Entries Tagged as “Adobe ColdFusion 10”

ColdFusion 11 Update 6 and ColdFusion 10 Update 17 now available

August 27, 2015 / Piyush Kumar Nayak

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11

The following ColdFusion updates are now available for download. These updates address a common XXE vulnerability in BlazeDS. For details refer the security bulletin hyperlinks in the sections below.

Users who are using LCDS with ColdFusion, should refer this technote, for updating their LCDS installation.

ColdFusion 11 Update 6

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 11 updates.

For details, refer this technote.

ColdFusion 10 Update 17

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 10 updates. 

For details, refer this technote.


AppAdmin - A small ColdFusion app to manage your Application.cfc

August 11, 2015 / Sandeep Paliwal

  Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11

AppAdmin is a simple app to manage your application settings. It lists all the Application level settings available, there current values, and whether the values have been explicitly set by user or not in Application.cfc.

It also supports editing these settings from the UI and the same are updated in actual Application.cfc. It also keeps a backup of Application.cfc when updating so the same can be used to revert back in case of any issues.

It supports both tag and script based CFML code, but there can be a few hidden issues J so do watch out for them.

The app is available on github. To install it you only need to copy to folder (say “appadmin”) inside your ColdFusion Application parallel to where the Application.cfc resides. Once copied just launch in using <your application url>/appadmin.

Here is a screenshot of app admin when delpoyed.

 

 

PS: make sure to keep your app admin URL behind authentication and not make it publically accessible.

 


Taking Thread Dumps from ColdFusion Server Programmatically

August 11, 2015 / Krishna Reddy

  Performance | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11 | General | productivity | Scheduled Tasks

Many times you would want to tweak the performance of the ColdFusion server or want to debug the bottlenecks that make the server unresponsive.

To analyze this, ideally you would want to have Thead dumps and Server memory snapshot(Heap Space, Eden Space, Survivor Space, Old Gen, Perm Gen).

While you can use JDK tools like jstack to get the dumps, it is tedious to install it and schedule the thread dumps.

So, programmatically thread dumps and memory snapshots are are triggered and can be configured as a scheduler task and can be triggered on-demand as well.

Download the following zip file and move it to the server where you want to take thread dumps.

 

threaddump.zip

This zip file contains two files. One is threaddump.jar file.

Place this file under: C:\ColdFusion11\cfusion\wwwroot\WEB-INF\lib\ and restart the server for it to load.

And the other file is the cfm file takethreaddump.cfm where the call to ThreadDump class is made and the path where the dump content should be written.

By default it is dumped to the file #GetTempDirectory()#/threaddump<Day>-<Month>-<Year>.log

(Depending on the server location it translates similar to C:\ColdFusion11\cfusion\runtime\work\Catalina\localhost\tmp\threaddump12-8-2015.log)

You can change this to any other convenient path in the cfm file.

You can call this cfm on-demand at point of time or configure a new scheduled task to schedule it at some interval.

More number of Thread dumps are more helpful for problem analysis. So, it is better to take at some interval.

On every new day, dump is rotated automatically to a new file name.

 


Configuring Connectors Manually for IIS 10

August 06, 2015 / Chinoy Gupta

  Adobe ColdFusion 10 | Adobe ColdFusion 11 | Connector

With Windows 10 out, there is a problem that most of the ColdFusion customers will face, configuring connectors for IIS 10. Wsconfig, the connector configuration tool, only supports till IIS 8.x. While the ColdFusion team is working on this issue and will try to provide the fix for it as soon as possible, there is already a KB article which can be referred for configuring the connectors manually. Although the article was originally written for CF10, it can be used for CF11 also. After following all the steps in the article, you need to do one more thing. Add index.cfm as default document for your website in IIS.

This solution is only recommended for development environments as through testing of the connectors with IIS 10 is still going on. So for production machines, you should wait for the actual release from Adobe.


When should tools.jar be updated in ColdFusion Server

July 27, 2015 / Krishna Reddy

  Administrator | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | Adobe ColdFusion Builder | General

tools.jar contains the utilities to compile java source into class files.

While using ColdFusion Web services stubs have to be generated.

So, this utility is required for this feature to be functional.

The tools.jar is shipped by default with ColdFusion along with full installation of ColdFusion which would be same version of the jre that ColdFusion is shipped with.

If you are just using this default installation and the built-in jre, your ColdFusion web services do work fine.

However, due to security bugs or platform support you would want to update the jre version that ColdFusion runs on.

Once you do that, please make sure to copy the tools.jar file manually from {JDK_Home}/lib to {cf_install_home}/cfusion/lib/

Only JDK contains the tools.jar file not the jre installation. You don't have to install JDK on the machine where ColdFusion is installed. You can just have jre on this machine and get tools.jar from any other machine's JDK installation.

And also make sure that the earlier stubs are cleared from {cf_install_home}/cfusion/stubs/ to get the newly compiled classes.

It is necessary to update tools.jar ONLY if you are upgrading the jre to a a higher major version.

Say, if you are upgrading from 1.8 U5 to 1.8 U51 you don't have to update tools.jar file.

But, say   if you are upgrading from 1.7 U55 to 1.8 U51, you have to update tools.jar file.

 

Another case where you would want to update the tools.jar is JEE deployments.

Say, if you are using Websphere application server with IBM JDK, you have to place the corresponding JDK's tools.jar under  {cf_install_home}/cfusion/lib/.

The same applies to any other application server as well.

The simple rule is that tools.jar has to be from the same major version of Java (minor version doesn’t matter) that ColdFusion runs on.

 

This applies to any version of ColdFusion and the same applies to all platforms.

You can copy tools.jar from Windows machine to Solaris macine as well as long as the version is correct.

 

 


Blue Mango Theme Design By Mark Aplet

Super Powered by Mango Blog