MACROMEDIA COLDFUSION 4.5-ADMINISTRING COLDFUSION... Скачать руководство пользователя страница 330 | Manualshive

Страница: 330 / 350

background image

308

Administering ColdFusion Server

Implementing User Security

The user security feature allows ColdFusion developers to authenticate users and
match protected resources with authorized users. See “Securing Applications with
User Security” on page 294 to learn about user security concepts.

In order to implement user security you must use the ColdFusion Administrator to:

1.

Set up the security server. See “Setting Up a Security Server” on page 299 for more
information.

2.

Set up user directories to authenticate against an NT domain, an LDAP directory,
or an ODBC data source. See “Defining User Directories” on page 301 for more
information.

3.

Create a security context for the application. See “Defining a Security Context” on
page 304 for more information.

4.

Specify individual resources to protect and set up policies that match secured
resources with authorized users and groups.. See “Specifying Resources to
Protect” on page 305 for more information.

After the security framework is in place, developers use the CFAUTHENTICATE tag in
individual application pages (or the

Application.cfm

file) to authenticate users. The

IsAuthenticated and IsAuthorized functions enable developers to offer or deny access
based on the established security policies. Remember that nothing you configured in
the ColdFusion Administrator takes effect until developers enforce the contexts in
their applications. See the CFML Language Reference for more information on
IsAuthenticated and IsAuthorized.

Implementing Server Sandbox Security

ColdFusion Server Enterprise edition supports server sandbox security for hosted
sites. This security feature, controlled by the ColdFusion administrator of a hosted site,
offers runtime security based on directory access at a hosted site. See “Securing
Applications with a Security Sandbox” on page 295 to learn about security sanbox
concepts.

Note

If both user security and server sandbox security are enabled, sandbox
security takes precedence.

In order to implement server sandbox security, you must use the ColdFusion
Administrator to:

1.

Set up the security server. See “Setting Up a Security Server” on page 299 for more
information.

2.

Set up user directories to authenticate against an NT domain, an LDAP directory,
or an ODBC data source. See “Defining User Directories” on page 301 for more
information.

3.

Create a security context for the application. See “Defining a Security Context” on
page 304 for more information.

«
...
328
329
330
331
332
...
»

Содержание COLDFUSION 4.5-ADMINISTRING COLDFUSION...

Страница 1: ...Allaire Corporation Administering ColdFusion Server ColdFusion 4 5...

Страница 2: ...ication may be reproduced stored in a retrieval system or transmitted in any form or by any means electronic mechanical recording or otherwise without the prior written permission of Allaire Corporati...

Страница 3: ...updates xviii ColdFusion manuals xviii ColdFusion Server online documentation xix Printing ColdFusion documentation xix Documentation conventions xx Getting Answers xx Contacting Allaire xx Chapter 1...

Страница 4: ...on Administrator 39 Accessing the Administrator remotely 39 Starting and Stopping ColdFusion 41 Using batch files to start and stop ColdFusion Windows 41 Using scripts to start and stop ColdFusion Sol...

Страница 5: ...ptimizing Purging and Deleting Collections 66 Configuring Server Side Source Control 67 Requirements 67 Using ColdFusion in a Distributed Configuration 68 Distributed ColdFusion and clustering 68 Chan...

Страница 6: ...ing the Oracle 7 3 Native Driver Windows 102 Configuring the Oracle 8 Client Windows UNIX 103 Connecting to DB2 Data Sources 105 Configuring DB2 Options Windows 105 Configuring DB2 Options UNIX 105 Co...

Страница 7: ...oducing ClusterCATS for ColdFusion 155 ClusterCATS for ColdFusion Features 155 ClusterCATS for ColdFusion Components 158 ClusterCATS Server 158 ClusterCATS Explorer 159 ClusterCATS Server Administrato...

Страница 8: ...ColdFusion Security 273 Why Is ColdFusion Security Important 274 Types of ColdFusion Security 275 Choosing a Level of ColdFusion Security 276 Developing Applications 277 Deploying Applications 278 Sec...

Страница 9: ...00 Defining User Directories 301 Defining a Security Context 304 Specifying Resources to Protect 305 Implementing ColdFusion RDS Security 307 Implementing User Security 308 Implementing Server Sandbox...

Страница 10: ...x Administering ColdFusion Server...

Страница 11: ...to install configure and maintain ColdFusion Server Contents Intended Audience xii Welcome to the ColdFusion 4 5 Web Application Server xii Products and System Requirements xii New features in ColdFu...

Страница 12: ...ng and database connectivity again giving you more reliability and new functionality The focus on fundamentals extends to new features As part of a broad new commitment to Java ColdFusion 4 5 has a ra...

Страница 13: ...MB RAM 256 MB recommended for clustering 150 MB hard disk space ColdFusion Server 4 5 Professional Edition for Windows Windows 95 98 or Windows NT 4 0 Intel Pentium or above 50 MB hard disk space 32...

Страница 14: ...and pages more easily by collapsing sections of the code in the editor so you can build sophisticated applications more quickly Function Insight Find the parameters and format for functions instantly...

Страница 15: ...ithout affecting server availability for runtime data source maintenance without server restarts Improved performance Cisco Local Director Integration Deliver very large scale sites with Cisco Local D...

Страница 16: ...ibuted Data Exchange WDDX OS Command Execution Execute OS shell scripts services executables and batch files from within ColdFusion applications LDAP 3 0 Use all the power of LDAP 3 0 for directory ac...

Страница 17: ...ription Allaire Web site www allaire com General information about Allaire products and services Technical Support www allaire com support Allaire offers a wide range of professional support programs...

Страница 18: ...e support options and Allaire products and services For ColdFusion Studio users you can access the documentation update page by clicking on the Help resource tab and browsing your way through the onli...

Страница 19: ...a product CD you can download ColdFusion documentation from the Allaire web site by visiting http www allaire com developer and clicking the Documentation link ColdFusion Studio online documentation...

Страница 20: ...um can help you figure out how to do just about anything with ColdFusion The search facility can also help you search messages going back 12 months allowing you to learn how others have solved a probl...

Страница 21: ...xxi Postings to the ColdFusion Support Forum http forums allaire com can be made any time Sales Toll Free 888 939 2545 Tel 617 761 2100 Fax 617 761 2101 Email sales allaire com Web http www allaire co...

Страница 22: ...xxii AdministeringColdFusionServer...

Страница 23: ...This chapter describes ColdFusion s system requirements and how to install and configure ColdFusion on your platform Contents ColdFusion System Requirements 2 Installing ColdFusion on Windows 5 Instal...

Страница 24: ...s for ClusterCATS Server on page 162 The ClusterCATS system requirements may impact your overall environment requirements ColdFusion Server 4 5 Enterprise Edition for Windows To install and use ColdFu...

Страница 25: ...ck 4 Intel Pentium or higher 32 MB of RAM 128 recommended 50 MB of free disk space A World Wide Web server that supports the NSAPI ISAPI or WSAPI application programming interfaces APIs Specific Web s...

Страница 26: ...Microsoft Personal Web Server PWS WebSite Server API WSAPI Common Gateway Interface CGI A CD ROM drive Solaris Enterprise edition only To install and use ColdFusion on Solaris your system must meet t...

Страница 27: ...equirements may impact your overall environment requirements Installing ColdFusion on Windows This section addresses the following topics about installing ColdFusion on Windows Verifying that a Web se...

Страница 28: ...allation of the ODBC 3 0 drivers Note Because of a problem in the way Verity handles indexing ColdFusion must be installed to a directory path that contains no spaces in the path name This restriction...

Страница 29: ...es The User Information dialog box appears after the Software License Agreement dialog box 7 Enter your name company and ColdFusion serial number in the User Information dialog box and click Next Note...

Страница 30: ...Web Server dialog box appears If your Web server is already installed the ColdFusion Setup program will automatically detect it 9 If your Web server is not one of the ones listed select the Other opt...

Страница 31: ...irectory below the Web server s document directory The Select Install Options dialog box appears 11 Accept the default install options or select those that you want and click Next Note By default Load...

Страница 32: ...ord dialog box appears next 12 Enter a password you will use to access the ColdFusion Administrator in the Password and Confirm fields and press Next The Select ColdFusion Studio Password dialog box a...

Страница 33: ...ostname CFIDE Administrator index cfm where hostname is the name of the server hosting ColdFusion If ColdFusion is not properly installed after following the steps above please call Allaire Customer S...

Страница 34: ...the Apache Web server is running shut down the Web server 2 Copy the cfusion bin ApacheModuleColdFusion dll module to your Apache modules directory For example c Apache modules ApacheModuleColdFusion...

Страница 35: ...3 In the Log On As section click the This Account radio button and enter the appropriate account information Installing ColdFusion on Solaris ColdFusion is distributed as a Solaris package You can use...

Страница 36: ...hoose to automatically configure a Netscape server By default the package file installs ColdFusion into the opt directory If you want to install ColdFusion into a different directory you must create t...

Страница 37: ...l load of unavailable servers in the cluster 12 Enter your Web server s document root directory and press Enter The default document root directory is determined by the Web server you are using 13 Whe...

Страница 38: ...The uninstall script removes your odbc ini file and all Verity collections Therefore you may want to preserve these items by saving them to a new location before uninstalling ColdFusion To uninstall C...

Страница 39: ...spot plugins coldfusion coldfusion so 2 Edit the usr netscape suitespot https smurf config mime types file to add a new ColdFusion type Add the line type magnus internal cold fusion exts cfm dbm 3 Edi...

Страница 40: ...ipt modifies are enclosed by Start BT and End BT comment blocks obj conf Netscape Communications Corporation obj conf You can edit this file but comments and formatting changes might be lost when the...

Страница 41: ...e magnus internal cgi Service fn send cgi Object magnus conf ServerRoot local1 netscape https skagway ServerID https skagway ServerName skagway brighttiger com Start BT Remove Address line from magnus...

Страница 42: ...installed in usr local etc httpd and you installed ColdFusion in opt To add the ColdFusion module 1 Copy the module mod_coldfusion a to your Apache source directory cp opt coldfusion webserver apache...

Страница 43: ...sult the Apache documentation for details README DSO Configure this module into the Apache build by running the following command configure enable module so other apache options make make install If y...

Страница 44: ...n so Note If you have a ClearModuleList directive in httpd conf you will need to add the following directive to the AddModule list as stated by the comments in the httpd conf file AddModule mod_coldfu...

Страница 45: ...lowing topics about installing ColdFusion on Linux Installing ColdFusion on page 23 Uninstalling ColdFusion on page 25 Installing ColdFusion Before installing ColdFusion on Linux please note the follo...

Страница 46: ...nning and press Enter or just press Enter if you are running the default Web server Apache 9 Press Enter to let the installation script automatically configure your Web server for ColdFusion The progr...

Страница 47: ...ClusterCATS the ColdFusion installation script runs first followed by the ClusterCATS installation script The ClusterCATS installation script will prompt you with additional questions about your Web s...

Страница 48: ...26 Administering ColdFusion Server...

Страница 49: ...Fusion Server and describes how to access the ColdFusion Administrator pages Contents Overview of Administering ColdFusion 28 Summary of Administrative Tasks 29 The ColdFusion Administrator 30 ColdFus...

Страница 50: ...cation Accessing the Administrator All administrative operations are performed using the ColdFusion Administrator which you can launch from the ColdFusion 4 0 program group in Windows or by opening th...

Страница 51: ...e ColdFusion data sources for your applications You can configure ODBC data sources or employ a native database driver to access your Oracle or Sybase databases Enterprise Edition only For more inform...

Страница 52: ...lled Information about ColdFusion Administration Subject Where to find it Installing ColdFusion See Chapter 1 Installing and Configuring ColdFusion on page 1 Configuring ColdFusion data sources Chapte...

Страница 53: ...urce Extensions Includes options for registering Java applets and CFX tags custom tags written in C Logging You use the Logging pages to configure a ColdFusion Administrator email address and to Speci...

Страница 54: ...ge 129 ColdFusion Application Server The main ColdFusion Server service ColdFusion pages cannot be processed if this service is not running ColdFusion Executive Polls the ColdFusion Application Server...

Страница 55: ...istry database This process must be running as the root user in order for ColdFusion to function The start script will start this process if it isn t running such as during system startup The stop scr...

Страница 56: ...the service immediately click Startup to configure startup options for ColdFusion Solaris Two scripts are provided to start and stop the ColdFusion processes installdir coldfusion bin start installdi...

Страница 57: ...ervices may be necessary in the following instances To install a new ODBC driver package To replace or upgrade your Web server software To upgrade or reinstall your ColdFusion program files To update...

Страница 58: ...36 Administering ColdFusion Server...

Страница 59: ...8 Enabling External Client State Management 48 Migrating Client Variable Data 50 Enabling Application and Session Variables 51 Locking Variables 53 ColdFusion Java Settings 54 ColdFusion Version Infor...

Страница 60: ...38 Administering ColdFusion Server Using ColdFusion in a Distributed Configuration 68...

Страница 61: ...on Administrator icon in the ColdFusion program group or 2 Open the administrator by loading the following URL in a browser http hostname CFIDE administrator index cfm where hostname is the name of th...

Страница 62: ...ta to control simultaneous access Enabling and configuring ColdFusion application session and client variables Mapping directories ColdFusion version information Data Sources Configures ColdFusion dat...

Страница 63: ...under which ColdFusion runs Changing an existing data source setting such as Page timeout Buffer size or Maintaining database connections Using batch files to start and stop ColdFusion Windows You ca...

Страница 64: ...down etc init d coldfusion etc rc1 d K19coldfusion etc rc3 d S25coldfusion ColdFusion runs the following processes on the system cfexec Starts stops the other processes and manages page scheduling cfs...

Страница 65: ...n rules ColdFusion tag attributes that are not relevant to the execution of a tag will not be allowed When disabled irrelevant attributes may be passed to CFML tags without effect Strict attribute val...

Страница 66: ...ccess to a wide range of operations such as adding or deleting data sources setting server performance options and so on For detailed information about configuring security options in the ColdFusion A...

Страница 67: ...entity of a client visiting your site Identifying clients and customizing page content for users requires the ability to manage client state ColdFusion allows the following ways of managing client var...

Страница 68: ...utomatically expire Client side control Users can configure browsers to disallow cookies ColdFusion limits individual cookie data to 4 KB Netscape Navigator allows only 20 cookies from any one host Co...

Страница 69: ...ual Memory dialog 3 At the bottom of the dialog the current registry size is reported Specify a new maximum registry size in MB Checking registry size UNIX Unlike Windows NT ColdFusion for UNIX does n...

Страница 70: ...t variables since they have already been created when you added the data source for the first server in the cluster If you inadvertently enable the option to automatically create client variable datab...

Страница 71: ...allows you to set a limit to the length of time a client variable remains active You can configure your client variable data source to expire client variables after some number of days you specify As...

Страница 72: ...le data to another data source you need to know the structure of the database tables used to store this information Client variables stored externally use two small database tables with the following...

Страница 73: ...FQUERY NAME global2 DATASOURCE DSN CREATE INDEX id2 ON CGLOBAL cfid CFQUERY CFQUERY NAME global2 DATASOURCE DSN CREATE INDEX id3 ON CGLOBAL lvisit CFQUERY Enabling Application and Session Variables Se...

Страница 74: ...pmc is installed in cfusion bin To monitor ColdFusion Server activity click on the ColdFusion Performance Monitor icon in the ColdFusion Server Program group You can also open the Performance Monitor...

Страница 75: ...ch of the Server Application and Session scopes the Variable Locking Administrator page provides three choices for control none full checking and automatic locking of read accesses Choosing None retai...

Страница 76: ...s the directories for classes used by ColdFusion Initial Heap Size Specifies the JVM initial heap memory size Max Heap Size Specifies the JVM maximum heap memory size System Options Specifies standard...

Страница 77: ...0 Server ColdFusion ProductLevel Stores ColdFusion product level information for example Professional Server ColdFusion SerialNumber Stores ColdFusion serial number information Server OS Name Stores...

Страница 78: ...is facility can help users report errors Note that this e mail address can be overridden in the application framework page Application cfm Log directory The default location for ColdFusion log files i...

Страница 79: ...t and click to enable the Log all email messages checkbox 3 Click Apply to complete the operation Log files created by ColdFusion ColdFusion creates nine different log files ColdFusion Log Files Log F...

Страница 80: ...n and your Web server This file is meant primarily to help Allaire Technical Support personnel customtag log Logs errors generated in custom tag processing remote log The Network Listener Module NLM w...

Страница 81: ...th C ColdFusion allows you to build extensions or custom tags in two ways Using C to code DLLs Windows or shared objects Solaris that provide a custom tag you can use in your application pages Using C...

Страница 82: ...be used to override any parameters you define in the Administrator Registered Applets page Before you can use CFAPPLET to place a Java applet in your CFFORM you must register the applet in the ColdFus...

Страница 83: ...ription Codebase Enter the base URL of the applet the directory that contains the applet components The applet class files must be located within the Web browser root directory Example http servername...

Страница 84: ...TSUPPORTED attribute Parameter Name Enter a name for a required applet parameter Your Java applet will typically provide the parameter name needed to use the applet Enter each parameter in a separate...

Страница 85: ...ldFusion Administrator Mail page to specify a mail server to handle sending automated mail messages from the server Enter a valid mail server either a mail server name or IP address as well as a serve...

Страница 86: ...ags see Developing Web Applications with ColdFusion Using the Verity Collections page The Verity Collections page in the Administrator provides a means for creating collections Collections can also be...

Страница 87: ...nary document types and produce search results that include summaries of these documents The following table lists the supported document types Supported Document Types Documents Versions Text files H...

Страница 88: ...tp my_server cfdocs 6 Click Index ColdFusion populates the collection with data from the specified directory Note that Verity collections including those that index query data can be created using the...

Страница 89: ...trol with ColdFusion SourceSafe client software installed on the same server as ColdFusion Server The account under which ColdFusion runs must have permission to access the SourceSafe server executabl...

Страница 90: ...ally be of a different architecture from the machine hosting the ColdFusion engine It allows more than one Web server to be served by the same ColdFusion engine To provide some degree of security for...

Страница 91: ...all machines also provides a useful baseline environment so that validation can be done in the absence of the remote extensions Should problems arise using ColdFusion in remote mode it s possible to...

Страница 92: ...webserver on Solaris and you want to connect to a ColdFusion server running on Windows NT you might set these values as LOCALPATH usr local apache htdocs REMOTEPATH C Inetpub wwwroot This would map a...

Страница 93: ...buted configuration since for a variety of practical and security reasons ColdFusion will not run in distributed mode if any information in the INI file is missing or incomplete The Network Listener M...

Страница 94: ...pecify p switch and possibly the k switch in the Startup Parameters box in the Services applet Please refer to the list of command line options below To uninstall the listener Invoke cfdist exe with t...

Страница 95: ...In order for verbose commentary to appear on the terminal you must be running in interactive mode Aside from the display of debugging output however there is no difference in operation between running...

Страница 96: ...ly set to be automatically deleted after being read at startup Sample INI file for CFDist AKA the ColdFusion Listener Module Place this file in the root directory of your ColdFusion installation It mu...

Страница 97: ...remote log confirming that remoting is active and what startup parameters except the encryption key were used Valid values Yes No MESSAGE YES The listener also writes various informative messages to t...

Страница 98: ...76 Administering ColdFusion Server...

Страница 99: ...rces 78 Choosing the Right Drivers 80 Adding Data Sources for ColdFusion 82 Verifying ColdFusion Data Sources 85 Connecting to Microsoft SQL Server Databases 87 Connecting to OpenIngress Databases 90...

Страница 100: ...gure the database as a ColdFusion data source You do this using the ColdFusion Administrator Data Sources page The specific databases you can configure for ColdFusion depend on the platform on which C...

Страница 101: ...ybase 11 Driver X X X MERANT dBase FoxPro Driver X MERANT IBM DB2 6000 Driver X MERANT OpenIngress 1 x Driver X MERANT OpenIngress 2 x Driver X MERANT Oracle 7 Driver X MERANT Oracle 8 Driver X MERANT...

Страница 102: ...85 Provides step by step instructions for making sure that a data source has been correctly configured and is available to your ColdFusion application pages Using ColdFusion to Create a Data Source o...

Страница 103: ...drivers tend to offer better performance than their ODBC counterparts Stored procedures are only available through native drivers Software requirements for Native Drivers Before you can use the ColdFu...

Страница 104: ...Providers that go directly to the database are akin to native drivers in providing an alternative to ODBC Providers are available for all the major relational DBMS products as well as the data stores...

Страница 105: ...ch ColdFusion is installed and on the driver you specify For detailed information about options for your driver see the section for your specific database later in this chapter 6 Click CF Settings to...

Страница 106: ...ame and password specified in a CFQUERY or other data access tag overrides the values specified in the ColdFusion login Also when creating a data source using a native database driver you use the user...

Страница 107: ...riod of time no matter how frequently or infrequently it has been used The default is or 0 which means the connection timeout is never enforced Restrict SQL Operations Select the SQL operations you wa...

Страница 108: ...erified appears next to each data source that ColdFusion successfully verified and the word Failed appears next to each data source that ColdFusion could not verify 4 To verify an individual data sour...

Страница 109: ...Option Description Data Source Name A name for your ODBC data source Description A short description of the data source Server The name of the server hosting the database you want to use Use Trusted C...

Страница 110: ...L Server driver prepares a statement by placing it in a procedure and compiling that procedure Translation Convert OEM to ANSI characters If the SQL Server client computer and SQL Server are using the...

Страница 111: ...n page 82 for more information Performance Row Limit The number of rows the driver retrieves from the server for a fetch Enabling this option can increase performance by reducing network traffic Disab...

Страница 112: ...with any particular dbc file Driver Settings Collating Sequence Select the collating sequence you want to use The collating sequence determines the sequence in which the fields are sorted Exclusive Wh...

Страница 113: ...ame including the full path of the database to which you want to connect Server Name The name of the virtual node that you defined using the OpenIngres NETU utility This virtual node tells OpenIngres...

Страница 114: ...er An integer value that specifies in 1024 byte multiples the maximum amount of data that will be transferred to the client for unbound long data result columns Optimize SELECT statements as repeated...

Страница 115: ...iption Data Source Name A name for your ODBC data source Description Descriptive information about the data source Database Directory The path dBase database you want to use as an ODBC data source Dat...

Страница 116: ...onnections Database Version The version number of the dBase FoxPro database you want to use Driver Settings Use lowercase file extension dbf Specifies whether lowercase file extensions are accepted If...

Страница 117: ...n your ColdFusion Server You can find these drivers at http www microsoft com data Microsoft Access ODBC Options Option Description Data Source Name A name for your data source Description Descriptive...

Страница 118: ...Adding Data Sources for ColdFusion on page 82 for more information Microsoft Excel ODBC Options Option Description Data Source Name A name for your ODBC data source Description Descriptive information...

Страница 119: ...ions UNIX ODBC MERANT Text Driver Options Solaris The following table describes ColdFusion ODBC options for data sources created with the MERANT Text driver Microsoft Text ODBC Options Option Descript...

Страница 120: ...ion Server Enterprise edition is installed on a Windows NT server you can configure an Oracle data source using a Native driver Database Directory The directory where the text files are found Extensio...

Страница 121: ...ata Source Name A name for your data source Description Descriptive information about the data source Host String Enter the database alias you created using the Oracle Net8 Easy Config utility To find...

Страница 122: ...33 The PORT 1521 line is the port the tcp listener is assigned to You can look at the etc services file of the UNIX machine where the Oracle server resides to find out what it is The SID WG73 is the i...

Страница 123: ...reinstall the oracle client software Oracle 7 1 users must build the Oracle client shared library libclntsh so for Solaris before the Oracle driver can be used Run the genclntsh script found in the o...

Страница 124: ...y containing the correct library must be on the LD_LIBRARY_PATH before ORACLE_HOME lib Otherwise the original Oracle version will be loaded resulting in an error Troubleshooting the Oracle 7 3 Native...

Страница 125: ...ity can be found in ORACLE_HOME bin net8wiz sh 3 Create the data source in the ColdFusion Administrator Native Drivers page 4 Edit the coldfusion bin start script to include the following values The d...

Страница 126: ...ort number 5 After entering a hostname you enter the Database SID which identifies your specific Oracle database instance The default is ORCL but your database SID might be different See your database...

Страница 127: ...et a name and password each CFML database call must specifically define a username and password 4 Once you have created the data source open the Verify Data Source page in the Administrator to verify...

Страница 128: ...msgmnb 65535 set msgsys msqginfo_msgseg 8192 set msgsys msqginfo_msgssz 16 You must reboot the server for these settings to take effect Add the following settings to the etc services file dbserver1 50...

Страница 129: ...in it that you need to run to set up your environment Environment variables need to be set to run the command line tool db2 Look in the installdir sqllib directory for the db2profile and db2cshrc scr...

Страница 130: ...ne utility db2 2 At the db2 prompt enter the following db2 connect to sample1 user username using password db2 select from employee db2 terminate Data source and start script settings for DB2 UNIX Thi...

Страница 131: ...following syntax db2 CONNECT TO database_name USER userid USING password To bind the MERANT SQL files to the DB2 database The next step is to bind the MERANT SQL files to the database You can use spe...

Страница 132: ...luding ColdFusion Server The stored procedure s name is what you called it in your SQC file The example which follows calls the stored procedure outsrv The create procedure statement looks like this C...

Страница 133: ...See Adding Data Sources for ColdFusion on page 82 for more information about adding data sources to ColdFusion Informix Native Driver Options Option Description Data Source Name A name for your data s...

Страница 134: ...Descriptive information about the data source Database Name The name of the database to which you want to connect Server Host Name The name of the machine on which the INFORMIX server resides Use INFO...

Страница 135: ...ou will point to in the start script as INFORMIXDIR Run the script installclientsdk to install the client SDK Before you continue make sure that you can connect to the Informix server from a client ot...

Страница 136: ...ime to wait for lock in distributed env RESIDENT 0 Forced residency flag Yes 1 No 0 Stopping and restarting ColdFusion services When you ve completed all the steps in this section you will need to sto...

Страница 137: ...server and the name of the demo database is stores7 Using the Start button in the Windows taskbar go to Programs Informix CLI 32 and select Informix Setnet 32 Configure the Informix Setnet32 utility a...

Страница 138: ...a source as described in Verifying ColdFusion Data Sources on page 85 to make sure it is configured properly If verification fails check the system environment variables To check the system environmen...

Страница 139: ...usion uses both native and ODBC drivers to connect to Informix databases ColdFusion 4 5 supports Informix 7 3 and higher Configuring Sybase System 11 Options Windows If ColdFusion Server Enterprise ed...

Страница 140: ...figure a ColdFusion data source See Adding Data Sources for ColdFusion on page 82 for more information about adding data sources to ColdFusion Sybase System 11 Adaptive Server 11 5 Native Database Dri...

Страница 141: ...dFusion make sure the SYBASE environment variable that you set up in the ColdFusion start Workstation ID The workstation ID used by the client Performance Row Limit The number of rows the driver retri...

Страница 142: ...ry directory to the FRONT of this list Example LD_LIBRARY_PATH SYBASE lib usr dt lib lib usr openwin lib CFHOME lib LD_LIBRARY_PATH SYBASE lib usr dt lib lib usr openwin lib CFHOME lib This is the lis...

Страница 143: ...BODY Before running this code you need to create the newtable data source in the ColdFusion Administrator specifying the Merant dBase FoxPro ODBC driver CFQUERY NAME xs DATASOURCE newtable CREATE TABL...

Страница 144: ...1999 08 01 00 00 00 000000 Deep rich high altitude flavor CFQUERY CFQUERY NAME xs DATASOURCE newtable INSERT INTO Beans1 VALUES 4 P Guatamala 15 ts 1999 08 01 00 00 00 000000 Organically grown CFQUERY...

Страница 145: ...s Often the two are combined to allow the periodic regeneration of data that doesn t need to be available dynamically to a ColdFusion application Contents About Scheduling ColdFusion Pages 124 Schedul...

Страница 146: ...heduled page executes a message is written to a log file schedule log which specifies the name of the scheduled action the page that was executed and whether the page executed successfully or not For...

Страница 147: ...llowing Intervals when scheduling a recurring ColdFusion event Daily Weekly Monthly One time Daily at specified intervals To define the start end time and interval 1 Open the ColdFusion Administrator...

Страница 148: ...e scheduled task For example you could schedule a page that generates an employee list every night and make the page output available to end users You do this by specifying an output directory and pag...

Страница 149: ...g and stopping ColdFusion services on Windows NT see Chapter 3 Configuring ColdFusion Server on page 37 Logging Scheduled Events ColdFusion writes information about all scheduled events to a log file...

Страница 150: ...128 Administering ColdFusion Server...

Страница 151: ...ize and administer your ClusterCATS server clusters Contents What is Scalability 130 Issues Affecting Successful Scalability Implementations 132 What is Web Site Availability 144 Techniques for Creati...

Страница 152: ...urance testers should test and measure an application s performance prior to deployment to establish acceptable quality benchmarks If all of these efforts are performed well consequently you are able...

Страница 153: ...relative to resources means that with a constant load performance improves at a constant rate relative to additional resources Caching and resource management overhead affect an application server s a...

Страница 154: ...fferent methods that you can use to achieve load management hardware based solutions software based solutions including round robin Internet DNS or third party clustering packages hardware and softwar...

Страница 155: ...ition the application This section discusses the following topics to consider when designing and building a Web application Application session and state management Single threaded vs multi threaded a...

Страница 156: ...page 207 Single threaded vs multi threaded application connections Another major issue that Web developers must consider when constructing their applications is whether or not the application will be...

Страница 157: ...sm such as a SQL WHERE clause then the HR Director would receive a message informing her that she could not access the employee record because it was in use thereby alerting her that the HR Generalist...

Страница 158: ...oled and maintained and whether or not stored procedures are implemented for frequent database access all directly impact the application s performance The way in which architects and Web developers d...

Страница 159: ...Web application Therefore when planning the physical design of the system be sure to investigate carefully the network topology that will be implemented to ensure that existing servers are up to the t...

Страница 160: ...ffects on site performance and availability Internet DNS is a powerful and successful mechanism that has enabled huge numbers of individuals and organizations to create easily locatable Web sites on t...

Страница 161: ...types server aliases and round robin distribution Zones and domains A Domain Name System is composed of a distributed database of names The names in the DNS database establish a logical tree structur...

Страница 162: ...er for ColdFusion s load balancing and failover technology to work correctly These records must be defined and configured on your local and primary DNS servers A Record This record contains a host nam...

Страница 163: ...ve On the Windows platform you make these DNS entries using the Domain Name Service Manager utility On UNIX platforms you make these DNS entries in the name db file which is read by the DNS server s B...

Страница 164: ...d use actual users to simultaneously access the site to perform load testing However this is often a difficult activity to accomplish well because it introduces many human variables Therefore it is ty...

Страница 165: ...e and what is the best way to implement the fixes After the changes are made and a new build of the application is available you ll rerun the tests to look for performance improvements Again you ll re...

Страница 166: ...se in your environment uses network services You should now have a good overview of what scalability implies the core elements that comprise it some of the issues that affect successful implementation...

Страница 167: ...e CFS returns the results back to the Web server which in turn returns an HTML response back to the browser For all of this to occur correctly and within acceptable time frames the CFS itself must rem...

Страница 168: ...n s availability reliability and performance to be compromised Similarly if the Web server software crashes or acts erratically it will likely cause the Web server to stop running when you didn t inte...

Страница 169: ...Although the application may have contained many useful features and capabilities the customers were not able to use them for very long because the site s performance degraded to the point that the si...

Страница 170: ...he primary server and uses an inexpensive lower quality server for the backup server in case the primary server fails Parallel Servers This model is known as a classic load balancing redundancy model...

Страница 171: ...ides notifying the administrator that a problem has occurred you also want your failover solution to automatically redirect traffic intended for the unavailable server to other available servers until...

Страница 172: ...ts to the cluster members that are available Some hardware based failover devices that have less built in intelligence require an administrator s intervention once the failure is detected Clustering c...

Страница 173: ...er stops sending packets to the unresponsive server Routers are not considered fully intelligent because while they can redirect requests upon discovering a failure they do not allow you to configure...

Страница 174: ...application server Limited intelligence The device does not allow you to configure individual load and redirection thresholds for each server in a cluster and therefore it is unable to effectively man...

Страница 175: ...The following benefits make a software based clustering solution attractive Relatively low expense Compared to the cost of hardware devices such as routers or switches software based clustering soluti...

Страница 176: ...y low complexity Others introduce a higher level of complexity because of the features offered the amount of initial configuration and subsequent administration or the amount of integration that needs...

Страница 177: ...Features The ClusterCATS technology embedded in ColdFusion Enterprise provides robust features for load balancing and failing over servers This section describes the following ClusterCATS features Ne...

Страница 178: ...have a Windows machine NT 98 or 95 on which to install the Windows based Explorer you can use the Web based ClusterCATS Explorer together with included server utilities to administer your cluster memb...

Страница 179: ...ion Server Session Aware Load Balancing This feature ensures that your e commerce applications maintain their state when users are in the process of shopping ordering or paying for their purchases Som...

Страница 180: ...sts of three components ClusterCATS Server ClusterCATS Explorer ClusterCATS Server Administrator All of the components are installed on a machine when you run the ColdFusion Server installation progra...

Страница 181: ...from a centrally located computer that is not in the same location as the cluster This flexibility allows administrators in different geographic locations the ability to administer distributed cluster...

Страница 182: ...aphical Windows based utility that lets you perform various server administration activities including adding and removing the ClusterCATS filter from the Web server service stopping and starting the...

Страница 183: ...notes Verify system requirements Configure your primary DNS server Configure your Web server s network settings Configure ClusterCATS for use across firewalls Review the release notes Frequently users...

Страница 184: ...erCATS Server Sun SPARC workstation 100 MB of free disk space 128 MB of RAM more recommended Solaris operating system v 2 51 or greater with Patch 103582 18 or higher Netscape Enterprise Server v3 5 1...

Страница 185: ...b Explorer Use the ClusterCATS Web Explorer if you have a UNIX only environment and cannot obtain a Windows machine to run the Explorer Install the ClusterCATS Web Explorer program on a UNIX server th...

Страница 186: ...se name translations For example forward translation entries A records would look like this Reverse translation entries PTR records are just the opposite and would look like this It s important that y...

Страница 187: ...cal DNS server typically resides at the facility where the Web servers are hosted 3 If the local DNS server does not have the mapping it goes out to the Internet and locates the primary DNS server to...

Страница 188: ...tion technique but it cannot manage load because it is unable to react to increases in server traffic It also cannot detect server failures nor redirect requests among available servers ClusterCATS co...

Страница 189: ...stributes the initial domain level requests across all four servers Thereafter ClusterCATS distributes load to avoid failed or overloaded servers To configure DNS records on your Windows NT DNS server...

Страница 190: ...he IP address of a server that will host the site in the Host IP Address field Note Do not enable the Create Associated PTR Record check box You only want forward mappings associated with the site nam...

Страница 191: ...le and Highly Available Web Sites 169 Your entries should look similar to the following entries when you re done 7 Right click the zone for your Web site again and select New Record The New Resource R...

Страница 192: ...t name 9 Enter the Host name and corresponding IP address for an explicit Web server that will host your Web site in the Host Name and IP Address fields respectively For example your explicit Host Nam...

Страница 193: ...ortant server failover concepts ClusterCATS uses an IP keep alive strategy to accomplish transparent server failover when a Web server fails This process involves each server in the cluster listening...

Страница 194: ...point to your local DNS server Configuring ClusterCATS offline maintenance support NT only Configuring your Web server to point to your local DNS server You must configure each Web server in your clu...

Страница 195: ...right if applicable to specify the order in which the DNS servers will be accessed 10 Click OK in all open dialog boxes and close the Windows Control Panel To configure UNIX based Web servers to refer...

Страница 196: ...rience three to five minutes of downtime on failover recovery due to an automatic system reboot that occurs when a system comes back online following failover Once you put a server in maintenance mode...

Страница 197: ...ter I enter a static IP address for the server in its IP stack via the NIC if one doesn t already exist 2 I then remove the Web site s IP address from the server s IP stack also via the NIC 3 I open t...

Страница 198: ...176 Administering ColdFusion Server...

Страница 199: ...server s host name is not the same as the Web site s name Assigning a static IP address to each server s NIC If your cluster consists of Windows NT servers assign a static IP address to each server s...

Страница 200: ...ompt For example nslookup wwwx company com nslookup nnn nnn nnn nnn where wwwx is the explicit server name and nnn represents the numeric values of that server s IP address To learn how to put a serve...

Страница 201: ...maintenance support Note If you use Netscape Enterprise Server as your Web server you must create the cluster members before you delete the Web site IP addresses from the NIC For IIS you create cluste...

Страница 202: ...boxes to apply your configuration and to close the Windows Control Panel 6 Reboot your system for these changes to take affect Adding your Web sites IP addresses to your Web server You must assign a u...

Страница 203: ...and Highly Available Web Sites 181 2 Locate the Web server and expand its tree structure 3 Right click the Web site for which you want to configure the IP address and choose Properties The Web Site Pr...

Страница 204: ...sed Web servers See the documentation that came with your Web server for specific procedures about how to configure Web site IP addresses on your server Verifying that the server s host name is not th...

Страница 205: ...Chapter 6 Creating Scalable and Highly Available Web Sites 183 3 Click the DNS tab...

Страница 206: ...environments today rely on firewalls to securely control access to proprietary knowledge that resides on public Internet sites internal intranet sites or private extranet sites You can configure Clust...

Страница 207: ...icate with one another across firewalls Port 9129 for TCP and UDP access Opening port 9129 on a firewall allows the ClusterCATS Explorer to communicate with multiple distributed server clusters across...

Страница 208: ...The ColdFusion v4 5 Setup program starts and displays the ColdFusion Setup Welcome page 5 Click Next in the Welcome and Software License Agreement dialog boxes The User Information dialog box appears...

Страница 209: ...7 Accept or change the default destination folder and click Next The Select Web Server dialog box appears If your Web server is already installed the ColdFusion Setup program will automatically detec...

Страница 210: ...tion and example code are installed in a subdirectory below the Web server s document directory The Select Install Options dialog box appears 10 If you ve already installed ColdFusion and just want to...

Страница 211: ...3 Mount the CD ROM on cdrom cdrom0 if necessary If the Solaris Volume Manager is active you won t need to mount the CD 4 Type pkgadd d cdrom cdrom0 to start the installation process 5 Enter cfusion at...

Страница 212: ...directory is docroot 13 Do not install Advanced Security at this time enter n when prompted and press Enter 14 Enter the password you want to use to access the ColdFusion Administrator which allows y...

Страница 213: ...ides or provide a different location and press Enter The default location is etc httpd conf 9 Press Enter to have ClusterCATS monitor all cluster members servers for failures 10 If you want ClusterCAT...

Страница 214: ...ne and configure required load balancing and high availability features for your server clusters Note While you can create server clusters manually using the ClusterCATS Explorer menu options it s eas...

Страница 215: ...oose Cluster Setup Wizard from the Configure menu Alternatively you can click the Cluster Setup Wizard icon that appears in the tool bar The Create New Cluster dialog box appears 3 Enter a name for yo...

Страница 216: ...4 Click Add to add available Web servers to your cluster The Add New Server dialog box appears 5 Enter the fully qualified TCP IP host name of a Web server in the New Web Server Name field for exampl...

Страница 217: ...7 Select the ClusterCATS Maintenance Support check box to enable support for offline maintenance 8 Enter the fully qualified host name of the maintenance address for example serv1 yourcompany com in t...

Страница 218: ...performance 13 Click Next The Alert Notification dialog box appears 14 Enter the name of your outbound SMTP mail server in the SMTP Mail Server field and the e mail address for a recipient of cluster...

Страница 219: ...that are different If there are multiple recipients for the same alert event separate your e mail address entries with commas Click OK to return to the Alarm Notifications dialog box and then Click N...

Страница 220: ...vice in addition to ClusterCATS to manage and distribute load enter the name of the Web site that this device supports for example www yourcompany com and click Next 19 Click Finish ClusterCATS create...

Страница 221: ...vironment Creating clusters manually If you do not want to create your clusters using the Cluster Setup Wizard you can create them manually To create clusters manually using the ClusterCATS Explorer 1...

Страница 222: ...Manager 5 If you are not configuring this Web server for offline maintenance support go to step 8 However if you already configured this Web server with a maintenance IP address as described in Config...

Страница 223: ...eleting cluster members You add servers to and delete servers from a cluster one at a time using the ClusterCATS Explorer To add a cluster member to a cluster 1 Open the ClusterCATS Explorer and selec...

Страница 224: ...ster member to the cluster If you need help in configuring the maintenance IP address see Assigning a static IP address to each server s NIC on page 177 Offline maintenance support is only available o...

Страница 225: ...features perform the following tasks before activating them Configuring server load thresholds Configuring session aware load balancing Configuring ColdFusion probes Integrating ClusterCATS with load...

Страница 226: ...By default the Peak load threshold is 90 and the Gradual Redirection threshold is 70 These default settings adequately handle HTTP traffic going across most Web sites However if your Web site is part...

Страница 227: ...r apart so that there is a differential of at least 10 between the two threshold values 6 Click OK to apply your new threshold settings Viewing a cluster s load status ColdFusion reports its load data...

Страница 228: ...sual display To set or change threshold settings using this method you use your mouse to drag the Peak and Gradual Redirection threshold lines to their desired settings instead of entering numeric val...

Страница 229: ...correctly To overcome this problem ClusterCATS provides a session aware load balancing feature that lets you maintain application state in a clustered environment Using session variables and session a...

Страница 230: ...r for which you want to enable session aware load balancing and choose Administration from the Configure menu Alternatively you can right click on the cluster and select Configure Administration The C...

Страница 231: ...s requests to other available servers in the cluster The restricted server will become available as soon as the probe returns a valid value Additionally if the ColdFusion Server ever hangs or fails Cl...

Страница 232: ...llation directory 7 In the Startup Parameters field replace URL with the actual URL of the site you want the probe to access and replace success string with a text string that appears on a page on the...

Страница 233: ...etwork congestion for example rather than detecting an actual failure on the ColdFusion Server Allaire recommends you set your Timeout and Frequency intervals to 120 seconds 10 Click Register to creat...

Страница 234: ...f the Gradual Redirection load threshold when using these two load balancing technologies together See Configuring server load thresholds on page 203 for turning off gradual redirection This section d...

Страница 235: ...perties from the Cluster menu or choose Administration from the Configure menu Both menu selections display the Properties dialog box The Properties dialog box appears 8 Select the Load Balance tab an...

Страница 236: ...explicit real servers on the LocalDirector box in the Bind ID field In order for the ClusterCATS LocalDirector integration to work as intended the server name port number and bind ID combination must...

Страница 237: ...on packet flow while ClusterCATS monitors ColdFusion load and availability If ClusterCATS detects that the ColdFusion Server is becoming overloaded it will supersede the load balancing device and red...

Страница 238: ...e person you want to receive e mail notification of the event 4 Repeat step 3 for each event you want to be notified about Click Propagate to send all notifications to the same e mail address 5 Enter...

Страница 239: ...e mail Sends an automatic e mail nightly to Allaire s Technical Support team that contains basic configuration information about your cluster This information enables Allaire to provide optimal suppo...

Страница 240: ...ou enable the ClusterCATS administration security for a specific cluster only authorized users are able to access and administer that cluster using their ClusterCATS Explorer ClusterCATS provides thre...

Страница 241: ...l users of a server must have an account on the server where the Web server resides For example if a cluster includes several Web servers and you only have an account on one then you can only administ...

Страница 242: ...authenticate administrators that have been added to a Windows NT domain user group Note This authentication mode can only be used on NT servers Before you can enable NT domain authentication on any sp...

Страница 243: ...and description for the group in the applicable fields Your global group name must be BT_clustername where clustername is the name of your ClusterCATS cluster 4 Click Add to add the administrators yo...

Страница 244: ...use ClusterCATS Explorer to view and administer clusters using the ClusterCATS Explorer Disabling authentication Disabled authentication lets any user use the ClusterCATS Explorer to create configure...

Страница 245: ...Common Cluster Administration Tasks After you ve created your clusters and configured them with load balancing and high availability features they ll likely run inconspicuously in your environment fo...

Страница 246: ...y to that server without any ClusterCATS processing To change a cluster member s state from Active to Passive 1 Open the ClusterCATS Explorer select a cluster member and choose State from the Configur...

Страница 247: ...Within the Server Access area of the dialog select Restricted This option ensures that HTTP requests sent explicitly to the specific cluster member are redirected to another server within the cluster...

Страница 248: ...S Explorer and select a cluster member that you want to update 2 Right click the cluster member and choose Configure Load The Properties dialog box appears for the selected cluster member with the Loa...

Страница 249: ...227 6 Click the BT Service Status button to display the Manage ClusterCATS Services dialog box 7 Stop the ClusterCATS service by selecting the Stopped option and enter 10 minutes in the Drain Down Per...

Страница 250: ...explains how to restrict an active cluster member so that you can make necessary updates To update an existing cluster member with new software or content 1 Perform steps 1 through 8 in Putting a clu...

Страница 251: ...r 6 To initially limit the amount of HTTP traffic sent to the server return to the ClusterCATS Explorer and reconfigure the cluster member s Peak Load threshold to a low value like 10 7 Click OK 8 Wit...

Страница 252: ...ration to its original pre clustered state You can only do this by using the ClusterCATS Server Administrator that is installed on each cluster member Using the ClusterCATS Explorer to delete cluster...

Страница 253: ...TS Web Explorer It allows administrators in UNIX only environments to use a graphical cross platform Web based utility to create configure and administer ClusterCATS clusters You can only install the...

Страница 254: ...can only access the ClusterCATS Web Explorer through the defined communications port on your Web server You configure this user defined port using the Netscape Enterprise Server Administrator not the...

Страница 255: ...ur user name and password in the appropriate fields and click OK Note The default user name and password is admin The ClusterCATS Web Explorer opens Creating clusters 1 From within the open Web Explor...

Страница 256: ...ort Web and so on 3 Enter the fully qualified host name for example doc allaire com in the Web Server Name field for the first server you want to be a member of this cluster Note You cannot create an...

Страница 257: ...eb Sites 235 Adding cluster members 1 Open the ClusterCATS Web Explorer if it s not already opened 2 Click the Add Server link The Add Server page appears 3 Enter the fully qualified host name for exa...

Страница 258: ...ster the cluster is also deleted and you are returned to the default page of the ClusterCATS Web Explorer If you want to delete a cluster you must delete all of its members Configuring server load thr...

Страница 259: ...of your cluster members perform the following procedures To configure Peak and Gradual Redirection thresholds 1 Open the ClusterCATS Web Explorer if it s not already open 2 Click the Show Cluster link...

Страница 260: ...usion Server 4 Click the Server Attributes link The Connect to Server page appears 5 Select the server you want to connect to from the Web Server Name drop down box and click OK The selected server s...

Страница 261: ...appears for the selected server 7 Enter new values in the Standard and Gradual Load Threshold fields and click OK If you want the server to be able to handle as much load as possible set both threshol...

Страница 262: ...URL over periodic intervals and verifies its validity against a user defined string that is contained in the returned page If the validation test succeeds inbound HTTP requests will continue to be sen...

Страница 263: ...241 3 Enter the fully qualified host name of the server for which you want to configure the ColdFusion probe in the Web Server Name field and click OK The Cluster Member List page appears 4 Click the...

Страница 264: ...Server 5 Select the server you want to connect to from the Web Server Name drop down box and click OK The selected server s Properties page appears 6 Click the ColdFusion Probe link The ColdFusion Ap...

Страница 265: ...Server on detecting a failure However remove it if you do not want ClusterCATS to be able to automatically restart the ColdFusion Server upon detecting a failure 10 If you want longer intervals for h...

Страница 266: ...page Absolute hyperlinks route the HTTP request back to the cluster entry point and redirect requests according to the current load threshold without regard to the state of the requesting client To a...

Страница 267: ...e Web Sites 245 4 Click the Administration link under Cluster Attributes The Cluster Administration page appears 5 Enable the Session Aware Load Balancing check box and click OK Session aware load bal...

Страница 268: ...e You cannot integrate ClusterCATS with Cisco LocalDirector using the Web Explorer This capability is only available in the Windows based ClusterCATS Explorer To integrate your clusters with a load ba...

Страница 269: ...utes The Cluster Administration page appears 5 In the Load Balancing Product field enter the URL of the Web site for which the load balancing product has been set up to manage HTTP traffic 6 Click OK...

Страница 270: ...event triggers the alarm you are notified by e mail To configure administrator alarm notifications 1 Open ClusterCATS Web Explorer if it s not already open 2 Click the Show Cluster link The Show Clust...

Страница 271: ...ink The Alarm Notification page appears 5 Enter the e mail address of the person you want to be notified about the occurrence of an event in that event s corresponding field If you want multiple peopl...

Страница 272: ...name and IP address of each server in the cluster Files total number of files in the Web servers root directory Disk space total amount of disk space used and remaining on the system drive that conta...

Страница 273: ...tes 251 3 Enter the fully qualified host name of a server for which you want to configure administrator e mail support in the Web Server Name field and click OK The Cluster Member List page appears 4...

Страница 274: ...elivered in the SMTP Gateway field and click OK The ClusterCATS Report and Support e mail options are enabled Configuring administrator authentication Using the Web Explorer you can configure two admi...

Страница 275: ...e Show Cluster link The Show Cluster page appears 3 Enter the fully qualified host name of the server for which you want to configure administrator authentication in the Web Server Name field and clic...

Страница 276: ...dvertently lock yourself out of the cluster Changing cluster members state All cluster members are added to a cluster in Active state by default In Active state ClusterCATS provides availability and f...

Страница 277: ...from Active to Passive 1 Open ClusterCATS Web Explorer if it s not already open 2 Click the Show Cluster link The Show Cluster page appears 3 Enter the fully qualified host name of the server that yo...

Страница 278: ...Server 4 Click the Server Attributes link under Other The Connect to Server page appears 5 Select the server you want to connect to from the Web Server Name drop down box and click OK The selected ser...

Страница 279: ...ars for the selected server 7 Select Active or Passive from the State drop down box and click OK If you selected Passive the ClusterCATS load balancing and failover capabilities are now disabled for t...

Страница 280: ...ns including server maintenance server software updates and as a load management method To restrict an active cluster member from receiving HTTP requests 1 Open ClusterCATS Web Explorer if it s not al...

Страница 281: ...lable Web Sites 259 4 Click the Server Attributes link under Other The Connect to Server page appears 5 Select the server you want to connect to from the Web Server Name drop down box and click OK The...

Страница 282: ...er Administration page appears for the selected server 7 Select Restricted from the Restriction Status drop down box and click OK The selected server will no longer participate in the cluster and will...

Страница 283: ...ity to Start and stop daemons Configure ClusterCATS options Enable and disable options Show and reset clusters Display btadmin online help Start and stop daemons Use the following command line syntax...

Страница 284: ...S options btadmin enable disable option You can enable or disable the following ClusterCATS options with btadmin Below are examples of how you enable and disable ClusterCATS options with the btadmin u...

Страница 285: ...syntax to start and stop a Netscape or Apache Web server bt start server bt stop server f Note Use the f option to stop the Web server without being prompted for confirmation btcfgchk utility The btc...

Страница 286: ...e domain name Make sure no typos appear in these names in your DNS definitions both on the DNS server and on each cluster member s DNS definition To verify that the host name is correct enter the foll...

Страница 287: ...in name or does not map to configured IP address The host name maps to more than one IP address round robin DNS or maps to an IP address not found on this machine Use the ClusterCATS hostinfo utility...

Страница 288: ...of the DNS table and the round robin addresses appear under the Addresses section sniff utility The sniff utility is a network management tool that displays the packets that a specific Network Interf...

Страница 289: ...ations ability to scale and perform To learn more about these and other related topics in greater detail consult additional resources The following list of technology white papers books and other Web...

Страница 290: ...site at http www itmcenter com Books The following books provide excellent detailed information on Web scalability failover and performance issues Derfler Frank and Steve Rigney TCP IP A Survival Gui...

Страница 291: ...g CGI with ColdFusion This chapter describes how to use ColdFusion with a Web server that does not support one of the major APIs Contents CGI vs Web Server APIs 270 Limitations of CGI 270 Referencing...

Страница 292: ...sion application server through a DLL In addition to introducing server APIs many server vendors have created document type mapping so that individual document extensions can be associated with a proc...

Страница 293: ...ation page file to use in processing the request To pass parameters to the script you append a to it and then specify a list of parameters in a key value format delimited by the character For example...

Страница 294: ...only specify myquery cfm to refer to it If you create subdirectories within the cfdocs directory you can reference application pages within them using their subdirectory names For example if you put...

Страница 295: ...usion Server Basic and Advanced security features that allow you to protect a wide variety of ColdFusion resources Contents Why Is ColdFusion Security Important 274 Types of ColdFusion Security 275 Ch...

Страница 296: ...orized access The risk of exposing sensitive information to unauthorized users is the biggest and most complex security risk because the Internet effectively links every computer to one large network...

Страница 297: ...prise editions include Advanced Security features that provide scalable granular security for building and deploying your ColdFusion applications Application development Control access to files data s...

Страница 298: ...ity is never absolute Technology is fast evolving and the Web is by nature an environment that favors openness and access over privacy and security You should regularly review your security plans to m...

Страница 299: ...dvanced security on application development and deployment and on administrative access to ColdFusion Server Remember that when you select Basic or Advanced security you re making a global choice that...

Страница 300: ...iguration than using Basic security but the benefits you ll see in streamlined development processes are well worth the time you ll invest With Advanced security you must specify the data sources and...

Страница 301: ...developers don t need to create customized directories or databases to authenticate users Advanced Security can automatically authenticate users against existing LDAP directories NT domains or ODBC da...

Страница 302: ...ay be desirable if you re implementing ColdFusion in a small group where no one person is a designated administrator and everyone pitches in with administrative tasks The liabilities of using Basic se...

Страница 303: ...security bulletins and technical briefs that provide information about issues Allaire believes are significant The Security Zone also contains an extensive list of non Allaire sites where you can go...

Страница 304: ...282 Administering ColdFusion Server...

Страница 305: ...ver resources with password access This chapter describes configuration options for basic ColdFusion security Contents About Basic Security 284 Configuring Basic Remote Development Security 284 ColdFu...

Страница 306: ...he first time you are prompted to enter the password We recommend that you continue to use Administrator security until you complete the ColdFusion server configuration Once you ve determined your sec...

Страница 307: ...tive Drivers page configure ColdFusion settings to allow only certain SQL operations such as SELECT and INSERT in interactions with the data source ColdFusion Remote Development Services RDS ColdFusio...

Страница 308: ...network drives Access is determined by the network permissions of user logged into workstation where Studio is being run FTP based Connects to an FTP server running on same machine as the target web...

Страница 309: ...abase and file access from Studio Separate Studio and Administrator passwords allow you to separate access control to ColdFusion data sources and files and Administrator pages Note Whenever you make a...

Страница 310: ...Basic Security link You see the Basic Server Security Page 2 Under Tag Restrictions remove the check mark from the check box that appears in front of each tag you want to disable You can block executi...

Страница 311: ...rity Implementations 294 Creating an Advanced Security Framework 297 Installing Advanced Security 298 Setting Up a Security Server 299 Defining User Directories 301 Defining a Security Context 304 Spe...

Страница 312: ...Basic security which automatcally password protects your resources Advanced security provides a self enforced security framework that must be explicitly enforced by developers in the applications they...

Страница 313: ...ColdFusion applications Using existing NT or LDAP provides an added bonus User groups to whom you assign security priveleges automatically inherit changes to group membership no additional maintenanc...

Страница 314: ...ss rights to a set of users A policy matches resources to users or user groups that is it grants a group of users access to specified resources For example you can create a policy that gives members o...

Страница 315: ...ral applications If you are deploying a more complex application you may need to create more than one security context for that application alone If you re managing a fairly small homogeneous group of...

Страница 316: ...uring Applications with User Security User Security authenticates users in a ColdFusion application and then assigns privileges based on the applicable ColdFusion security context For example suppose...

Страница 317: ...ould only be able to access the data source pi_dsn and the files in the directory c development pi The Gamma team should only be able to access the data source gamma_dsn and the files in the c develop...

Страница 318: ...on is generally necessary to set up ColdFusion Server for your application In some cases it s feasible for a single person to perform all the necessary administrative tasks Many times though you ll wa...

Страница 319: ...andbox or administrator security you ll follow the same basic steps for creating the framework 1 Set up the security server See Setting Up a Security Server on page 299 for more information 2 Set up u...

Страница 320: ...ust choose the Advanced Security option when installing ColdFusion 4 0 See Chapter 1 Installing and Configuring ColdFusion on page 1 for more information about installing ColdFusion Server To install...

Страница 321: ...the other servers in the cluster all point to the security server to authenticate and authorize users and groups You can only administer Advanced security from the security server You can t administe...

Страница 322: ...ty information You can load this cache at startup By default it is notified of administrative changes to the policy store once every minute The information stored in this cache is used to determine if...

Страница 323: ...tricted for use in conjunction with security access control policy storage and user authentication and cannot be used for any other purpose Only Netscape supplied Directory Server administration tools...

Страница 324: ...bled when accessing an LDAP server over Secure Sockets Layer SSL 7 Leave the Add User Directory to Existing Security Context check box selected to add users from this user directory to existing securi...

Страница 325: ...ow these steps to use this sample database to test the ODBC username password authentication 1 Use the ColdFusion Administrator to create an ODBC data source using the Microsoft Access ODBC driver Be...

Страница 326: ...Each ODBC data source you use for authenticating users requires a section of the same name in this INI file The section must contain the appropriate SQL statements to authenticate users You can use th...

Страница 327: ...es and policies for this context Specifying Resources to Protect When you define a security context you specify the types of resources to protect for example files and directories Now you must specify...

Страница 328: ...alog are different for each resource type For example if you select CFML Tags you see a drop down list that contains all the ColdFusion tags if you select Files and Directories you see a text box wher...

Страница 329: ...in ColdFusion Studio See Securing Resources with RDS Security on page 295 to learn about RDS security concepts In order to implement RDS security you must use the ColdFusion Administrator to 1 Set up...

Страница 330: ...IsAuthenticated and IsAuthorized functions enable developers to offer or deny access based on the established security policies Remember that nothing you configured in the ColdFusion Administrator tak...

Страница 331: ...ased on priveleges assigned through a Windows NT domain Choosing Security Context protects ColdFusion resources based on priveleges assigned through a security context 8 Click Add You see the New Sand...

Страница 332: ...Admin Note Before you can configure ColdFusion Administrator security you must know how to create a user directory If you don t know how to create a user directory see Defining User Directories on pa...

Страница 333: ...ple shows you how to limit ColdFusion Studio access to a specific set of files and or data sources on a remote server based on username password authentication For this example assume you are responsi...

Страница 334: ...For an NT user directory enter the server name in the form domain_name server_name 2 Enter the server name or a TCP IP address for the LDAP option If you specifiy an LDAP directory you can fill out th...

Страница 335: ...Current Security Context drop down box 3 In the Resource Browser select DATASOURCE and then click the Add Resource button at the bottom of the page You see the Add Resource dialog 4 Enter the asterisk...

Страница 336: ...rized to access any files or data sources in the RDSService security context All of these resources have been protected with the wildcard rule and no one has been granted permission to access them To...

Страница 337: ...rs and groups to the policies you created To add users and groups to policies 1 From the Policy page select the MARS policy and click the Users button The Users page indicates that no users are curren...

Страница 338: ...the Use Security Server Cache check box on the Advanced Server Security page to improve the performance of the authentication process Now when a user authenticates from ColdFusion Studio to this RDS h...

Страница 339: ...umented tags and functions more widely known The availability of the undocumented tags potentially gives developers who have permission to place applications on a ColdFusion server the ability to gain...

Страница 340: ...ColdFusion SMTP mail server CFUSION_GETODBCINI Gets ODBC data source information from the Registry CFUSION_SETODBCINI Sets ODBC data source information in the Registry CFUSION_GETODBCDSN Gets the ODBC...

Страница 341: ...failure 216 notification frequency 216 Probe failure 217 server busy 216 server unreachable 217 alarms ClusterCATS failover 217 types defined 216 Allaire xx contacting xx headquarters xx sales xxi tec...

Страница 342: ...eating clusters with Setup Wizard 192 defined 155 deleting a cluster 203 deleting members from clusters 202 disabling administrator authentication 222 252 ease of use features 156 email support option...

Страница 343: ...ing 66 purging 66 repairing 66 Common failures 146 Configuring Apache on Solaris 20 22 Apache on Windows 12 cluster maintenance mode 225 cluster member states 224 ColdFusion Probe 208 ColdFusion user...

Страница 344: ...s defined 140 round robin 152 round robin distribution 166 sample table entries 141 server aliases 140 tables with round robin enabled 166 troubleshooting 267 using hostinfo utility 265 zones and doma...

Страница 345: ...g problems 143 reasons to perform 142 Web applications 142 Load thresholds adjusting graphically 206 configuration 203 236 configuring Peak and Gradual Redirection 204 Gradual Redirection 204 Peak 204...

Страница 346: ...edirection load thresholds configuring 204 Redundancy ensuring corrective actions 149 models 148 planning 148 systems monitoring 148 Redundancy models Parallel Servers 148 Primary Backup 148 Referenci...

Страница 347: ...rver unreachable alarm 217 Server utilities administering clusters with 261 Server variables 55 server log file 58 Server OS BuildNumber 55 56 Server OS Name 55 56 Server OS Version 55 Session scope 5...

Страница 348: ...Server on Solaris 162 Web Explorer 163 Windows Explorer 163 Verifying data sources 85 105 Verity Administrator page 64 creating a collection 64 deleting collections 66 indexing data 64 Version inform...

Страница 349: ...linear 131 load management factors 132 performance factors 130 webserver log file 57 WebSite 270 Website API WSAPI 270 Windows 95 starting ColdFusion 34 Windows NT domain authentication for clusterin...

Страница 350: ...328 Administering ColdFusion Server...

Отзывы:

Нет отзывов

Похожие инструкции для COLDFUSION 4.5-ADMINISTRING COLDFUSION...

Software Audio Processor DLA

Бренд: Waves Страницы: 6

AUTOCAR CIVIL 2010

Бренд: Autodesk Страницы: 6

GHOST IMAGING FOUNDATION 7.1

Бренд: Symantec Страницы: 189

Бренд: Partec Страницы: 98

ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 -

Бренд: F-SECURE Страницы: 29

DIRECTOR MX 2004-USING DIRECTOR

Бренд: MACROMEDIA Страницы: 500

PlateRunner P24 Processor

Бренд: Xante Страницы: 6

Бренд: Philips Страницы: 18

Бренд: CAKEWALK Страницы: 610

Бренд: TRENDnet Страницы: 21

DEVICE-MAPPER MULTIPATH 4.6

Бренд: Red Hat Страницы: 42

CERTIFICATE SYSTEM 8.0 - ADMINISTRATION

Бренд: Red Hat Страницы: 564

Бренд: Draytek Страницы: 60

PC ANYWHERE SOLUTION V 12.5

Бренд: Symantec Страницы: 63

READIRIS PRO 12

Бренд: I.R.I.S. Страницы: 10

15606-011408-9300 - MAP R6.3 UPG

Бренд: Autodesk Страницы: 208

3561ND - B/W Laser Printer

Бренд: Samsung Страницы: 30

Projector Toolset

Бренд: Barco Страницы: 245

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды