchange and lotus mail • non-relational data stores, such as lotus notes • ldap 2.0 data • data from ole ...
Page 105
Chapter 4: managing data sources 83 to add a data source to coldfusion 1. Open the coldfusion administrator. You see the server settings page of the coldfusion administrator. 2. Under data sources, click the link that specifies the type of data source you want to add: • odbc • native drivers • ole d...
Page 106
84 administering coldfusion server coldfusion/bin . For detailed information about editing the coldfusion start script for your particular database, see the section about your database in this chapter. Coldfusion settings to define a number of advanced odbc and coldfusion options, select a data sour...
Page 107
Chapter 4: managing data sources 85 verifying coldfusion data sources the coldfusion administrator includes a facility for verifying data sources configured for coldfusion, that is, making sure that a data source has been correctly configured and is available to your coldfusion application pages. No...
Page 108
86 administering coldfusion server to verify a coldfusion data source: 1. Open the coldfusion administrator 2. Under data sources, select verify data sources. You see a list of all the coldfusion data sources on the server. 3. To verify all the data sources listed on the page, click verify all. The ...
Page 109
Chapter 4: managing data sources 87 connecting to microsoft sql server databases coldfusion lets you access sql server databases from both windows nt and unix, via odbc and ole db drivers. Configuring microsoft sql server options (windows) if coldfusion server is installed on a windows nt server, yo...
Page 110
88 administering coldfusion server configuring microsoft sql server options (unix) if coldfusion server is installed on a solaris server, you can configure microsoft sql server as a coldfusion data source using an odbc driver. Odbc: merant ms sql server options for (solaris) the following table desc...
Page 111
Chapter 4: managing data sources 89 connecting to visual foxpro databases coldfusion lets you access microsoft visual foxpro databases from windows, via odbc drivers. Configuring visual foxpro options (windows) if coldfusion server is installed on a windows server, you can configure visual foxpro as...
Page 112
90 administering coldfusion server connecting to openingress databases coldfusion lets you access computer associates openingress databases from unix, via odbc drivers. Configuring openingress options (unix) if coldfusion server is installed on a solaris server, you can configure openingress as a co...
Page 113
Chapter 4: managing data sources 91 odbc: merant openingress 1.X/2.X options (solaris) the following table describes coldfusion odbc options for openingress data sources. You set these options when you configure a coldfusion data source. See “adding data sources for coldfusion” on page 82 for more i...
Page 114
92 administering coldfusion server connecting to dbase databases coldfusion lets you access dbase databases from both windows nt and unix, via odbc drivers. Configuring dbase options (windows) if coldfusion server is installed on a windows nt server, you can configure microsoft sql server as a coldf...
Page 115
Chapter 4: managing data sources 93 odbc: microsoft dbase and foxpro driver options (windows) the following table describes coldfusion odbc options for dbase data sources. You set these options when you configure a coldfusion data source. See “adding data sources for coldfusion” on page 82 for more ...
Page 116
94 administering coldfusion server connecting to microsoft access databases coldfusion lets you access microsoft access databases windows nt, via odbc and ole db drivers. Configuring microsoft access options (windows) if coldfusion server is installed on a windows nt server, you can configure micros...
Page 117
Chapter 4: managing data sources 95 odbc: microsoft access options (windows) the following table describes coldfusion odbc options for microsoft access data sources. You set these options when you configure a coldfusion data source. See “adding data sources for coldfusion” on page 82 for more inform...
Page 118
96 administering coldfusion server • cycle the coldfusion services each night using the \cfusion\bin\cycle.Bat file. Connecting to microsoft excel databases coldfusion lets you access microsoft access databases windows nt, via odbc and ole db drivers. Configuring microsoft excel options (windows) if...
Page 119
Chapter 4: managing data sources 97 connecting to ascii text databases coldfusion lets you access ascii text databases on both windows nt and unix, via odbc drivers. Configuring microsoft text options (windows) if coldfusion server is installed on a windows nt server, you can configure ascii text fi...
Page 120
98 administering coldfusion server connecting to oracle 7.3/8.0 databases you can configure oracle 7.3/8.0 coldfusion data sources for both windows nt and unix using odbc and native drivers. Configuring oracle 7.3/8.0 options (windows) if coldfusion server enterprise edition is installed on a window...
Page 121
Chapter 4: managing data sources 99 native drivers: oracle 7.3 and 8.0 options (unix) the following table describes coldfusion native driver options for oracle 7.3 and 8.0 native driver data sources on either windows nt or unix. Odbc drivers: merant oracle 7 and oracle 8 options (unix) the following...
Page 122
100 administering coldfusion server you’ll need to modify the /opt/coldfusion/bin/start script to include the oracle_home environment variable and add the $oracle_home/lib directory to the ld_library_path . See “the /opt/coldfusion/bin/start script” on page 100 for an example. • make sure you can co...
Page 123
Chapter 4: managing data sources 101 # # example: ld_library_path=$oracle_home/lib:$sybase/lib:/usr/dt/lib:/lib:/usr/ openwin/lib:$cfhome/lib # this is the list of variables that coldfusion will see # add any special database environment varaibles here var_list="ld_library_path cfhome sybase oracle_...
Page 124
102 administering coldfusion server to build a version of libclntsh.So for oracle 8.0.X: 1. From the shell, set oracle_home, cfhome, and ld_library_path as set in the start script. Oracle_home should be set to the location of the oracle client libraries. Cfhome should be set to the location of your ...
Page 125
Chapter 4: managing data sources 103 • if you do not have a copy in winnt\system32 , search your hard drive for the file. If you find a copy anywhere other than orant\bin or cfusion\bin rename the file then restart coldfusion services. Configuring the oracle 8 client (windows, unix) this section inc...
Page 126
104 administering coldfusion server 3. In the resulting dialog, select tcp/ip as the networking protocol to connect with and use the oracle 8 database you want to use in your coldfusion application. 4. In the dialog that appears, you now need to enter the host name of the server where the oracle 8 d...
Page 127
Chapter 4: managing data sources 105 creating the data source in coldfusion: 1. Open the coldfusion administrator to the data sources, native drivers page. 2. Enter a data source name and select the oracle 8 native driver from the drop down list. 3. When you click add, coldfusion opens the configura...
Page 128
106 administering coldfusion server native driver: db2 universal database 5.2/6.1 options (solaris, linux) coldfusion native drivers are the same for both windows nt and unix. To see coldfusion options for the db2 universal database 5.2/6.1 native driver, see the table in “native driver: db2 univers...
Page 129
Chapter 4: managing data sources 107 installing and configuring db2 client enabler (unix) before you can create a coldfusion data source with the db2 native driver, you must install the db2 version 5.2 client enabler software and create an instance. The client software can be found on the db2 versio...
Page 130
108 administering coldfusion server ( database_alias ) the same as the database name ( database_name ). The information in the database directory, along with the information in the node directory, is used on the client to establish a connection to the remote database. You must add an entry to the cl...
Page 131
Chapter 4: managing data sources 109 data source settings for the coldfusion db2 native driver the data source setting for the native driver need to point to the database name, and include a valid db2 login name and password. The catalog procedures described above make the connection through the db2...
Page 132
110 administering coldfusion server 2. Compile and link the .C file generated in step 1. At this point the .C file needs to be precompiled and this process will explode the source into the appropriate c code. Compile the c file and link to get .Dll 3. Place the library file (.Dll) generated in step ...
Page 133
Chapter 4: managing data sources 111 connecting to informix data sources connections to informix databases are supported through odbc on both windows and unix operating systems. On windows, coldfusion uses native drivers and on unix, coldfusion uses both native and odbc drivers to connect to informi...
Page 134
112 administering coldfusion server configuring informix options (unix) if coldfusion server is installed on a unix server, you can configure informix coldfusion data sources using either native or odbc drivers. Native driver: informix 7.3 (unix) coldfusion native drivers are the same for both windo...
Page 135
Chapter 4: managing data sources 113 connecting to informix data sources (unix) before you can connect to an informix data source through coldfusion, you must perform the following tasks: 1. Install the informix esql.C9.13 client software. 2. Edit the following files: coldfusion start script, sqlhos...
Page 136
114 administering coldfusion server • nettype determines what kind of network protocol to connect with. • hostname is the hostname of the server where the database is, you can put the ip address or hostname • service name is the entry in the /etc/services or master nis services file for the port tha...
Page 137
Chapter 4: managing data sources 115 modifying the services file entry after the installation is complete you will need to modify your workstations’ services file located in the \winnt\system32\drivers\etc\ folder for windows nt and \windows\system\ for windows 95/98. This entry is needed for the cl...
Page 138
116 administering coldfusion server 2. Select the system dsn tab and click the add button. 3. From the list of installed drivers, choose informix-cli 2.5 (32 bit). 4. Fill out the odbc informix 7.2 driver setup dialog box as follows: data source name: inf_ol7 description: demo data database name: st...
Page 139
Chapter 4: managing data sources 117 to change the windows nt account coldfusion uses: 1. Using the services control panel, highlight the allaire coldfusion 4.0 service and click startup. Make sure to choose a user name from the user list rather then typing it. 2. Reenter the password and change pas...
Page 140
118 administering coldfusion server coldfusion data source. See “adding data sources for coldfusion” on page 82 for more information about adding data sources to coldfusion. Configuring sybase system 11 options (unix) if coldfusion server enterprise edition is installed on a unix server, you can con...
Page 141
Chapter 4: managing data sources 119 tips for connecting to sybase system 11 (unix) keep the following in mind when you create sybase coldfusion data sources: • you can set up the sybase data source using the coldfusion administrator data sources page. • you will need sybase open client version 11.1...
Page 142
120 administering coldfusion server script is pointing to the sybase client directory and not the sybase server directory. Both of these directories contain an interfaces file. When you’ve completed all the steps in this section, you will need to stop and restart coldfusion services to reload the od...
Page 143
Chapter 4: managing data sources 121 you need to create the newtable data source in the coldfusion administrator, specifying the merant dbase/foxpro odbc driver. If you don’t create the data source, you’ll receive an error when you try to execute this page. This example generates the following table...
Page 144
122 administering coldfusion server insert into beans1 values ( 2, ’sumatra’, ’21’, {ts ’1999-08-01 00:00:00.000000’}, ’complex flavor, medium-bodied’) insert into beans1 values ( 3, ’colombia’, ’89’, {ts ’1999-08-01 00:00:00.000000’}, ’deep rich, high-altitude flavor’) insert into beans1 values ( 4...
Page 145: Scheduling and Static Page
C h a p t e r 5 chapter 5 scheduling and static page generation this chapter explains how you can use coldfusion to perform scheduled processes and to generate static pages. Often the two are combined to allow the periodic regeneration of data that doesn’t need to be available dynamically to a coldf...
Page 146
124 administering coldfusion server about scheduling coldfusion pages the coldfusion administrator includes a scheduling facility that allows you to schedule the execution of coldfusion pages and to generate static html pages. The scheduling facility can be very useful for applications that do not r...
Page 147
Chapter 5: scheduling and static page generation 125 specifying the interval for a scheduled task often, you’ll want to schedule a page to run at a regular interval for a fixed period of time. For example, to generate an employee list, it’s not usually necessary to generate the list dynamically. Ins...
Page 148
126 administering coldfusion server specifying the page to execute when you schedule a coldfusion page to execute, the page can be local or remote. With the proper access rights, you can schedule a page on a remote server by specifying the server name in the url field. Specify the application page t...
Page 149: Logging Scheduled Events
Chapter 5: scheduling and static page generation 127 to change the interval coldfusion checks for newly scheduled tasks, enter an interval value, in minutes. After changing the scheduler refresh interval, make sure you stop and restart the coldfusion executive and coldfusion application server servi...
Page 150
128 administering coldfusion server.
Page 151: Creating Scalable and Highly
C h a p t e r 6 chapter 6 creating scalable and highly available web sites this chapter describes the concepts involved in achieving scalable and highly available coldfusion web applications. The latter half describes coldfusion’s built- in clustering technology, clustercats, which provides intellig...
Page 152: What Is Scalability?
130 administering coldfusion server what is scalability? As an administrator, it’s likely that you often hear about the importance of having web servers that scale well, but what exactly is scalability? Simply, scalability is a web server’s ability to maintain a site’s availability, reliability, and...
Page 153
Chapter 6: creating scalable and highly available web sites 131 coldfusion ensures that your web applications perform well by including many performance-friendly features out of the box, including: • just-in-time compiling and client-side caching coldfusion automatically compiles pages the first tim...
Page 154
132 administering coldfusion server operating system to manage the additional processor and is not available to help scale the application servers. It is important to note that application servers can only hope to scale relative to resources when the resource changes affect the constraining resource...
Page 155
Chapter 6: creating scalable and highly available web sites 133 dependencies between related but heterogeneous technologies. This section describes some of the major issues affecting successful scalability implementations. Note although your immediate role and responsibilities as an administrator ma...
Page 156
134 administering coldfusion server the user always returns to the same server for the life of the session. Clustercats for coldfusion automatically handles this for you. Another approach to solving the same problem is to store client variables in a back- end common state repository. This approach e...
Page 157
Chapter 6: creating scalable and highly available web sites 135 how an application manages multiple concurrent user requests when accessing the same database records. If an application does not impose any database locking mechanism on multiple requests to update the same record, data integrity can b...
Page 158
136 administering coldfusion server powerful client-side processing available via your browser. Some of these technologies include java script, applets, dynamic html, and coldfusion’s wddx components (for client-side form validation, for example). Well planned use of these client technologies can re...
Page 159
Chapter 6: creating scalable and highly available web sites 137 avoiding common bottlenecks in addition to application design and construction considerations, you must also plan accordingly to avoid common bottlenecks that can negatively affect a web application’s performance. Following are typical ...
Page 160
138 administering coldfusion server reside on the database server. In short, tune your databases and queries for maximum efficiency. Dns effects on web site performance and availability improper domain name system (dns) setup and configuration on web servers is one of the most common problems admini...
Page 161
Chapter 6: creating scalable and highly available web sites 139 server in a rote, sequential distribution manner. However, if a spike in user activity occurs and causes servers to overload or fail, round-robin dns will keep distributing the requests among all of the servers, even if some of them are...
Page 162
140 administering coldfusion server the following figure illustrates these concepts. Dns servers store information about the domain name space and are referred to as name servers. Name servers typically have one or more zones for which they are responsible. The name server has authority for those zo...
Page 163
Chapter 6: creating scalable and highly available web sites 141 server named fred.Yourcompany.Com, you could assign it an alias of www1.Yourcompany.Com so that users never see fred.Yourcompany.Com in the event of a server redirection. To see how all of these records work together, let’s look at a si...
Page 164
142 administering coldfusion server • derfler, frank and steve rigney. “tcp/ip, a survival guide for users.” new york, new york: a division of henry holt and company, inc.: mis press, inc., 1998. Isbn #: 1-55828-5644. Available at your local computer book store. Also see http://www.Mispress.Com. See...
Page 165
Chapter 6: creating scalable and highly available web sites 143 important to verify that your load testing tool can handle http redirections properly before you initiate load testing. How to load test your web applications one of the first things you need to do to be able to load test is purchase a ...
Page 166
144 administering coldfusion server servers, you can’t anticipate problems nor determine why they occur. The number of possibilities would be too large. • minimize distributed environment load testing load testing in a distributed environment can be problematic if the network on which you are perfor...
Page 167
Chapter 6: creating scalable and highly available web sites 145 availability & reliability in the simplest of terms, availability and reliability means you can access your web site whenever you request it by entering the site’s url in your browser and all of its features work as intended. Thus, avai...
Page 168
146 administering coldfusion server support as a competitive service differentiator will typically specify in written service- level agreements (sla) a percentage of time that they guarantee a web site will be available. If the isp has a sound scalability and failover strategy in place, this figure ...
Page 169
Chapter 6: creating scalable and highly available web sites 147 • advanced personalization and membership capabilities to provide a customized experience and superior authentication • ad management features to generate additional revenues and enrich partner relationships • ordering and payment featu...
Page 170
148 administering coldfusion server hardware planning as illustrated in the availability example above, it’s important to acquire all of the necessary hardware and configure it before you deploy the application. All web sites have different requirements, feature sets, purposes, audiences, and budget...
Page 171
Chapter 6: creating scalable and highly available web sites 149 availability and its service levels. These monitoring programs must not only be able to detect problems, but they must also be able to route alerts to the correct administrators for immediate notification of problems. Corrective actions...
Page 172
150 administering coldfusion server clustering for scalability works by distributing load among each server in the cluster (load balancing) using either an unintelligent-but-regular distribution sequence (round-robin dns and routers) or a predefined threshold or algorithm that you specify and can ad...
Page 173
Chapter 6: creating scalable and highly available web sites 151 selecting the best server to accommodate the traffic. This process is fast and efficient. The router device in conjunction with the web servers comprise what is known as a virtual server. Routers are considered semi-intelligent devices ...
Page 174
152 administering coldfusion server • semi-intelligent routers can load balance in a round-robin fashion, and some can detect failures and automatically redirect traffic and remove failed servers from a cluster. Note not all routers have the same features or offer the same capabilities. Consideratio...
Page 175
Chapter 6: creating scalable and highly available web sites 153 backup clustering, in which two cloned systems provide redundancy for one another. This type of clustering does not provide any parallel server load balancing. Additionally, cluster server has some limitations. Its shortcomings include ...
Page 176
154 administering coldfusion server • no single point of failure by distributing the load balancing and failover capabilities among multiple servers in a cluster, as opposed to relying on only a single device, no individual server failure will disable your application. Considerations consider the fo...
Page 177
Chapter 6: creating scalable and highly available web sites 155 introducing clustercats for coldfusion clustercats for coldfusion is a web server clustering technology that provides load balancing and failover services that assure high availability for your web server and coldfusion server (cfs). Cl...
Page 178
156 administering coldfusion server provides another level of coldfusion-specific load balancing by actively monitoring the coldfusion server for failures via application probes that you create to periodically test a coldfusion url on your site. If the probe’s validation test fails, it restricts the...
Page 179
Chapter 6: creating scalable and highly available web sites 157 • load threshold configuration clustercats lets you configure maximum and gradual redirection thresholds for each server in a cluster. The maximum threshold indicates the point at which the server cannot handle any additional load. To p...
Page 180
158 administering coldfusion server if a server within a cluster fails or becomes unavailable and is no longer transmitting an ip signal, another available server in the cluster will automatically assume the ip address of the failed server. Subsequent http requests that are bound for the downed serv...
Page 181
Chapter 6: creating scalable and highly available web sites 159 clustercats explorer clustercats explorer is a windows-based administration utility that you use to create and manage clustercats clusters. Using a windows explorer-like graphical interface, you configure, view, monitor, and perform oth...
Page 182
160 administering coldfusion server • left pane — contains views of cluster objects. • right pane — contains the view folder and files for the object currently selected in the left pane. Clustercats server administrator the clustercats server administrator is a graphical, windows-based utility that ...
Page 183: Before You Install
Chapter 6: creating scalable and highly available web sites 161 note the clustercats server administrator is installed on each windows nt server you cluster. If your servers are unix servers, use the btadmin utility to perform the aforementioned server administration activities. See “btadmin utility...
Page 184
162 administering coldfusion server windows nt system requirements for clustercats server • intel pentium 200 mhz or greater cpu • 100 mb of free disk space • 128 mb of ram • windows nt operating system v4.0 or greater • windows nt service pack 4 or greater • internet information server v4.0 or grea...
Page 185
Chapter 6: creating scalable and highly available web sites 163 clustercats explorer system requirements you can install the clustercats explorer component on a computer separate from the cluster so that you can administer the cluster from a central location, but you don’t have to. However, if you d...
Page 186
164 administering coldfusion server note this section assumes that your primary dns server is already set up correctly. If it is not, consult a dns configuration book or a dns consultant to help prepare your dns server. We recommend that you do not use a hosts file in a production environment, as it...
Page 187
Chapter 6: creating scalable and highly available web sites 165 resolve the name-to-ip mapping before the browser can send a request to the appropriate web server. To summarize, primary and local dns servers work together to resolve name-to-ip address mappings in the following way. 1. A user enters ...
Page 188
166 administering coldfusion server configuring dns records on your primary dns server you must configure dns so that both the forward and reverse lookup translation entries are entered and registered correctly with your primary dns server. To accomplish this, you must define required dns records (a...
Page 189
Chapter 6: creating scalable and highly available web sites 167 note when using round-robin dns, do not define a reverse mapping (ptr record) for the site name (www.Company.Com); the cluster will not operate properly if you do. Only define forward mappings (a records) for www.Company.Com. However, d...
Page 190
168 administering coldfusion server the dns manager utility appears. 2. Right-click the zone created for your site and choose new host. The new host dialog box appears. 3. Enter www in the host name field and enter the ip address of a server that will host the site in the host ip address field. Note...
Page 191
Chapter 6: creating scalable and highly available web sites 169 your entries should look similar to the following entries when you’re done. 7. Right-click the zone for your web site again and select new record. The new resource record dialog box appears..
Page 192
170 administering coldfusion server 8. Ensure that the a record record type is selected from the record type list box. Note clustercats requires that the explicit servers you use to host your web site have associated a records defined for them in dns, not cname records. A records correlate to addres...
Page 193
Chapter 6: creating scalable and highly available web sites 171 to configure dns records on your unix-based dns server see the operating system documentation that came with your unix server for specific procedures about how to define dns records on your unix-based dns server. Configure your web serv...
Page 194
172 administering coldfusion server in order for clustercats to perform dynamic addressing, your web server must have a specific network name and ip address configured for it. Additionally, it must reference a valid local dns server so that it can properly translate names to correct ip addresses. Th...
Page 195
Chapter 6: creating scalable and highly available web sites 173 6. Enter the name of the server that is hosting the web application in the host name field. 7. Enter the domain name (yourcompany.Com) in the domain name field. 8. In the dns service search order area, click add to enter the ip addresse...
Page 196
174 administering coldfusion server this section describes the following topics: • the clustercats offline maintenance mode defined • understanding static and dynamic ip address configurations • configuring offline maintenance support (windows nt only) the clustercats offline maintenance mode define...
Page 197
Chapter 6: creating scalable and highly available web sites 175 the network icon in the control panel). Typically, you or someone else added the web site ip addresses to the server’s ip stack before installing clustercats and creating clusters. You now need to manually remove those ip addresses so t...
Page 198
176 administering coldfusion server.
Page 199
Chapter 6: creating scalable and highly available web sites 177 see the next section for step-by-step procedures about how to perform these required ip configurations for using the clustercats offline maintenance support feature. Configuring offline maintenance support (windows nt only) configuring ...
Page 200
178 administering coldfusion server 5. Choose the specify an ip address option. 6. Enter an ip address for the server in the ip address field along with the corresponding subnet mask and default gateway. See your network administrator if you don’t know this information. 7. Click ok. 8. Verify that y...
Page 201
Chapter 6: creating scalable and highly available web sites 179 if you do not want to remove the ip addresses of the web sites that reside on the web server from your nic, clustercats will still function properly but you will not be able to take advantage of the offline capabilities. Removing web si...
Page 202
180 administering coldfusion server 4. In the ip address section, select the web site addresses that you want to remove from the nic and click remove. If there are no ip addresses, then they were not bound to the nic or they were already removed. 5. Click ok in all open dialog boxes to apply your co...
Page 203
Chapter 6: creating scalable and highly available web sites 181 2. Locate the web server and expand its tree structure. 3. Right-click the web site for which you want to configure the ip address and choose properties. The web site properties dialog box appears..
Page 204
182 administering coldfusion server 4. Enter the web site’s ip address in the ip address field. You must manually enter the address because it won’t appear in the drop-down list at this time. Clustercats will dynamically add the address to the ip stack once you create the cluster. 5. Click ok on all...
Page 205
Chapter 6: creating scalable and highly available web sites 183 3. Click the dns tab..
Page 206
184 administering coldfusion server 4. Verify that the name that appears in the host name field is the name assigned to the server (www1) and not the name of your web site (most likely, www.). If the names are the same (www.), change one. Typically, it’s easier to change the server’s host name so th...
Page 207: Installing Clustercats
Chapter 6: creating scalable and highly available web sites 185 as you can see, this scenario involves company abc, which has an east coast and a west coast group of servers connected to the internet via several firewalls. The clustercats explorer resides at the corporate headquarters behind a firew...
Page 208
186 administering coldfusion server 3. Enter the path location for where the coldfusion setup.Exe resides or click browse to drill down to it. 4. Click ok. The coldfusion v4.5 setup program starts and displays the coldfusion setup welcome page. 5. Click next in the welcome and software license agree...
Page 209
Chapter 6: creating scalable and highly available web sites 187 note you’ll find your coldfusion serial number on the product box. The choose destination directory dialog box appears next. 7. Accept or change the default destination folder and click next. The select web server dialog box appears. If...
Page 210
188 administering coldfusion server 9. Either accept the web server’s default document directory or enter a different location for the default directory and click next. Note coldfusion documentation and example code are installed in a subdirectory below the web server’s document directory. The selec...
Page 211
Chapter 6: creating scalable and highly available web sites 189 11. Leave the yes option selected if you want clustercats to provide transparent failover support for your clusters and click next. This option ensures that the server is able to assume both the ip address of a failed server and any htt...
Page 212
190 administering coldfusion server 9. Press enter to have the installation program automatically configure the web server. The program loads the necessary plug-in for netscape or module for apache 1.3.X web servers. 10. When prompted with whether or not to install clustercats, press enter to do so....
Page 213
Chapter 6: creating scalable and highly available web sites 191 note this procedure assumes you have already installed coldfusion server and now want to install clustercats. If you need to install coldfusion on linux first before installing clustercats, see “installing coldfusion on linux” on page 2...
Page 214: Creating Clusters
192 administering coldfusion server creating clusters if you’ve performed the tasks described in “before you install” on page 161 and you’ve successfully installed clustercats, you’re ready to begin creating your server clusters. This section explains: • creating clusters with the cluster setup wiza...
Page 215
Chapter 6: creating scalable and highly available web sites 193 2. Choose cluster setup wizard from the configure menu. Alternatively, you can click the cluster setup wizard icon that appears in the tool bar. The create new cluster dialog box appears. 3. Enter a name for your cluster and gocoldfusio...
Page 216
194 administering coldfusion server tip make your cluster names logically consistent with their purpose. For example, sales web, customer support web, and so on. Also, the license key field is case-sensitive, so enter the key exactly as shown in step 3. The list of web servers dialog box appears. 4....
Page 217
Chapter 6: creating scalable and highly available web sites 195 note offline maintenance support is only available on nt server clusters. You can only set the maintenance support option when creating a cluster or adding a cluster member to a cluster. You cannot configure or modify this option after ...
Page 218
196 administering coldfusion server 12. Enter new numerical values (not higher than 100%) in the peak and gradual redirect fields and click ok. Be sure to keep your peak threshold below 100% to accommodate coldfusion’s processing needs. Set your gradual redirection threshold to be 10% – 30% lower th...
Page 219
Chapter 6: creating scalable and highly available web sites 197 16. Click an alert event and enter the e-mail address of the recipient. If you want the same person to receive the majority of alerts, click propagate to automatically fill each event’s recipient column with the same e-mail address. You...
Page 220
198 administering coldfusion server 18. If you are using a hardware-based load balancing device in addition to clustercats to manage and distribute load, enter the name of the web site that this device supports (for example, www.Yourcompany.Com) and click next. 19. Click finish. Clustercats creates ...
Page 221
Chapter 6: creating scalable and highly available web sites 199 congratulations — y ou’ve just created your cluster, added servers to it, and configured each server with load balancing and high availability capabilities using the wizard. See “configuring cluster administration security” on page 218 ...
Page 222
200 administering coldfusion server 3. Enter a unique name for the cluster in the cluster name field and enter gocoldfusion in the license key field. Tip make your cluster names logically consistent with their purpose. For example, sales web, customer support web, and so on. Also, the license key fi...
Page 223
Chapter 6: creating scalable and highly available web sites 201 your cluster appears below the cluster manager icon in the clustercats explorer left pane. To manually add additional cluster members to it, see “adding and deleting cluster members” on page 201. Adding and deleting cluster members you ...
Page 224
202 administering coldfusion server 3. In the web server name field, enter the fully qualified tcp/ip host name of the web server (for example, doc.Allaire.Com). 4. If you are not configuring this web server for offline maintenance support, go to step 7. However, if you already configured this web s...
Page 225
Chapter 6: creating scalable and highly available web sites 203 deleting a cluster to delete an entire cluster, individually delete each member from the cluster using the procedure above. When the last cluster member has been removed, the cluster itself is deleted. Note you must delete the admin man...
Page 226
204 administering coldfusion server configuring peak and gradual redirection load thresholds for each cluster member, you configure a peak load threshold and a gradual redirection threshold. The peak load threshold represents the maximum load the server can handle before its performance degrades sig...
Page 227
Chapter 6: creating scalable and highly available web sites 205 4. Enter a new numeric value (less than 100%) in the peak load field. 5. Enable the gradual redirection checkbox and enter a new numeric value in the gradual redirection field. If you want the server to be able to handle as much load as...
Page 228
206 administering coldfusion server the load monitor shows three lines: • top line (red): peak load threshold • middle line (yellow): gradual redirection threshold • bottom line (green): coldfusion server load adjusting load threshold settings graphically you can view and set threshold settings rela...
Page 229
Chapter 6: creating scalable and highly available web sites 207 2. Use your mouse to drag the peak load threshold line (red) up or down to reset the server’s peak load threshold. As you move the line, the load threshold percentage changes. 3. Enable gradual redirection by selecting the gradual redir...
Page 230
208 administering coldfusion server note session-aware load balancing may not work if you’ve used absolute hyperlinks in an application page. Absolute hyperlinks route the http request back to the cluster entry point and redirect according to the current load threshold without regard to the state of...
Page 231
Chapter 6: creating scalable and highly available web sites 209 the probe is a high availability feature that verifies that the coldfusion server is running properly on your clustered servers. It periodically tests a specific coldfusion url over periodic intervals and verifies its validity against a...
Page 232
210 administering coldfusion server 3. Enter a name you want to assign to this probe’s monitor in the name field on the new monitor dialog box and click ok. 4. Click the new probe button on the probe properties dialog box. The new probe dialog box appears. 5. Click ok. The coldfusion application pro...
Page 233
Chapter 6: creating scalable and highly available web sites 211 9. If you want longer intervals for how often the probe checks the coldfusion server and for how much time can pass without a response from the coldfusion server before a failure is registered, change the timeout and frequency values to...
Page 234
212 administering coldfusion server combining clustercats and localdirector provides a powerful coldfusion-aware load balancing solution that localdirector cannot provide without clustercats. Localdirector by itself cannot accurately detect how busy a coldfusion server is nor can it redirect load fr...
Page 235
Chapter 6: creating scalable and highly available web sites 213 7. Choose properties from the cluster menu or choose administration from the configure menu. Both menu selections display the properties dialog box. The properties dialog box appears. 8. Select the load balance tab and choose cisco loca...
Page 236
214 administering coldfusion server 9. Enter the name of the virtual server (www.Website.Com) you created in step 2 in the website alias field. 10. Enter the ip address of the localdirector box in the localdirector ip address field. 11. Enter the port number on which each cluster member’s agents sho...
Page 237
Chapter 6: creating scalable and highly available web sites 215 the bright tiger selection that appears in the load balancing product drop-down list indicates that clustercats will actively load balance http traffic across the cluster rather than the third-party device or software. 4. Enter the name...
Page 238
216 administering coldfusion server to configure an alarm notification 1. Open the clustercats explorer and select the cluster to which you want to add an alarm. 2. Choose alarm notification from the configure menu. Alternatively, you can right- click the cluster and select configure > alarm notific...
Page 239
Chapter 6: creating scalable and highly available web sites 217 configuring administration e-mail support the clustercats administration e-mail support feature sends vital statistics about your cluster to designated e-mail accounts in your organization. You can set up the following types of administ...
Page 240
218 administering coldfusion server 3. Enter the name of the server through which outgoing e-mail will be sent in the smtp gateway field. 4. Enter in the support e-mail field the e-mail address of the person at your organization that should receive a copy of the e-mail that is sent nightly to allair...
Page 241
Chapter 6: creating scalable and highly available web sites 219 you may want to use this security setting if your organization is fairly large and contains many distributed administrator groups that need to access your server clusters. To use this setting, you must define your global administrators’...
Page 242
220 administering coldfusion server 4. Within the authentication area, select local user from the mode drop-down box. 5. Enter a user name and password defined for a valid account and click ok. Note clustercats requires you to enter a valid user name and password after selecting the type of authenti...
Page 243
Chapter 6: creating scalable and highly available web sites 221 clustercats explorer determines what servers exist in which nt domain by communicating with any windows nt domain controller for the domain. The list of servers that exist in the windows nt domain can be viewed by looking at the network...
Page 244
222 administering coldfusion server 10. Within the authentication area, select nt domain from the mode drop-down box. 11. Enter a valid user name and password that participates in the domain and click ok. Note clustercats requires you to enter a valid user name and password after selecting the type ...
Page 245
Chapter 6: creating scalable and highly available web sites 223 2. Choose administration from the configure menu or choose properties from the cluster menu. Both menu selections display the properties dialog box. Alternatively, you can right-click the cluster and select configure>administration. The...
Page 246
224 administering coldfusion server changing a server’s state all cluster members are added to a cluster in active state by default. In active state, clustercats provides availability and failover services to your web resources. From time to time, you may want to turn off these load balancing and fa...
Page 247
Chapter 6: creating scalable and highly available web sites 225 software updates, verifying load configurations, or as an alternative method to managing load. To restrict a cluster member from participating in a cluster: 1. Open the clustercats explorer, select a cluster member, and choose state fro...
Page 248
226 administering coldfusion server • reset a clustered server’s configuration to its pre-clustered state • access a server remotely even if the web server on the machine is unavailable • remove a server from an active cluster gracefully so that you can perform necessary updates or maintenance tasks...
Page 249
Chapter 6: creating scalable and highly available web sites 227 6. Click the bt service status button to display the manage clustercats services dialog box. 7. Stop the clustercats service by selecting the stopped option and enter 10 minutes in the drain down period field to allow current users to c...
Page 250
228 administering coldfusion server 8. Click ok. When the drain-down period expires, the server will fail over to another server in the cluster. You can now update the server with new software or content or troubleshoot problems the server was experiencing. The next section describes how to perform ...
Page 251
Chapter 6: creating scalable and highly available web sites 229 this will add the cluster member back into the cluster. 6. To initially limit the amount of http traffic sent to the server, return to the clustercats explorer and reconfigure the cluster member’s peak load threshold to a low value, lik...
Page 252
230 administering coldfusion server 9. Observe your cluster member at low usage levels until you are satisfied that your new changes are working properly. 10. When you are certain that the updates you made have not adversely affected the server’s operation, set the peak and gradual redirection load ...
Page 253
Chapter 6: creating scalable and highly available web sites 231 a message appears confirming that the server has been reset. 3. Exit the clustercats server administrator. 4. Return to the computer from which you run the clustercats explorer. 5. Use the clustercats explorer to recreate a cluster that...
Page 254
232 administering coldfusion server • configuring the communications port on your web server • opening the web explorer • creating clusters • adding cluster members • deleting cluster members • configuring server load thresholds • configuring the coldfusion probe • configuring session-aware load bal...
Page 255
Chapter 6: creating scalable and highly available web sites 233 3. Enter your user name and password in the appropriate fields and click ok. Note the default user name and password is admin . The clustercats web explorer opens. Creating clusters 1. From within the open web explorer, click the create...
Page 256
234 administering coldfusion server 2. Enter a unique name for the cluster in the cluster name field. Tip make your cluster names logically consistent with their purpose. For example, sales web, customer support web, and so on. 3. Enter the fully qualified host name (for example, doc.Allaire.Com) in...
Page 257
Chapter 6: creating scalable and highly available web sites 235 adding cluster members 1. Open the clustercats web explorer if it’s not already opened. 2. Click the add server link. The add server page appears. 3. Enter the fully qualified host name (for example, doc.Allaire.Com) in the web server n...
Page 258
236 administering coldfusion server 4. Click ok to add the cluster member to the existing cluster. Deleting cluster members 1. Open the clustercats web explorer if it’s not already open. 2. Click the delete server link. The delete server page appears. 3. Select the cluster member you want to delete ...
Page 259
Chapter 6: creating scalable and highly available web sites 237 by default the peak load threshold is 90% and the gradual redirection threshold is 70%. If you want to modify the threshold settings for one or more of your cluster members, perform the following procedures. To configure peak and gradua...
Page 260
238 administering coldfusion server 4. Click the server attributes link. The connect to server page appears. 5. Select the server you want to connect to from the web server name drop-down box and click ok. The selected server’s properties page appears..
Page 261
Chapter 6: creating scalable and highly available web sites 239 6. Click the administration link under server attributes. The server administration page appears for the selected server. 7. Enter new values in the standard and gradual load threshold fields and click ok. If you want the server to be a...
Page 262
240 administering coldfusion server apart. To achieve the desired effect described in the latter scenario, it’s best to set a differential of at least 10% between the two threshold values. Configuring the coldfusion probe clustercats load balances and provides failover support for your coldfusion ap...
Page 263
Chapter 6: creating scalable and highly available web sites 241 3. Enter the fully qualified host name of the server for which you want to configure the coldfusion probe in the web server name field and click ok. The cluster member list page appears. 4. Click the server attributes link. The connect ...
Page 264
242 administering coldfusion server 5. Select the server you want to connect to from the web server name drop-down box and click ok. The selected server’s properties page appears. 6. Click the coldfusion probe link. The coldfusion application probe page appears..
Page 265
Chapter 6: creating scalable and highly available web sites 243 7. Leave the web server, pathname, and working directory fields as they are unless you installed coldfusion to a directory other than the default installation directory. 8. In the startup parameters field, enter the actual url of the si...
Page 266
244 administering coldfusion server configuring session-aware load balancing sometimes referred to as a “sticky” session, session-aware load balancing guarantees that users won’t get bumped from the server on which they started their session until the session is complete, regardless of the load thre...
Page 267
Chapter 6: creating scalable and highly available web sites 245 4. Click the administration link under cluster attributes. The cluster administration page appears. 5. Enable the session-aware load balancing check box and click ok. Session-aware load balancing is now enabled for the selected cluster..
Page 268
246 administering coldfusion server integrating clustercats with a load balancing product you can configure clustercats to work in conjunction with a third-party hardware load balancing device or load balancing software product to provide more comprehensive load balancing and failover support for yo...
Page 269
Chapter 6: creating scalable and highly available web sites 247 4. Click the administration link under cluster attributes. The cluster administration page appears. 5. In the load balancing product field, enter the url of the web site for which the load balancing product has been set up to manage htt...
Page 270
248 administering coldfusion server configuring alarm notifications the clustercats alarm notification feature provides you with instant feedback about critical events that take place within a cluster. Once the event triggers the alarm, you are notified by e-mail. To configure administrator alarm no...
Page 271
Chapter 6: creating scalable and highly available web sites 249 4. Click the alarm notification link. The alarm notification page appears. 5. Enter the e-mail address of the person you want to be notified about the occurrence of an event in that event’s corresponding field. If you want multiple peop...
Page 272
250 administering coldfusion server 6. Enter the name of the default smtp mail server to which your mail is delivered in the default smtp host field and click ok. The e-mail addresses you specified will now receive e-mail notification if the corresponding events occur. Configuring administration e-m...
Page 273
Chapter 6: creating scalable and highly available web sites 251 3. Enter the fully qualified host name of a server for which you want to configure administrator e-mail support in the web server name field and click ok. The cluster member list page appears. 4. Click the support link. The cluster supp...
Page 274
252 administering coldfusion server 5. Enter in the support e-mail field the e-mail address of the person at your organization that should receive a copy of the e-mail that is sent nightly to allaire’s technical support. If more than one person should receive the e-mail, separate the e-mail addresse...
Page 275
Chapter 6: creating scalable and highly available web sites 253 2. Click the show cluster link. The show cluster page appears. 3. Enter the fully qualified host name of the server for which you want to configure administrator authentication in the web server name field and click ok. The cluster memb...
Page 276
254 administering coldfusion server the cluster authentication page appears. 5. Select either disabled or local user from the authentication drop-down box. Note disabled authentication mode is the default setting. It provides no security challenge and allows anyone to access the server using the web...
Page 277
Chapter 6: creating scalable and highly available web sites 255 to change a cluster member’s state from active to passive: 1. Open clustercats web explorer if it’s not already open. 2. Click the show cluster link. The show cluster page appears. 3. Enter the fully qualified host name of the server th...
Page 278
256 administering coldfusion server 4. Click the server attributes link under other. The connect to server page appears. 5. Select the server you want to connect to from the web server name drop-down box and click ok. The selected server’s properties page appears..
Page 279
Chapter 6: creating scalable and highly available web sites 257 6. Click the administration link. The server administration page appears for the selected server. 7. Select active or passive from the state drop-down box and click ok. If you selected passive, the clustercats load balancing and failove...
Page 280
258 administering coldfusion server restricting cluster members clustercats lets you restrict a cluster member from receiving any http requests by enabling a configuration option. You may want to do this for a variety of reasons, including server maintenance, server software updates, and as a load m...
Page 281
Chapter 6: creating scalable and highly available web sites 259 4. Click the server attributes link under other. The connect to server page appears. 5. Select the server you want to connect to from the web server name drop-down box and click ok. The selected server’s properties page appears..
Page 282
260 administering coldfusion server 6. Click the administration link. The server administration page appears for the selected server. 7. Select restricted from the restriction status drop-down box and click ok. The selected server will no longer participate in the cluster and will not receive http r...
Page 283
Chapter 6: creating scalable and highly available web sites 261 using the clustercats server utilities coldfusion enterprise ships with the following server utilities for configuring, administering, and troubleshooting your clustercats clusters: • btadmin utility • bt-start and bt-stop utilities • b...
Page 284
262 administering coldfusion server configure clustercats options use the following command-line syntax for configuring clustercats options: btadmin [configure option] you can configure the following clustercats options using the btadmin utility: the following example shows you how to configure a cl...
Page 285
Chapter 6: creating scalable and highly available web sites 263 show and reset clusters you can display the clustercats configuration settings currently enabled using the btadmin utility. For example: btadmin show you can also reinitialize your cluster configuration settings on the current server us...
Page 286
264 administering coldfusion server btcfgchk dns error reporting the btcfgchk utility reports on dns configuration problems. Clustercats requires that your dns be configured with correct forward and reverse mappings. A forward mapping translates the host name to an ip address. Conversely, a reverse ...
Page 287
Chapter 6: creating scalable and highly available web sites 265 hostinfo utility the hostinfo utility is a network management tool that displays information about a specified domain name. Use it to analyze and troubleshoot problems you are having with dns mappings to a particular domain. To run the ...
Page 288
266 administering coldfusion server #cd /program/ set the default directory to the programs directory under bright tiger. #/program> hostinfo domain_name the following sample output from the hostinfo utility provides information about a set of round-robin dns host names. ##/program> hostinfo www.Bri...
Page 289: Troubleshooting
Chapter 6: creating scalable and highly available web sites 267 use the "r" command within sniff to listen to intra-cluster packets: listen thread thread running on ’any’ interface... [ srvhello @ tue jun 30 17:01:57 1998] 192.168.0.213 boston1.Brighttiger.Com (192.168.0.118 ) (255.255.255.0 ) sales...
Page 290
268 administering coldfusion server • cisco systems. “cisco distributeddirector” and “the effects of distributing load randomly to servers,” april, 1999. Available for download on the cisco web site at http://www.Cisco.Com/warp/public/cc/cisco/mkt/scale/distr/ tech/index.Shtml. Web sites collaborati...
Page 291: Using Cgi With Coldfusion
C h a p t e r 7 chapter 7 using cgi with coldfusion this chapter describes how to use coldfusion with a web server that does not support one of the major apis. Contents • cgi vs. Web server apis ................................................................................. 270 • limitations of cg...
Page 292: Cgi Vs. Web Server Apis
270 administering coldfusion server cgi vs. Web server apis the common gateway interface (cgi) was introduced as a standard protocol for extending the functionality of web servers with additional applications. Most cgi applications are simple executables that are launched every time they are request...
Page 293
Chapter 7: using cgi with coldfusion 271 • relative mappings. When application pages are stored in the web server document directory, you can use relative urls to refer to graphics and other files. • increased performance. You will not realize the increased performance provided by the web server api...
Page 294
272 administering coldfusion server application page references the reference to the file myquery.Cfm in the above example contains no path information. You may be wondering how coldfusion determines where on your system to locate this file. If you place coldfusion application pages in the cfdocs di...
Page 295: Coldfusion Security
C h a p t e r 8 chapter 8 coldfusion security this chapter introduces coldfusion server basic and advanced security features that allow you to protect a wide variety of coldfusion resources. Contents • why is coldfusion security important?....................................................... 274 •...
Page 296
274 administering coldfusion server why is coldfusion security important? Today’s web applications offer unique opportunities from e-commerce to global communication and collaboration. Today, developers and administrators alike must concern themselves with issues of security. The nature of the web —...
Page 297
Chapter 8: coldfusion security 275 types of coldfusion security coldfusion server provides two mutually exclusive security frameworks called basic security and advanced security. You can use either type of security to secure coldfusion application development and deployment. Basic security basic sec...
Page 298
276 administering coldfusion server inbound data and encrypt outbound data. Once the key is installed, the web server automatically encrypts or decrypts data as it is received or transmitted. If your web server connections are encrypted with ssl, all communications, including coldfusion transmission...
Page 299
Chapter 8: coldfusion security 277 restrictive security plan. The more public the application or development environment, the lower the level of trust. Basic security covers all phases of application development and deployment. Basic security is a good solution for trusted users because it offers th...
Page 300
278 administering coldfusion server • generalized access control — remote developers have access either to all files and data sources, or none. Basic security doesn’t let you protect individual directories or resources. Basic security is a good choice to protect coldfusion resources if your company ...
Page 301
Chapter 8: coldfusion security 279 deploying applications with basic security basic security lets you disable execution of cfml tags that could prevent security hazards if they were used in a coldfusion application, because they could be used to upload, delete, or otherwise manipulate files on the c...
Page 302
280 administering coldfusion server securing the coldfusion administrator the coldfusion administrator is a powerful tool that lets you perform administrative tasks like managing server performance, adding and configuring coldfusion data sources, scheduling pages, and managing log files. You can sec...
Page 303
Chapter 8: coldfusion security 281 to learn more about security security at the speed of the web changes more frequently and over a broader spectrum than can be covered here. Allaire is dedicated to educating its customers about new security information as it becomes available. Visit the allaire sec...
Page 304
282 administering coldfusion server.
Page 305: Configuring Basic Security
C h a p t e r 9 chapter 9 configuring basic security basic coldfusion security allows you to secure a number of coldfusion server resources with password access. This chapter describes configuration options for basic coldfusion security. Contents • about basic security .................................
Page 306: About Basic Security
284 administering coldfusion server about basic security coldfusion server offers two levels of security: basic and advanced. Basic security allows you to impose the following types of control on the coldfusion development environment: • you can secure the coldfusion administrator with a password. •...
Page 307
Chapter 9: configuring basic security 285 example, you have several geographically dispersed participants in a development project. In addition, a group of widely dispersed developers may require different levels of access to files and data sources. Securing data sources in addition to your applicat...
Page 308
286 administering coldfusion server 1. Password vulnerability. The password can be lost, stolen, or hacked. 2. Access control is generalized, that is, remote developers have access either to all files and data sources, or none. With basic security, you can’t protect individual directories and or dat...
Page 309
Chapter 9: configuring basic security 287 by using a lan based file access model and by restricting developer data source access to the local workstation, a very secure development environment can be achieved. Using a password to restrict access to rds the server, basic security page of the coldfusi...
Page 310
288 administering coldfusion server configuring basic runtime security basic security lets you disable execution of seven cfml tags that could present security hazards. You can, however, specify a special directory, called the unsecured tags directory; this is the only directory from which coldfusio...
Page 311
C h a p t e r 1 0 chapter 10 configuring advanced security this chapter describes how to set up and configure the coldfusion server advanced security features. Advanced security lets you protect a wide variety of coldfusion resources. Contents • what is advanced security?...............................
Page 312: What Is Advanced Security?
290 administering coldfusion server what is advanced security? Coldfusion server professional and enterprise editions include advanced security features that provide scalable, granular security for building and deploying your coldfusion applications: • application development — control access to fil...
Page 313
Chapter 10: configuring advanced security 291 user directories user directories provide a listing of user information, such as the user’s name, login password, and the names of any groups to which the user belongs. Coldfusion advanced security lets you incorporate any of the following industry-stand...
Page 314
292 administering coldfusion server resources are not secured until you specifically choose to protect them. You can secure the following types of resources: • applications • verity collections • components • coldfusion tags • coldfusion functions • custom tags • data sources • files and directories...
Page 315
Chapter 10: configuring advanced security 293 security contexts a security context is a container for logically-related groups of policies. You can create and implement as many security contexts as your application or development environment requires: • you can reuse a single security context, imple...
Page 316
294 administering coldfusion server advanced security implementations the four elements discussed in the previous section — user directories, resources, policies, and security contexts — are the building blocks of every type of security framework you’ll create. You can implement the following types ...
Page 317
Chapter 10: configuring advanced security 295 securing resources with rds security remote development services (rds) provides a secure connection from coldfusion studio to the coldfusion server environment and is a prerequisite to accessing data sources, using server-based browsing, and running the ...
Page 318
296 administering coldfusion server another company’s applications. It also ensures that no applications can tamper with system resources. The access permissions you assign to a directory tree through a security sandbox override any other access permissions users might have for the tree. For example...
Page 319
Chapter 10: configuring advanced security 297 for example, as a coldfusion server administrator, you’ll probably want to assign administrator access to one or two other users, thus ensuring you’ll have backup administrators and your company won’t have to forgo administrative support if you’re away. ...
Page 320
298 administering coldfusion server once you have decided on a method of storing security profile information, the implementation details are essentially the same regardless of platform and storage type. Coldfusion advanced security is implemented by defining the following elements in order: 1. A se...
Page 321
Chapter 10: configuring advanced security 299 after you install advanced security on solaris, you should disable all caching options whenever you’re working in the advanced server security page in the coldfusion administrator. Specifically, make sure you disable the following settings: • load securi...
Page 322
300 administering coldfusion server 6. Under security server cache settings, click to enable the security server policy store cache, security server authorization cache, or coldfusion server cache if you want coldfusion to cache security information and transactions on the security server. See “cach...
Page 323: Defining User Directories
Chapter 10: configuring advanced security 301 defining user directories user and group authentication is carried out against either an existing windows nt domain, an ldap directory, or an odbc data source. When you set up advanced security, you must specify at least one user directory. You can add a...
Page 324
302 administering coldfusion server to define a user directory: 1. In the advanced server security page of the administrator, click the user directories button. 2. Enter a name for the user directory in the user directory text box and click add. The name you enter here is an internal name that coldf...
Page 325
Chapter 10: configuring advanced security 303 6. Select a search scope from the drop-down list. Enter the depth of your search. For example, if you want to be able to access everything under the search root, select the subtree option. Otherwise, select the one level option. 7. Click add to define th...
Page 326: Defining A Security Context
304 administering coldfusion server [smsampleusers] query_enumerate=select name, ’user’ as class from smuser union select name, ’group’ as class from smgroup order by class query_inituser=select name from smuser where name = ’%s’ query_authenticateuser=select name from smuser where name = ’%s’ and p...
Page 327
Chapter 10: configuring advanced security 305 to define a security context: 1. Open the advanced server security page and click the security contexts button. 2. Enter a security context name and click add. This is a logical name that defines the scope of the security domain. Later, in your applicati...
Page 328
306 administering coldfusion server to protect resources: 1. In the advanced server security page, click resources. You see the resource view page. 2. Select a security context from the current security context drop-down box. In the resource browser, any resource type you selected when you created t...
Page 329
Chapter 10: configuring advanced security 307 to add users and groups to a policy: 1. Click the edit users button at the bottom of the resource view page to open the users page for the current policy. Click the add/remove button. Coldfusion opens the add/remove users page for the current policy. 2. ...
Page 330: Implementing User Security
308 administering coldfusion server implementing user security the user security feature allows coldfusion developers to authenticate users and match protected resources with authorized users. See “securing applications with user security” on page 294 to learn about user security concepts. In order ...
Page 331
Chapter 10: configuring advanced security 309 4. Specify individual resources to protect and set up policies that match secured resources with authorized users and groups.. See “specifying resources to protect” on page 305 for more information. 5. On the coldfusion administrator’s advanced server se...
Page 332
310 administering coldfusion server securing the coldfusion administrator with coldfusion server, you can decentralize administrative responsibility by creating multiple administrators. Overall security is maintained because these additional administrators can control only the resources and policies...
Page 333
Chapter 10: configuring advanced security 311 viewing a map of your security framework coldfusion lets you display and print a map that details all the components of your advanced security framework. To view a map of your currently defined security framework: 1. Open the coldfusion administrator and...
Page 334
312 administering coldfusion server enabling advanced security before you can configure anything, you need to turn on coldfusion advanced security. To enable advanced security: 1. Open the coldfusion administrator and click the advanced security link. You see the advanced server security page. 2. Se...
Page 335
Chapter 10: configuring advanced security 313 specifying resources to protect when you add a resource to protect, no one is authorized to access that resource until you give permission by adding the resource to a policy and then adding users and groups to that policy. In this example, we want the ma...
Page 336
314 administering coldfusion server adding policies now that you’ve selected the resources to protect, add two policies, one named mars and one named venus. At the bottom of the resource view page, you see the policy editor for the resource you just specified to add policies: 1. Click add policy. 2....
Page 337
Chapter 10: configuring advanced security 315 3. For venus we want to add the following rules: • venus_dsn • venus_r_directory • venus_w_directory • venus_r_files • venus_w_files • c_r_file • c_w_file • c_development_r_file • c_development_w_file. Now the venus policy has access rights to the venus_...
Page 338
316 administering coldfusion server enable coldfusion studio security the last step is to actually enable studio security in the administrator so that users trying to access coldfusion server resources from studio will be properly authenticated before access is granted. To enable coldfusion studio s...
Page 339
Chapter 10: configuring advanced security 317 undocumented tags and functions the coldfusion administrator makes use of several tags and functions not currently documented in the cfml language reference. In the context of the coldfusion administrator, access to the functionality provided by these un...
Page 340
318 administering coldfusion server administrative functions in addition to standard cfml functions, the coldfusion 4.5 administrator uses the following undocumented functions: • cf_setdatasourceusername() — sets the default user name for a coldfusion data source • cf_setdatasourcepassword() — sets ...
Page 341: Index
Index a access connectivity tips 95 adding data sources 78 adding coldfusion data sources 82, 120 adjusting load thresholds 206 administer unix clusters 231– 267 administering coldfusion initial tasks 29 overview 28 summary of tasks 29 administering unix clusters with server utilities 261 with web e...
Page 342
320 administering coldfusion server displaying or resetting clustercats configurations 263 enabling and disabling clustercats options 262 start/stop daemons 261 btcfgchk server utility 263 bt-start and bt-stop server utilities 263 c caching settings 44 cdata client variable table 50 cdist.Ini 74 cfa...
Page 343
Index 321 with microsoft cluster server 152 clusters adding cluster members to 201, 235 administering unix 231, 261 creating 192–203 creating manually 199 creating with setup wizard 192 deleting 203, 236 restricting members 224 viewing load status of 205 coldfusion administrator icon 39 availability...
Page 344
322 administering coldfusion server openingress databases 90 oracle 7 and 8.0 databases 99 oracle 7.3/8.0 databases 98 oracle 8.0.X through odbc 101 sybase system 11 databases 117 visual foxpro databases 89 creating clusters manually 199 with hardware solutions 150 with software solutions 152 with t...
Page 345
Index 323 verity search’97 64 indexing data 64 installing clustercats 185–191 on linux 190 on sun solaris 189 on windows nt 185 pre-installation tasks 161–185 installing coldfusion 1–25 on linux 23–25 on solaris 13–15 on windows 5–11 integrating clustercats with load balancing devices 211, 214, 246 ...
Page 346
324 administering coldfusion server nt domains user directories 301 o odbc foxpro 93 user directories 301 odbc data sources administrator 77 configuring (windows) 82 dbase options 92 drivers for 80 options 84 options (windows) 87, 98 security 285 text options 97 odbc drivers 80 odbc settings advance...
Page 347
Index 325 application 53 server 53 session 53 scripts root privileges on solaris 42 solaris start and stop 34 scripts 42 secure sockets layer 302 securing data sources 285 securing development resources 295 security 285 about basic 284 administrative functions 318 administrative tags 318 advanced co...
Page 348
326 administering coldfusion server timeout requests 43 timeouts specifying for application and session variables 51 tnsnames.Ora file 101 troubleshooting clustercats problems 267 dns problems 267 trusted cache 44 u understanding availability & reliability 146 availability & reliability problems 146...
Page 349
Index 327 defined 144 failover considerations 147 web site scalability defined 130 implementations 132 linear 131 load management factors 132 performance factors 130 webserver.Log file 57 website 270 website api (wsapi) 270 windows 95 starting coldfusion 34 windows nt domain authentication for clust...
Page 350
328 administering coldfusion server.