Lockdown Guide
Page 18
... another method to protect this uri (eg IP restriction) Usually, unless AIR sync API is blocked. URI /CFIDE/administrator Purpose ColdFusion Administrator Safe to Block Yes, we will create a dedicated web site for ColdFusion administrator access. /CFIDE/adminapi Admin API /CFIDE/AIR AIR Sync API Usually, if the admin api is called from internal CFML...
... another method to protect this uri (eg IP restriction) Usually, unless AIR sync API is blocked. URI /CFIDE/administrator Purpose ColdFusion Administrator Safe to Block Yes, we will create a dedicated web site for ColdFusion administrator access. /CFIDE/adminapi Admin API /CFIDE/AIR AIR Sync API Usually, if the admin api is called from internal CFML...
Lockdown Guide
Page 20
... the web server if used . Possibly used for the Server Manager. /CFIDE/ServerManager /CFIDE/services /CFIDE/websocket /CFIDE/wizards /CFIDE/GraphData /CFIDE/main Contains the AIR application Yes binary for IDE Yes integration, not needed on production.
... the web server if used . Possibly used for the Server Manager. /CFIDE/ServerManager /CFIDE/services /CFIDE/websocket /CFIDE/wizards /CFIDE/GraphData /CFIDE/main Contains the AIR application Yes binary for IDE Yes integration, not needed on production.
Lockdown Guide
Page 80
CFFileServlet /CFFileServlet/* 6.10 Disabling Remote CFC Invocation The CFCServlet is used to the following: CFForbiddenServlet *.cfc/* CFForbiddenServlet *.cfc 80 Change the servlet mappings: CFCServlet *.cfc/* CFCServlet *.cfc Change to serve SOAP web service requests, remote CFC method invocation (eg file.cfc?method=doSomething), AIR synchronization, and flash remoting. If you do not require these features you can change the servlet mappings that point to the CFCServlet to the CFForbiddenServlet.
CFFileServlet /CFFileServlet/* 6.10 Disabling Remote CFC Invocation The CFCServlet is used to the following: CFForbiddenServlet *.cfc/* CFForbiddenServlet *.cfc 80 Change the servlet mappings: CFCServlet *.cfc/* CFCServlet *.cfc Change to serve SOAP web service requests, remote CFC method invocation (eg file.cfc?method=doSomething), AIR synchronization, and flash remoting. If you do not require these features you can change the servlet mappings that point to the CFCServlet to the CFForbiddenServlet.
Lockdown Guide
Page 87
...Mac OS is a registered trademark of The Open Group in the US and other countries. All rights reserved. UNIX is a trademark of Apple Inc., registered in the USA. 11/12 87 and other countries. Written by Pete Freitag For more information Solution details: www.adobe.com/go/coldfusion Adobe, the Adobe logo, Adobe AIR, AIR, ColdFusion..., Flash, JRun, and LiveCycle are the property of their respective owners. © 2012 Adobe Systems Incorporated. Linux is a ...
...Mac OS is a registered trademark of The Open Group in the US and other countries. All rights reserved. UNIX is a trademark of Apple Inc., registered in the USA. 11/12 87 and other countries. Written by Pete Freitag For more information Solution details: www.adobe.com/go/coldfusion Adobe, the Adobe logo, Adobe AIR, AIR, ColdFusion..., Flash, JRun, and LiveCycle are the property of their respective owners. © 2012 Adobe Systems Incorporated. Linux is a ...
Developing Applications
Page 4
... database schema 598 Support for multiple data sources for ORM 601 Chapter 9: Flex and AIR Integration in ColdFusion Using the Flash Remoting Service 606 Using Flash Remoting Update 619 Offline AIR Application Support 625 Proxy ActionScript Classes for ColdFusion Services 653 Using the LiveCycle Data Services ES Assembler 671 Using Server-Side ActionScript 688...
... database schema 598 Support for multiple data sources for ORM 601 Chapter 9: Flex and AIR Integration in ColdFusion Using the Flash Remoting Service 606 Using Flash Remoting Update 619 Offline AIR Application Support 625 Proxy ActionScript Classes for ColdFusion Services 653 Using the LiveCycle Data Services ES Assembler 671 Using Server-Side ActionScript 688...
Developing Applications
Page 8
... 3 What's New Area ORM Amazon S3 Support SpreadSheet AIR integration Flash Remoting What's new and changed • Supports multiple data sources for ORM in ColdFusion applications • The following enhancements: • Support for auto-generating primary keys • Support for use in ... one-to-one, one -toone relationship • The function EntityNew takes the property values as struct in a second argument ColdFusion customers can be stored on SQLite database is now in the applicationStoragedirectory instead of Application.cfc • Attribute missingrowignored in cfproperty ...
... 3 What's New Area ORM Amazon S3 Support SpreadSheet AIR integration Flash Remoting What's new and changed • Supports multiple data sources for ORM in ColdFusion applications • The following enhancements: • Support for auto-generating primary keys • Support for use in ... one-to-one, one -toone relationship • The function EntityNew takes the property values as struct in a second argument ColdFusion customers can be stored on SQLite database is now in the applicationStoragedirectory instead of Application.cfc • Attribute missingrowignored in cfproperty ...
Developing Applications
Page 9
... and changed Support for the following: • LCDS 3 and LCDS 3.1 • BlazeDS 4 • New methods allowSend and allowSubscribe in ColdFusion Messaging Gateway CFCs Apart from overall improvement in the accuracy of indexing, the following enhancements: • Displays correct MIME types for all documents ...data source authentication details in the attribute datasource • Support for HQL in cfquery • •New actions for cfpdf AIR Proxy • The ActionScript proxy class for automatic logging of scheduled tasks Enhancements in this release help you use Server Monitoring ...
... and changed Support for the following: • LCDS 3 and LCDS 3.1 • BlazeDS 4 • New methods allowSend and allowSubscribe in ColdFusion Messaging Gateway CFCs Apart from overall improvement in the accuracy of indexing, the following enhancements: • Displays correct MIME types for all documents ...data source authentication details in the attribute datasource • Support for HQL in cfquery • •New actions for cfpdf AIR Proxy • The ActionScript proxy class for automatic logging of scheduled tasks Enhancements in this release help you use Server Monitoring ...
Developing Applications
Page 10
... applications. The following basic language constructs: throw, writedump, writelog, location, and trace. Flex and AIR integration Adobe AIR applications Offline capabilities Offline application support for ColdFusion. This release supports circular reference. By default, ColdFusion installs BlazeDS. ORM support ColdFusion Object-relational mapping (ColdFusion ORM) is a list of top new features for Rapid Application Development • In-built...
... applications. The following basic language constructs: throw, writedump, writelog, location, and trace. Flex and AIR integration Adobe AIR applications Offline capabilities Offline application support for ColdFusion. This release supports circular reference. By default, ColdFusion installs BlazeDS. ORM support ColdFusion Object-relational mapping (ColdFusion ORM) is a list of top new features for Rapid Application Development • In-built...
Developing Applications
Page 14
... You can also set up user access control for portlet standards This release supports JSR-168, JSR-286, and WSRP specifications. For more information, see ColdFusion Portlets. The application enables ColdFusion server administrators to prevent access by unknown applications and users. Exposing of ColdFusion servers • Compare settings across multiple servers or clusters. You...
... You can also set up user access control for portlet standards This release supports JSR-168, JSR-286, and WSRP specifications. For more information, see ColdFusion Portlets. The application enables ColdFusion server administrators to prevent access by unknown applications and users. Exposing of ColdFusion servers • Compare settings across multiple servers or clusters. You...
Developing Applications
Page 16
... provides a solid grounding in the tools that ColdFusion provides to the documentation. About Adobe ColdFusion 9 documentation The ColdFusion documentation is available from the Adobe ColdFusion Administrator. This book provides detailed information about using the CFML programming language and ColdFusion features, such as ColdFusion Web Services, ColdFusion Portlets, ColdFusion ORM, AJAX support, Flex and AIR integration, and integration with the CFML Reference...
... provides a solid grounding in the tools that ColdFusion provides to the documentation. About Adobe ColdFusion 9 documentation The ColdFusion documentation is available from the Adobe ColdFusion Administrator. This book provides detailed information about using the CFML programming language and ColdFusion features, such as ColdFusion Web Services, ColdFusion Portlets, ColdFusion ORM, AJAX support, Flex and AIR integration, and integration with the CFML Reference...
Developing Applications
Page 82
...the string and the variable value to get product_1. 4 Uses the result as the following: 1 + 1 is more information on page 93. Because ColdFusion must run its value, for example 1. 2 concatenates the variable value with the value of the variable i. 2 Determines the value of the variable. ..., see "Structure notation" on using a string and a variable. For more efficient: ProductName: #Form["product_" & i]# In this case, Air popper. A product name field exists for an indeterminate number of the variable. The following example has the same result as the object.attribute format...
...the string and the variable value to get product_1. 4 Uses the result as the following: 1 + 1 is more information on page 93. Because ColdFusion must run its value, for example 1. 2 concatenates the variable value with the value of the variable i. 2 Determines the value of the variable. ..., see "Structure notation" on using a string and a variable. For more efficient: ProductName: #Form["product_" & i]# In this case, Air popper. A product name field exists for an indeterminate number of the variable. The following example has the same result as the object.attribute format...
Developing Applications
Page 611
...Remoting, see Using Flash Remoting MX 2004 and Flash Remoting ActionScript Dictionary in ColdFusion. You can also access the Flash Remoting documentation on the Flash Remoting Developer Center at www.adobe.com/go/learn_cfu_flashremoting_en. You build user interface controls in Flash, and you...the business logic in Flash Help. Last updated 1/20/2012 606 Chapter 9: Flex and AIR Integration in ColdFusion Using the Flash Remoting Service Using the Flash Remoting service of Adobe ColdFusion, ColdFusion developers can work with Flash MX 2004 designers to build dynamic Flash user interfaces for...
...Remoting, see Using Flash Remoting MX 2004 and Flash Remoting ActionScript Dictionary in ColdFusion. You can also access the Flash Remoting documentation on the Flash Remoting Developer Center at www.adobe.com/go/learn_cfu_flashremoting_en. You build user interface controls in Flash, and you...the business logic in Flash Help. Last updated 1/20/2012 606 Chapter 9: Flex and AIR Integration in ColdFusion Using the Flash Remoting Service Using the Flash Remoting service of Adobe ColdFusion, ColdFusion developers can work with Flash MX 2004 designers to build dynamic Flash user interfaces for...
Developing Applications
Page 612
... to interact with Flash UIs, remember the importance of the relationship between Flash and ColdFusion: SWF files .SWFs Computer Interactive TV Mobile phone PDA HTTP Application Server Flash Remoting Web services Database Planning your... ColdFusion pages and components return common data types, including strings, integers, query objects, structures, and arrays. DEVELOPING COLDFUSION 9 APPLICATIONS 607 Flex and AIR Integration in ColdFusion The following is a simplified representation of separating display...
... to interact with Flash UIs, remember the importance of the relationship between Flash and ColdFusion: SWF files .SWFs Computer Interactive TV Mobile phone PDA HTTP Application Server Flash Remoting Web services Database Planning your... ColdFusion pages and components return common data types, including strings, integers, query objects, structures, and arrays. DEVELOPING COLDFUSION 9 APPLICATIONS 607 Flex and AIR Integration in ColdFusion The following is a simplified representation of separating display...
Developing Applications
Page 613
... following parameters in ActionScript 1.0. For more information on the remote server. Last updated 1/20/2012 DEVELOPING COLDFUSION 9 APPLICATIONS 608 Flex and AIR Integration in ColdFusion To use the Flash variable scope to interact with SWF applications. A new RelayResponder class, which specifies...2.0 API Features Enforcement of strict data typing, which the result and fault outcomes of data to them. In ColdFusion pages, you build ColdFusion pages and components or deploy Java objects. gateway.configuration.file /WEB-INF/gateway-config.xml whitelist.configuration.file ...
... following parameters in ActionScript 1.0. For more information on the remote server. Last updated 1/20/2012 DEVELOPING COLDFUSION 9 APPLICATIONS 608 Flex and AIR Integration in ColdFusion To use the Flash variable scope to interact with SWF applications. A new RelayResponder class, which specifies...2.0 API Features Enforcement of strict data typing, which the result and fault outcomes of data to them. In ColdFusion pages, you build ColdFusion pages and components or deploy Java objects. gateway.configuration.file /WEB-INF/gateway-config.xml whitelist.configuration.file ...
Developing Applications
Page 614
... longer supported, and you specify all configuration parameters in the gateway-config.xml file. You can configure gateway features in ColdFusion ColdFusion MX 7 and later versions of ColdFusion configure Flash gateways differently from previous ColdFusion releases. Parameters that identify the whitelist must specify your gateway-config.xml file and gateway-config as follows: Last...
... longer supported, and you specify all configuration parameters in the gateway-config.xml file. You can configure gateway features in ColdFusion ColdFusion MX 7 and later versions of ColdFusion configure Flash gateways differently from previous ColdFusion releases. Parameters that identify the whitelist must specify your gateway-config.xml file and gateway-config as follows: Last...
Developing Applications
Page 615
... service adapters security Description By default, the PageableResultSetAdapter, the ColdFusionAdapter, the CFCAdapter (for ColdFusion components), and the CFSSASAdapter (for web services) by removing their enclosing comment symbols (). DEVELOPING COLDFUSION 9 APPLICATIONS 610 Flex and AIR Integration in ColdFusion. You can also enable the JavaBeanAdapter, JavaAdapter, EJBAdapter, ServletAdapter, and CFWSAdapter (for server-side ActionScript) adapters are...
... service adapters security Description By default, the PageableResultSetAdapter, the ColdFusionAdapter, the CFCAdapter (for ColdFusion components), and the CFSSASAdapter (for web services) by removing their enclosing comment symbols (). DEVELOPING COLDFUSION 9 APPLICATIONS 610 Flex and AIR Integration in ColdFusion. You can also enable the JavaBeanAdapter, JavaAdapter, EJBAdapter, ServletAdapter, and CFWSAdapter (for server-side ActionScript) adapters are...
Developing Applications
Page 616
.... Note: Flash Remoting cannot interact with a SWF application, the directory name that contains the ColdFusion pages translates to the service name that you can set to Flash" on page 613. DEVELOPING COLDFUSION 9 APPLICATIONS 611 Flex and AIR Integration in ColdFusion Feature logger level redirect URL case sensitivity Description You can specify a URL to service...
.... Note: Flash Remoting cannot interact with a SWF application, the directory name that contains the ColdFusion pages translates to the service name that you can set to Flash" on page 613. DEVELOPING COLDFUSION 9 APPLICATIONS 611 Flex and AIR Integration in ColdFusion Feature logger level redirect URL case sensitivity Description You can specify a URL to service...
Developing Applications
Page 617
...cannot pass a RecordSet from SWF applications, you use standard structure-name syntax like params.name. Accessing parameters passed from Flash To access variables passed from a SWF application to a ColdFusion application) Also, remember the following table lists ActionScript... parameters. However, the StructCopy CFML function does not work with ActionScript collections. DEVELOPING COLDFUSION 9 APPLICATIONS 612 Flex and AIR Integration in ColdFusion ActionScript data type ColdFusion data type ActionScript Object Structure ActionScript Object (as the only argument passed to a ...
...cannot pass a RecordSet from SWF applications, you use standard structure-name syntax like params.name. Accessing parameters passed from Flash To access variables passed from a SWF application to a ColdFusion application) Also, remember the following table lists ActionScript... parameters. However, the StructCopy CFML function does not work with ActionScript collections. DEVELOPING COLDFUSION 9 APPLICATIONS 612 Flex and AIR Integration in ColdFusion ActionScript data type ColdFusion data type ActionScript Object Structure ActionScript Object (as the only argument passed to a ...
Developing Applications
Page 618
... by the value of the Flash scope: Or, you use standard structure name syntax to ColdFusion pages. You use standard structure name syntax; Create a ColdFusion page that contains simple messages to a ColdFusion array. myService.myMethod(myArray); myMxdArray[2] = true; Last updated ... service function helloWorld, which returns a structure that passes a structure to Flash In ColdFusion pages, only the value of a CFC method. DEVELOPING COLDFUSION 9 APPLICATIONS 613 Flex and AIR Integration in your web root, and name it helloExamples. myArray[0] = "zero"; ...
... by the value of the Flash scope: Or, you use standard structure name syntax to ColdFusion pages. You use standard structure name syntax; Create a ColdFusion page that contains simple messages to a ColdFusion array. myService.myMethod(myArray); myMxdArray[2] = true; Last updated ... service function helloWorld, which returns a structure that passes a structure to Flash In ColdFusion pages, only the value of a CFC method. DEVELOPING COLDFUSION 9 APPLICATIONS 613 Flex and AIR Integration in your web root, and name it helloExamples. myArray[0] = "zero"; ...
Developing Applications
Page 619
...the SWF application using the Flash.Result variable. 4 Save the file. Return 1 to indicate true, and return 0 to Flash from ColdFusion. For example, if a query returns 20 records, you return record set the Flash.Pagesize variable to return five records at a time...The helloWorld.cfm file is the service address. Returning records in increments to Flash ColdFusion lets you can set results to Flash. Last updated 1/20/2012 DEVELOPING COLDFUSION 9 APPLICATIONS 614 Flex and AIR Integration in ColdFusion 2 Create a ColdFusion page, and save it returns: import mx.remoting.*;
...the SWF application using the Flash.Result variable. 4 Save the file. Return 1 to indicate true, and return 0 to Flash from ColdFusion. For example, if a query returns 20 records, you return record set the Flash.Pagesize variable to return five records at a time...The helloWorld.cfm file is the service address. Returning records in increments to Flash ColdFusion lets you can set results to Flash. Last updated 1/20/2012 DEVELOPING COLDFUSION 9 APPLICATIONS 614 Flex and AIR Integration in ColdFusion 2 Create a ColdFusion page, and save it returns: import mx.remoting.*;