| Advanced ColdFusion Administration |
|
|
Configuring Advanced Security |
|
| Advanced ColdFusion Administration |
|
|
Configuring Advanced Security |
|
The four elements discussed in the previous section-user directories, resources, policies, and security contexts-are the building blocks of every type of security framework you'll create. You can implement the following types of Advanced Security:
This section describes these types of Advanced Security and explains when you'd use each one. For step-by-step instructions for implementing Advanced Security features, see "Creating an Advanced Security Framework" .
User Security authenticates users in a ColdFusion application and then assigns privileges based on the applicable ColdFusion security context.
For example, suppose you've used ColdFusion to build and host your company's intranet. The Human Resources department maintains a page on the intranet where all employees can access timely information about the company, like the latest company policies, upcoming events, and job postings. You'd want everyone to be able to read the information, but you'd only want certain authorized HR employees to be able to add, update, or delete information. In addition, you might want to let employees view customized information about their salaries, job levels, and performance reviews. You certainly wouldn't want one employee to view sensitive information about another employee, but you'd want managers to be able to see, and possibly update, information about their direct reports. User Security lets you give each employee an appropriate level of access to the HR data.
|
Note This chapter describes the steps necessary install Advanced security features and set up the security framework in the ColdFusion Administrator. Once you've put the security framework in place, developers must code security features into their ColdFusion applications. For information about coding secure applications, see Developing Web Applications with ColdFusion. |
Remote Development Services (RDS) provides a secure connection from ColdFusion Studio to the ColdFusion Server environment and is a prerequisite to accessing data sources, using server-based browsing, and running the interactive debugger.
ColdFusion RDS security provides security services in a team-oriented ColdFusion development environment where groups of developers, working in ColdFusion Studio, require different levels of access to ColdFusion files and data sources. RDS security is a valuable tool both for companies with multiple or geographically dispersed development groups and for ISPs that host ColdFusion development environments.
Developers working in ColdFusion Studio, access these ColdFusion resources remotely, by opening CFM files or accessing data sources. RDS security authenticates users and grants them access only to the resources assigned to them by a security context. Advanced security authenticates each user against the NT domain server, ODBC data source, or LDAP directory specified in the ColdFusion Administrator as part of a security context
For example, suppose you're a ColdFusion Server administrator at a medium-sized development company where two development groups, the Pi team and the Gamma team, are simultaneously developing separate ColdFusion Web applications. You want to limit the Pi team's access from ColdFusion Studio; they should only be able to access the data source pi_dsn and the files in the directory c:\development\pi. The Gamma team should only be able to access the data source gamma_dsn and the files in the c:\development\gamma directory. You'd use RDS security to create two different security contexts, one for the Pi team and another for the Gamma team.
A security sandbox is similar to RDS security-it limits access to resources. The main difference is that while RDS security secures resources accessed by ColdFusion Studio developers, a security sandbox secures resources accessed by ColdFusion applications at runtime. A sandbox provides exactly what its name implies: A restricted area-an entire directory tree-where the same level of access is enforced for all users.
ColdFusion offers two types of security sandbox protection:
Security sandboxes are most useful to ISPs that host ColdFusion applications and development. An ISP can use sandboxes to partition application pages into individually secure areas. For example, suppose an ISP hosts two different domains, PetesApps.com and FoleysApps.com, on the same server. The owners of each domain submit their own custom tags and data sources to the ISP. In turn, the ISP gives each domain's applications exclusive access to that domain's tags and data sources. This ensures that a company's resources remain secure, and are not accessed or altered by another company's applications. It also ensures that no applications can tamper with system resources.
The access permissions you assign to a directory tree through a security sandbox override any other access permissions users might have for the tree. For example, suppose you designate the directory c:/applications/hr_app as a security sandbox. You configure the sandbox so that nobody could write to any of the Human Resources department data sources via an application running from c:/applications/hr_app. Even the Vice President of HR, who would typically have write permissions to the HR data sources in all other contexts, would be unable to write to those sources via an application run from this sandbox.
|
Note The security sandbox feature is only available in the Enterprise edition of ColdFusion Server. |
If you've already read earlier chapters of Administering ColdFusion Server, you know that the ColdFusion Administrator is a browser-based interface that lets you perform administrative tasks like managing server performance, adding and configuring ColdFusion data sources, scheduling pages, and managing log files. For any ColdFusion development project, some level of administration is generally necessary to set up ColdFusion Server for your application. In some cases, it's feasible for a single person to perform all the necessary administrative tasks. Many times, though, you'll want to be able to delegate some ColdFusion management tasks.
With ColdFusion Server, you can decentralize administrative responsibility by creating multiple administrators. Overall security is maintained because these additional administrators can control only the resources and policies for which you've given them explicit responsibility. You can assign the following types of administrative access to any user:
The ColdFusion decentralized administration model provides two important benefits:
For example, as a ColdFusion Server administrator, you'll probably want to assign Administrator access to one or two other users, thus ensuring you'll have backup administrators and your company won't have to forgo administrative support if you're away. You might also want to create a class of Privileged access administrators who can manage all aspects of the ColdFusion environment except Basic and Advanced security. Users with Restricted administrative access can function as ColdFusion super users. You could assign Restricted access to one or two members of each development team. That way, development teams can add and configure their own data sources, but can't access other teams' data sources, and can't alter the ColdFusion environment in any significant way.
For detailed instructions for securing the Administrator pages, see "Securing the ColdFusion Administrator" .
| Copyright © 2001, Macromedia Inc. All rights reserved. |
|