Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 5-ADVANCED ADMINISTRATION
919293949596979899100
74 Chapter 4 Configuring Basic Security
ColdFusion Remote Development Services (RDS)
ColdFusion RDS is a component of ColdFusion Server used by the ColdFusion
Administrator and ColdFusion Studio to provide remote HTTP-based access to files
and databases. You can use RDS to manage ColdFusion Studio access to files and
databases on a server hosting ColdFusion.
RDS provides both Basic and Advanced security services for ColdFusion, allowing
you to configure the level of security you need for your situation. For more
information see Chapter 5, Configuring Advanced Security on page 79.
Basic security options managed by RDS can be found in the Administrator Server,
Basic Security page, where you will find options for defining passwords and securing
a subset of ColdFusion tags.
Basic security limitations
ColdFusion Basic security hinges on the protection of a single password per server.
So long as the password is kept secret, unauthorized access to the files and databases
on the server is impossible. It is important to understand that this security model has
two liabilities:
Password vulnerability. The password can be lost, stolen, or hacked.
Access control is generalized, that is, remote developers have access either to all
files and data sources, or none. With Basic security, you cant protect individual
directories and or databases.
Securing ColdFusion file resources
The following table shows how ColdFusion Basic security compares with native OS
options available to you in securing files for remote development:
Method Description Security Model
LAN-based Uses the native file system to
provide access to local and
network drives.
Access is determined by the
network permissions of user
logged into workstation where
Studio is being run.
FTP-based Connects to an FTP server
running on same machine as the
target Web server.
Permissions defined using the
native security of the FTP server
software.
RDS-based Interacts with the remote file
system using RDS on the target
ColdFusion Server.
Files on the target server can be
secured with the ColdFusion
Studio password.