User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 4.5-CFML LANGUAGE REFERENCE

121

122

123

124

125

126

127

128

129

130

102 CFML Language Reference

CFIMPERSONATE

Allows you to impersonate a user defined in a security context defined in Advanced

Security. The ColdFusion Application Server enforces all the privileges and restrictions

that have been set up for that user with the Advanced Security rules.

Syntax <CFIMPERSONATE

SECURITYCONTEXT="SecurityContext"

USERNAME="Name"

PASSWORD="Password"

TYPE= "CF" or "OS"

...

HTML or CFML code to execute

...

</CFIMPERSONATE>

SECURITYCONTEXT

Required. The security context in which the user should be authenticated. If the

impersonation type is "CF ," then you should specify a security context that has

already been defined using the ColdFusion Advanced Security Administrator. If

the impersonation type is "OS," then you should specify an NT domain as the

security context.

USERNAME

Required. The user name of the user you want to impersonate. You can create a

rule within ColdFusion Advanced Security to restrict a user from being

impersonated within a security context.

PASSWORD

Required. The password of the user that you want to impersonate.

TYPE

Required. The type of impersonation needed. This attribute can have the value –

"CF " for impersonation at the application level or "OS" for impersonation at the

operating system level. Operating System level impersonation means that the

impersonation is of a user known to the operating system. Currently, this type of

impersonation is available only for Windows NT and not for UNIX. When this

type of impersonation is in effect, the operating system will automatically perform

access control for access to any resources managed by the operating system such

as files and directories. This is fast, since ColdFusion is not doing any extra

checking, the OS is, but the OS is limited since only resources that are protected by

the operating systemare protected. For example, the operating system cannot

check for resource types such as Application, data sources etc.

Usage CFIMPERSONATE is typically used to run a block of code in a secure mode. For

impersonation of type "CF," there is automatic enforcement of access control of

ColdFusion resources such as files, data sources, and collections between the start and

end tags of CFIMPERSONATE. If CF type impersonation is turned on, the ColdFusion