Entries Tagged as “Adobe ColdFusion 10”

Connecting to JNDI data sources in ColdFusion 10

May 24, 2013 / Asha Kasala

Adobe ColdFusion 10 | Tomcat

Here’s a guide to show you how to configure JNDI datasource in ColdFusion 10.

1. Get the JDBC Driver

The JDBC Driver needs to be placed in ColdFusion10/cfusion/runtime/lib folder.

2. context.xml configuration

Add a resource block before the closing tag (</Context>) in the context.xml present at ColdFusion10/cfusion/runtime/conf , which defines database connection detail :

<Resource name="jdbc/test" auth="Container" type="javax.sql.DataSource"

maxActive="50" maxIdle="30" maxWait="10000"

username="username" password="password"

driverClassName="com.mysql.jdbc.Driver"

url="jdbc:mysql://localhost:3306/test"/>

For more information on the attributes please refer to http://tomcat.apache.org/tomcat-7.0-doc/jndi-resources-howto.html.For setting isolation level use the defaultTransactionIsolation attribute.

3. web.xml configuration

In the web.xml present at ColdFusion10/cfusion/wwwroot/WEB-INF , add the following just before the closing tag (</web-app>):

<resource-ref>

<description>MySQL Datasource example</description>

<res-ref-name>jdbc/test</res-ref-name>

<res-type>javax.sql.DataSource</res-type>

<res-auth>Container</res-auth>

</resource-ref>

4. Add ColdFusion DataSource through Administrator

After saving the configuration files restart the ColdFusion server.Log in to ColdFusion Administrator and navigate to Data & Services > Data Sources and add a new Data Source by selecting J2EE Data Source(JNDI) in the driver drop down.For more details on this refer http://help.adobe.com/en_US/ColdFusion/10.0/Admin/WSc3ff6d0ea77859461172e0811cbf364104-7fdf.html .

Data Source registration page

Hope you found this useful.Write in to us if you have any issues with the Tomcat specific configuration.

-Asha

No Comments | Respond Now

Connecting to JNDI data sources in ColdFusion 10

Applying Updates on a Locked down ColdFusion 10 Server

May 21, 2013 / Krishna Reddy

Note: This is valid from Hotfix 9 onwards.

Depending on the user account that you have used to Lock down your server, you might need to consider the following few more steps for providing appropriate permissions to be able to apply the updates from ColdFusion Administrator.

Hotfix needs two things to be installed properly from ColdFusion Administrator.

1) The user that is configured for ColdFusion Service should be permitted to Start/Stop the service. More on this to setup is explained below.

2) Since ColdFusion runs with the user you have setup for ColdFusion service, that user should have write/delete/update permissions for some of the ColdFusion directories. Notably, till now (Hotfix 9) the update files are there for the following directories:

<CFHome>\cfusion\bin\ (Write)

<CFHome>\cfusion\hf-updates\ (Write)

<CFHome>\cfusion\lib\ (Write)

<CFHome>\cfusion\lib\updates\ (Write + Delete)

<CFHome>\cfusion\runtime\lib\ (Write)

<CFHome>\cfusion\wwwroot\CFIDE\adminapi\ (Write)

<CFHome>\cfusion\wwwroot\CFIDE\administrator\ (Write)

<CFHome>\cfusion\wwwroot\CFIDE\componentutils\ (Write)

<CFHome>\cfusion\wwwroot\CFIDE\scripts\ (Write)

Note: New directories may or may not get added in the future Hotfixes but the above set will always be there for ColdFusion 10.

If you are running multi-instace scenario you have to set the same for all child instance folders and their service accounts

When lockdown guide is being imposed the above two requirements should also be implemented in order to be able to apply Hotfixes from the ColdFusion administrator.

Setting up the ColdFusion Service user as required in #1:

Down load and Install Windows tool named SubInACL.exe (Installer name is SubInACL.msi) to give service start/stop permissions from

http://www.microsoft.com/en-us/download/confirmation.aspx?id=23510

Once you install it, the tool subinacl.exe gets installed under
C:\Program Files (x86)\Windows Resource Kits\Tools

Then, run the tool as follows from command prompt by replacing <MachineName> and <username> with your username and machine name.

a) For machine’s local user

C:\Program Files (x86)\Windows Resource Kits\Tools>subinacl.exe /service "\\<MachineName>\ColdFusion 10 Application Server" /grant=<username>=TO

b) If the user is a Domain user you have to replace <Domainname> as well along with <MachineName>, <username> in the following command.

C:\Program Files (x86)\Windows Resource Kits\Tools>subinacl.exe /service "\\<MachineName>\ColdFusion 10 Application Server" /grant=<Domainname>\<username>=TO

More details on this are explained in the below resource.

http://support.microsoft.com/default.aspx?scid=kb;en-us;288129

This is a one-time setup that you have to do.

Once this is done -> Restart ColdFusion service -> Open ColdFusion server Administrator -> Apply Update -> You should be able to apply the Hotfix successfully now.

4 Comments | Respond Now

Applying Updates on a Locked down ColdFusion 10 Server

New Critical ColdFusion security update for version 9 and above

May 14, 2013 / Shilpi Khariwal

A security update for ColdFusion is now available for versions 10, 9, 9.0.1 and 9.0.2. This hot-fix addresses issues reported in Advisory 13-03

If you are on ColdFusion 10, you will see a new update 10 within the ColdFusion administrator for you to download and install.

Adobe recommends users update their product installation with this update. Here's a link to the related security bulletin.

We highly recommend locking down public facing servers to prevent against unknown attacks. As an additional precaution, we recommend commenting RDS servlet in web.xml

Complete instructions for protecting server can be found accessed here. ColdFusion 10 Lockdown Guide, ColdFusion 9 Lockdown Guide

17 Comments | Respond Now

New Critical ColdFusion security update for version 9 and above