You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Coldfusion 10

A quick reference page for CIT Hosting's Coldfusion 10 installation.

Adobe Coldfusion 10 documentation: http://helpx.adobe.com/coldfusion/archive.html

Apache and Tomcat

Coldfusion 10 no longer uses "jrun" to control the Coldfusion service. Adobe has changed (perhaps upgraded) to deploy their Coldfusion application within a Tomcat container.

When you go to the Status page of your VM to stop/start services, you will see an Apache instance as well as a Tomcat instance. In most cases, if you make changes to Coldfusion (via Coldfusion Administrator, or add new jar files) you'll only need to restart the Tomcat service (CF9 would have restarted the JRUN service).

Apache will need to be restarted if you've created a Custom Apache Include file.

Coldfusion Administrator (CFAdmin)

Hosting Customers have the ability to configure and control their Coldfusion 10 service. The Coldfusion Administrator is CUWebauth protected (netid and password), and the access is granted from the permits or AD Group that were assigned/given at the time of the request.

  • You can get access to your CFAdmin interface by logging into the Hosting Dashboard https://dashboard.hosting.cornell.edu and search for either the VM name (webhost###) or instance name, and click on the Splash Page link.
  • From the Splash Page, there is a tab near the top called CF Admin. By clicking here it will use your CUWebauth credentials to log you into CFAdmin. You are now ready to administer or configure how this Coldfusion 10 instance runs.
  • Some items of interest within CFAdmin:
    • Server Settings: Many items below allow you to manipulate how java/jvm works. Also configuration tweaks can occur in some of these options to help with performance.
    • Data & Services Menu: Data Sources - to set up your connections to backend databases. For information on how to set up connections to Oracle databases, please see Connecting to Oracle databases with Coldfusion 10
    • Server Update: Coldfusion 10 allows customers to download updates directly from Adobe and apply when you're ready.
    • There's many other options and settings within CFAdmin and we strongly encourage customers to become familiar with CFAdmin. Coldfusion 10 offers more granularity and control to the customer.

Adding Customized JAR Files

Customers can add their own jar files to their environments by using a webdav client and uploading the files to the /jars directory, OR you can drop them in the server10/lib subdirectory. A restart of the Coldfusion instance will be needed.

  • The order JAR files are loaded can be important depending on the functions you're looking to achieve. You can manipulate how jar files are loaded by where they are located (what path) and via JVM settings (also done via CF Admin). This is considered advanced Coldfusion/java configurations and modifying the JVM should not be taken lightly.

Protecting your site with CUWebauth/Netid and Password

When requesting a new url/virtual host for your application, this is a good time to think whether or not your site, or any part of your website will need to be protected by CU WebAuth and require visitors to log in with their NetID and password.

Sites that utilize CU WebAuth are required to use SSL.

There are two options for having an SSL configured. One is referred to as "HTTPS" and one as "BOTH".

If you wish to have ALL traffic protected by SSL we recommend that you request "HTTPS" for the protocol. This will create a redirect so that any traffic that goes to //[my site]/ will be redirected to //[my site]/.

However if only parts of your site need login access, more care in configuration and use of .htaccess files will be needed. This means a portion of your site will be protected by SSL while the option portion is not. In this case if you specify "BOTH" then you will be responsible for determining whether a page can be displayed using SSL or non-SSL.

When using "BOTH" non-SSL connections have NO restrictions, that means that all files are publicly available unless you explicitly put in a ".htaccess" to protect the directory using CU WebAuth.

Some examples of restricting access via a ".htaccess" file:

Require SSL (will just cause a 403 error)

SSLRequireSSL

Redirect to SSL

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Note that if you protect a directory with CU WebAuth and you go to the non-SSL site you will get the following error "CUWebAuth error... Server is not properly configured. Check the Kerberos principal.". In this case you need to be sure to specify the "https" URL and not the "http" URL to avoid getting the error. If you wish to setup a redirect from the non-SSL site to the SSL site for the ".htaccess" protected directory you'll either need to specify the redirect in a parent directory or via a custom vhost include.

  • No labels