Query MongoDB Data in ColdFusion

Query Mongodb Data

Today, I would like to discuss on writing standard ColdFusion data access code to connect to MongoDB.

The CData JDBC Driver for MongoDB seamlessly integrates connectivity to MongoDB data with the rapid development tools in ColdFusion. This article shows how to connect to MongoDB data in ColdFusion and query MongoDB tables.

1. Create a JDBC Data Source for MongoDB in ColdFusion

The JDBC data source enables you to execute SQL from standard ColdFusion tags like cfquery and CFScript like executeQuery.

  1. Copy the driver JAR and .lic file from the installation directory onto the ColdFusion classpath. For example, copy the files into C:\MyColdFusionDirectory\cfusion\wwwroot\WEB-INF\lib. Or, open the Java and JVM page in the ColdFusion Administrator and enter the path to the files in the ColdFusion Class Path box.
  1. The JAR and license for the driver are located in the lib subfolder of the installation directory.
  1. Restart the server after this step.

2. Add the driver as a data source:

From the ColdFusion administrator interface, expand the Data & Services node and click Data Sources. In the Add New Data Source section, enter a name for the data source and select Other in the Driver menu.

Data Source

3. Populate the driver properties:

  • JDBC URL: Enter connection properties in the JDBC URL. The JDBC URL begins with jdbc:mongodb: and is followed by the connection properties in a semicolon-separated list of name=value pairs. A typical JDBC URL is below:
  • Jdbc:mongodb:Server=MyServer;Port=27017;Database=test;User=test;Password=Password;
  • Set the Server, Database, User, and Password connection properties to connect to MongoDB. To access MongoDB collections as tables you can use automatic schema discovery or write your own schema definitions. Schemas are defined in .rsd files, which have a simple format. You can also execute free-form queries that are not tied to the schema.
  • Driver Class: Enter the driver class. The driver class is cdata.jdbc.mongodb.MongoDBDriver.
  • Driver Name: Enter a user-defined name for the driver.
  • Username: Enter the username used to authenticate.
  • Password: Enter the password used to authenticate.

Populate the Driver Properties

You can now test the connection by enabling the CData MongoDB data source in the Actions column. After reporting a status of OK, the MongoDB data source is ready for use.

CData MongoDB Data Source

Execute Queries

The cfquery tag can pass SQL statements to MongoDB, including INSERT, UPDATE, and DELETE.. Use the cfqueryparam tag to create parameterized queries and prevent SQL injection through the query string.

SELECT * FROM restaurants WHERE Name =

Below is the equivalent in CFScript:

<cfscript>

result = queryExecute(
“SELECT * FROM restaurants WHERE Name = ?”,
[
{ value="Morris Park Bake Shop", cfsqltype="cf_sql_varchar" }
],
{ datasource=”CDataMongoDB” }
);
writeDump( var= result );

</cfscript>

You can then make requests to your .cfm like the following:

http://MyServer:8500/query.cfm?Name=Morris Park Bake Shop

Execute Queries

Setting Up Your Own Private GitLab On Azure

GitLab
Azure is Microsoft’s business cloud and GitLab is a pre-configured offering on the Azure Marketplace. Don’t get surprised to hear that Microsoft and Azure have embraced open source software like Ubuntu, Red Hat Enterprise Linux, and GitLab. You can now spin up a pre-configured GitLab VM in just a few clicks on Azure. Let’s get started.

Let’s Get started

To start First you need Azure account.

You can open an Azure account for free. You get credits you can use to try out paid Azure services, and even after you’ve used them you can still keep the account and use the free Azure services. Your credit card won’t be charged, unless you decide to pay-as-you-go. This is a great way to try out Azure and cloud computing.

Working with Azure

Once your account is ready and able to login to portal.azure.com you will see the Dashboard which gives you a quick overview of Azure resources:

Working With Azure
From the Dashboard you can build VMs, create SQL Databases, author websites, and perform lots of other cloud tasks. Today we want to try GitLab which is part of the Azure Marketplace. The Marketplace is an online store for pre-configured applications and services optimized for the cloud by software vendors like GitLab. Click on the + New icon and in the search box type “GitLab”:

Search Gitlab

Create new VM

Azure Marketplace offerings are always changing but let’s click “GitLab Community Edition”. GitLab CE is freely available under the MIT Expat License. A new “blade” window will pop-out, where you can read about the offering.

Create New VM
Click “Create” and you will be presented with the “Create virtual machine” blade.

Basics

The first thing we need to configure are the basic settings of the underlying Ubuntu 14.04.4 VM. On the screenshot below, I set the hostname to “GitLab-CE” and I chose Password authentication to keep things simple. This is the password that we will use later to SSH into the VM, so make sure it’s a strong password/passphrase. Alternatively you can choose to paste your SSH public key so that you don’t type your password every time. A “Resource group” is a way to group related resources together for easier administration. I named mine “GitLab-CE-Azure”, but your resource group can have the same name as your VM. Click OK when ready.

Basics

Size

The next screen reviews the Pricing Tiers, which are the VM sizes. I chose a “D1 Standard” VM, which meets the minimum system requirements to run a small GitLab environment. When ready click ‘Select’.

By default, only the recommended tiers are shown. To choose a larger one click on ‘View all’.

Size

Settings

On the next blade, you are called to configure the Storage, Network and Availability settings. Just review them and take the defaults which are sufficient for test-driving GitLab. Hit OK when done.

Settings

Summary

On the summary page you will have the chance to review your choices so far. If you change your mind about something, you can go back to the previous steps and amend your choice. Hit OK when ready.

Summary

Buy

This is the last step and you are presented with the price/hour your new VM will cost. You can see that we are billed only for the VM at this page, GitLab CE is a separate tile which is free to use. Go on and click Purchase for the deployment to begin.

Buy

Deployment page

At this point, Azure takes over and begins deploying your GitLab Ubuntu VM. You can scroll down to see the deployment process which takes a few minutes.

Deployment Page
When GitLab environment is ready, you will see the management blade for your new VM. This is basically your VM dashboard where you can configure many things like the DNS name of your instance.

VM Dashboard

Set up a domain name

The public IP address that the VM uses is shown in the ‘Essentials’ blade. Click on it and select Configuration under the ‘General’ tab. Enter a friendly DNS name for your instance in the DNS name label field.

Set Up a Domain Name
In the screenshot above I have set my DNS name to gitlab-ce-test.xxx.cloudapp.azure.com. Hit Save for the changes to take effect.

If you want to use your own domain name, add a DNS A record into your domain registrar pointing to the IP address displayed given by Azure.

Connecting to GitLab

Use the IP address or the domain name you set up from the previous step to visit GitLab on your browser.
The first time you hit the URL, you will be asked to set up a new password for the administrator user that GitLab has created for you.

Connecting To Gitlab
Once you change the password you will be redirected to login. Use root as the username and the password you configured just before.Connecting To Gitlab
At this point you have a working GitLab VM running on Azure. Congratulations!

Creating your first GitLab project

You can skip this section if you are familiar with Git and GitLab. Otherwise, let’s create our first project. From the Welcome page click New Project.

Creating your First Gitlab Project
I’m going to make this a private project called “demo”:

Gitlab Project Demo
It only takes a few moments to create the project and the next screen will show you the commands to begin working with your new repository locally.

Gitlab Project Demo
Following these instructions you should be able to push and pull from your new GitLab repository.

That’s it! You have a working GitLab environment!

Maintaining your GitLab instance

It’s important to keep your GitLab environment up-to-date and since the GitLab team is constantly making enhancements to the product, occasionally you may need to upgrade for security reasons.

Let’s review how to upgrade GitLab. When you click on the “Admin Area” wrench, GitLab will tell you whether there are updates available. In the following screenshot we are told to update ASAP, and this is because there is a security fix.

Maintaining your Gitlab Instance
On the screenshot we can see the current Azure Marketplace offered GitLab CE version 8.6.5, and there is an update available. To update you need to connect to your Ubuntu server using PuTTY or an equivalent SSH tool. Remember to log in with the username and password you specified when you created your Azure VM.

In your terminal type in the following to connect to your VM:

ssh user@gitlab-ce-test.westeurope.cloudapp.azure.com

Provide your password at the prompt to authenticate.

Your domain name will differ and is the one we set up previously. You can also use the public IP instead of the domain name.

Once you login, use the following command to upgrade GitLab to the latest version.

sudo apt-get update && sudo apt-get install gitlab-ce

Once it completes you should have an up-to-date GitLab instance!GitLab Admin

Conclusion

GitLab is a great Git repo tool, plus a whole lot more. In this post we looked at how to run GitLab using the Azure Marketplace offering. Azure is a great way to experiment with GitLab. If you decide, like me, that GitLab is the best solution for source code management you can continue to use Azure as your secure, scalable cloud provider.

Integrating ColdFusion Applications With Microsoft SharePoint

ColdFusion_Microsoft_SharePoint

As Microsoft SharePoint became most ubiquitous corporate online team collaboration and document management tool, most of the CF developers find themselves working in a SharePoint environment and needing to integrate their ColdFusion applications into a SharePoint portal.

Adobe has provided tools to help a ColdFusion developer rise to that challenge since its release of ColdFusion 9 version till the latest 2016 they have been providing several interfaces and tools to handle that.

In this article, I explain how to pull ColdFusion code into a SharePoint page and then how to use the ColdFusion cfsharepoint tag to communicate with the SharePoint Server. This article includes examples of what is possible and touches on integrating Flex into SharePoint.

Understanding the basics of SharePoint

As a ColdFusion developer, you may have had little to no exposure with SharePoint at this point. In this section, we will look at some basics that you will need to know to work in a SharePoint environment.

SharePoint is a content management system application that accesses data stored in a proprietary manner in a MSSQL database. SharePoint’s integrated search services set it apart from just storing files in common folders; it also adds team collaboration context to managing the data files, which are typically generated by Microsoft Office Suite.

An important factor to note is the difference between Windows Sharepoint Services v3.0 (WSS) and Microsoft Office SharePoint Server 2007 (MOSS). A simplistic view is that WSS is a free add-on to Windows Server 2003 or 2008 that allows you to set up “Site Collections” with a more limited feature set, whereas MOSS is a licensed product requiring Client Access Licenses (CALs) per user accessing SharePoint, as well as a server license (check out this link for good feature set comparisons). MOSS has Standard- and Enterprise-level features and can host multiple Site Collections. (This summer, new versions are due to be released, renamed as SharePoint Foundation 2010 and SharePoint Server 2010, respectively.

For this article, we will consider both WSS v3.0 as reference.

SharePoint MOSS 2007 and WSS v3

Figure 1. This is what a basic team site looks like in SharePoint MOSS 2007 and WSS v3.

SharePoint site hierarchy and permission-based roles

SharePoint exists as a structured grouping of sites, known as a Site Collection. It is important to understand that site permissions are typically linked with a user’s Active Directory login (this is how Microsoft manages user workstation logins in an enterprise environment). All permissions begin at the top level of the Site collection and propagate down to created sites, inheriting the parent level’s permissions unless you break that default inheritance. So for instance, if I give you a specific set of permissions on the Site Collection, and create a new site, you’ll automatically have the same permissions on a newly created site in that collection. It is important to note that there is no interconnectivity between Site Collections (in a MOSS set up) but there can be connectivity between sites in a single Site Collection.

Some of the key permission levels are:

  • Read – Users at this level can only view SharePoint sites and data.
  • Contribute – Users at this level can view, add, update, and delete SharePoint sites and data.
  • Design – Users at this level can view, add, update, delete, approve, and customize SharePoint sites and data.
  • Full Control – Users at this level have full control SharePoint sites and data.

SharePoint Lists: Items and Views

In basic terms, a List is the equivalent of a table in a database and this is most important part or CORE component of SharePoint. SharePoint comes with a number of List templates, such as calendar, task list, and contacts, each of which have their own default columns as one would expect. Yet SharePoint is very customizable. If you need to add fields not already included, such as a customer ID, you can create a column for that list. Even a document library is a list in SharePoint. A document library record includes metadata on the document file and the file itself is stored with the database as a binary large object (BLOB). You can also create custom Lists with no pre-defined columns and then, if choose to do so, save them as templates for future use.

A SharePoint Item is simply a record in a SharePoint List. Each List is referenced by a globally unique identifier (GUID), a 32 character hexadecimal character string. This is important because identifying a List’s GUID is what is necessary to interact with it. Each SharePoint Item has an ID number connected to the GUID of the List it is contained within.

Generated page for content entry and Calendar List

Figure 2. In SharePoint, a generated page for content entry, newform.aspx, for a Calendar List

Each SharePoint List has four default pages generated upon its creation:

  • NewForm.aspx – To allow users to add an item to the list in a pre-generated form
  • DispForm.aspx – To allow users to review an item in a read-only context
  • EditForm.aspx – To allow users with the appropriate permissions to edit a pre-existing item
  • AllItems.aspx – To display all the items in a list; a non-filtered view of the list

A final feature of a SharePoint List to note is stored Views. Stored Views are filtered displays of Items within the List that meet a user’s chosen criteria.

SharePoint Pages and Web Parts

When displaying a web page within SharePoint, a typical page will consist of Web Part Zones, pre-defined areas in which you can add a Web Part. A Web Part is a code snippet that displays SharePoint-contained data in a particular layout. An example is a Calendar Web Part that displays Items from a SharePoint Calendar List, giving you options to display content as an event list, or as a calendar showing daily, weekly, or Monthly views. Being able to build a page with multiple Web Parts enables you to design dashboard-type views very quickly.

SharePoint page in edit view

Figure 3. A SharePoint page in edit view, showing the Web Part Zones on a page

Now we will focus on pre-defined Web Part called a Page Viewer Web Part. This is the Web Part designed to pull content external to SharePoint into a SharePoint page.

Using SharePoint Web Parts to display ColdFusion content

As mentioned above, to display ColdFusion content within SharePoint, you start by using a Page Viewer Web Part in SharePoint.

  1. In SharePoint, select the Edit Page option under the Site Actions Menu in the top right part of the window. (Note: You will only see this menu if you have appropriate permissions, which would be a minimum “Design” level in this case. Ask your Site Administrator if you need your permission levels raised.)
  2. Once you’ve chosen Edit Page, the page will refresh and display the available Web Part Zones in sectioned groupings. Decide which Zone you want to place your ColdFusion content and click Add a Web Part button in that Zone.
  3. An Add Web Parts dialog window opens and reveals the available Web Parts in your Web Parts Library. The Page Viewer Web Part is in the Miscellaneous section under All Web Parts header. Select it and select Add.
  4. Your new Web Part is now in the Zone you selected, displaying the text: “To link to content, open the tool pane and then type a URL in the Link text box.” You can open the tool pane either by clicking the link or by choosing “Modify Shared Web Part” in the Edit menu.
SharePoint page in edit view

Figure 4. SharePoint page in edit view, showing the Tool Pane for a Page Viewer Web Part. This is where you control the attributes of a Web Part.

  1. The tool pane opens on the right side of the page. You will see the Link field. Enter your ColdFusion template file (CFML) URL and click Apply.
  2. As long as your CFML file is on a server or IIS website that is linked to the CFIDE, ColdFusion will generate the HTML appropriately within your SharePoint page. Note that although your ColdFusion application and your SharePoint application can on the be the same box, they do not need to be; it is not required that you connect your SharePoint IIS site with ColdFusion.
  3. You may need to use the Appearance section of the tool pane to modify the height and width of the Web Part to fully display your content without automatic scroll bars. If your content output is variable, especially in height, you may want to set the area to be larger than you’ll typically need. This leaves white space on the page if the content doesn’t fill it all, but avoids having scrollbars the majority of the time. Remember that the Web Part Zone size determines the width of your Web Part. You can also remove the “Page Viewer Web Part” header from the section by setting the Chrome Type to None. Click OK when you are done and the tool pane will close.

Note that for Adobe Flash and Adobe Flex, you can use a Page Viewer Web Part to display Flash- and/or Flex- generated SWF content just as you did with ColdFusion content within Sharepoint in the steps above. The power to build a Flex application to provide a RIA user interface within SharePoint and using ColdFusion 9 to communicate with your SharePoint data provides a whole new area for Flex developers.
ColdFusion 9 ships with a Single-Sign On Web Part for use within SharePoint that acts a Pager Viewer Web Part but uses the SharePoint login structure to allow your ColdFusion application to reflect the current user’s permission levels when communicating with SharePoint.

Installation instructions for that Web Part are located in the Adobe Documentation for ColdFusion 9: SharePoint Integration section.

Using the cfsharepoint tag in ColdFusion 9

Now we’ve displayed ColdFusion code live in a SharePoint Web Part. The typical reason to do this is to display legacy ColdFusion applications in the context of a new SharePoint environment. What if you want to build a new application using ColdFusion, but have it alter Lists and Items within them in SharePoint? That’s where the cfsharepoint tag comes in.

The cfsharepoint tag is a powerful tag with many attributes that allow you to manipulate SharePoint. First, let’s look at what is required in the tag. On the surface, all you need is the action attribute. This is quite a powerful attribute as by my count there are 49 supported SharePoint actions for the tag. To get SharePoint to do anything, you have to pass some credentials across with the appropriate permission levels. You have two options: 1) Pass the credentials in a structure through the login attribute (such as “domain,password,username“) or 2) Supply those values individually using domain, password, and username values. It’s helpful to store these credentials in your Application.cfc file.

Now that you’ve chosen an action and logged in successfully, you must pass parameters to apply to that action. The attribute params handles that for us. Here is some sample code for creating a generic List:

<cfsharepoint login=”#login#” action=”addlist” params=”#{listname=”testlist” description=”A Test of ColdFusion List creation” templateid=100}#”/>

You can see a full list of SharePoint List IDs here.

Using this ColdFusion code, you’ve created a List. Why would this be beneficial? Well, you could create a user-friendly form that allows typically unauthorized users to create a list with specific parameters put in place. This is an effective way to give users some limited control without opening the floodgates to what some higher-level permissions would allow.

Although it is beyond the scope of this article where I simply wanted to show how to integrate ColdFusion with SharePoint, it might be exciting to see how one could use ColdFusion functions to do what SharePoint cannot do natively. Some ideas are as follows:

  • Use the cfimage tag to manipulate SharePoint stored images and then replace them back into SharePoint (see example in CFML 9.0 documentation).
  • Use ColdFusion to copy items from a list in one site into a list in another site (or to create a site collection even!).
  • Parse a SharePoint list with ColdFusion and output a cfchart in a Web Part.
  • Use the cfdocument tag to output PDF files of SharePoint content.
  • Use ColdFusion Spry assets to present autosuggest fields.

Where to go from here

Once you have the appropriate permissions within your SharePoint environment, you could experiment and see where ColdFusion can enhance your SharePoint environment. As a ColdFusion developer, you now have the option to create ColdFusion applications within SharePoint in a way you never did before.
Push the envelope, use the ColdFusion (and Flex) RIA concepts in SharePoint and change the offerings. The cfsharepoint tag combined with the Single Sign-On Web Part adds a whole new section to the toolbox for developing in SharePoint. Once such implementation I’ve been able to create is a Flex-based Twitter parser that can check against a list of stored twitter account names or list of topics pertinent to a product or product team.

A sample Sharepoint site running two Flex applications

Figure 5. A sample Sharepoint site running two Flex applications. The first application is a dynamically-generated rotating billboard of SWF files. The second application is a Twitter message parser that pulls a list of twitter accounts and mentions from a SharePoint List.

Of course there are more advanced concepts in using ColdFusion to communicate with SharePoint. For all the methods that have been written into the cfsharepoint tag, there are a multitude of actions that can be done within SharePoint that aren’t directly included. Adobe has solved this by enabling the ability to point directly to the WSDL (Web Services Description Language) for a SharePoint component that you wish to control.

Here are some reference links for learning more about using ColdFusion with SharePoint:

Using the ColdFusion Administrator – Basics

ColdFusion Administrator

Initial administration tasks

Immediately after you install ColdFusion, you might have to perform some or all the administrative tasks described in the following table:

Task Description
Establish database connections ColdFusion applications require data source connections to query and write to databases. To create, verify, edit, and delete database connections, use the Data Sources page. For more information, see Data Source Management for ColdFusion.
Specify directory mappings Directory mappings redirect relative file paths to physical directories on your server. To specify server-wide directory aliases, use the Mappings page. For more information, see Mappings page.
Configure debugging settings Debugging information provides important data about CFML page processing. To choose the debugging information to display, and to designate an IP address to receive debugging information, use the Debugging & Logging section.For more information, see Debugging Output Settings page.
Set up e-mail E-mail lets ColdFusion applications send automated e-mail messages. To configure an e-mail server and mail options, use the Mail Server page.For more information, see Mail page.
Change passwords You might have to change the passwords that you set for the ColdFusion Administrator and Remote Development Service (RDS) during ColdFusion installation. To change passwords, use the Security section.For more information, see Administrator page and RDS page
Define user-specific access to the ColdFusion Administrator To grant user-specific access to the ColdFusion Administrator, you create users and specify a user name, password, applicable sandboxes, and the sections of the ColdFusion Administrator that each user can access. For more information, see Security section
Configure Java settings (Server configuration only) You might have to customize Java settings, such as classpath information, to meet the needs of your applications. To change Java settings, use the Java and JVM page.For more information, see Extensions section.
Restrict tag access Some CFML tags might present a potential security risk for your server. To disable certain tags, use the Sandbox Security page.For more information, see Administering ColdFusion Security.

Accessing user assistance

You can use the buttons on the upper left of the ColdFusion Administrator to access online Help, information about additional resources, and system information.

Online Help Click the question-mark icon on any ColdFusion Administrator page to access the context-sensitive online Help. The online Help has procedural and brief overview content for the ColdFusion Administrator page that you are viewing. This information appears in a new browser window and contains standard Contents, Index, and Search tabs.

System Information Click System Information to see information about the ColdFusion server, including version number, serial number, and JVM details.

Resources Click Resources to display the Resources page, which provides links to the following:

  • Getting Started experience
  • Example applications
  • Product Information
  • Technical Support and Training
  • Additional Installers
  • Product Updates
  • Community Resources
  • Security-related Information

Server Settings section

The Server Settings section lets you manage client and memory variables, mappings, charting, and archiving. It also allows you to configure e-mail and Java settings.

Settings page

The Settings page of the ColdFusion Administrator contains configuration options that you can set or enable to manage ColdFusion. These options can significantly affect server performance. The following table describes the options:

Option Description
Timeout Requests After (Seconds) Prevents unusually lengthy requests from using up server resources. Enter a limit to the time that ColdFusion waits before terminating a request. Requests that take longer than the time-out period are terminated.
Enable Per App Settings Lets developers programmatically define ColdFusion settings such as mappings and debugging per application.
Use UUID For cftoken Specify whether to use a universally unique identifier (UUID), rather than a random number, for a cftoken.
Enable HTTP Status Codes Configures ColdFusion to set a status code of 500 Internal Server Error for an unhandled error. Disable this option to configure ColdFusion to set a status code of 200 OK for everything, including unhandled errors.
Enable Whitespace Management Compresses repeating sequences of spaces, tabs, and carriage returns and linefeeds. Compressing whitespace can significantly compact the output of a ColdFusion page. This option is enabled, by default.
Disable Access To Internal ColdFusion Java Components Prevents CFML code from accessing and creating Java objects that are part of the internal ColdFusion implementation. This prevents a non-authenticated CFML template from reading or modifying administration and configuration information for this server.
Disable CFC Type Check Turns off verifying the CFC type when calling methods with CFCs as arguments. This option also disables verifying an object that implements the right interface. Enabling this option can improve the performance of your application. However enable it only on a production server.
Disable Access To Internal ColdFusion Java Components Prevents CFML code from accessing and creating Java objects that are part of the internal ColdFusion implementation. This prevents a non-authenticated CFML template from reading or modifying administration and configuration information for this server.
Preserve Case for Struct Key for Serialization Maintains and preserves the case in which keys of a struct have been defined. If not checked, keys will be converted to uppercase.Cases for struct keys were not preserved in the past versions of ColdFusion. The struct keys get converted to upper case automatically.For instance, consider the following code:<cfscript>
data = {};
data.empName = “”;
data.age=26 ;
data.SomeValue = “”;
serializedStr = serializejson(data);
writeoutput(serializedStr);
</cfscript>
In ColdFusion 10 and earlier versions, the output generated by the above code will be:{‘EMPNAME’=”, ‘AGE’=”}

For ColdFusion 11 and following, the output generated will be:

{‘empName’=”, ‘age’=”}

To enable case preservation of struct keys, change the setting in the ColdFusion Administrator, as discussed above.

Note: This setting is used during compilation of the CFML page and therefore if this flag is changed (in the administrator or programmatically), any pages relying on the change must be recompiled. This is done typically by simply editing the file (make any change at all) and re-executing it. If “trusted cache” is enabled in the ColdFusion Administrator, you must clear the template cache (of at least those affected files), which can also be done from within the ColdFusion Administrator Caching page.

To enable case preservation of struct keys at the application level, modify the application.cfc file by setting:

this.serialization.preservecaseforstructkey = true

Prefix serialized JSON with Protects web services, which return JSON data from cross-site scripting attacks by prefixing serialized JSON strings with a custom prefix.
Enable In-Memory File System Enables the in-memory virtual file system support. By default, this is enabled.
Memory Limit for In-Memory Virtual File System Lets you specify the memory limit in Megabytes (MB) for in-memory virtual file system.
Watch Configuration Files For Changes (Check Every nSeconds) Sets ColdFusion to monitor its configuration files and automatically reload them if they change. This action is required if you deploy ColdFusion in a WebSphere ND vertical cluster, because multiple instances of ColdFusion share the same configuration files. It is recommended that you do not enable this feature for most installations.
Enable Global Script Protection Protects Form, URL, CGI, and Cookie scope variables from cross-site scripting attacks. Select this option if your application does not contain this type of protection logic.Enabling the global site protection replaces all the null bytes (%00) with an %20. This is to prevent Null Byte injection Attacks as part of the Protection.To disable this protection just for cookie scope the following workaround can be used.

  • Enable Script Protection from CF Administrator
  • Navigate to CF_HOME\cfusion\lib directory and open neo-security.xml and search for string FORM,URL,COOKIE,CGI & change the string to FORM,URL,CGI
  • Restart the server
Allow Extra Attributes in AttributeCollection Specify whether ColdFusion tags can pass non-standard attributes in the attributecollection structure.
Clear temporary files created during CFaaS after Specify the time in minutes after which the temporary files created during CF as a Service(CFaaS) operation must be deleted. The default value is 30 minutes.
ORM Search Index Directory Specify the index directory (the one in which all persistent entities, of an application’s indexable data, are saved) either at the server-level or application-level.
Default ScriptSrc Directory Specify the default path (relative to the web root) to the directory that contains the cfform.js file. Developers reference this file in the ScriptSrc attribute of the cfform tag. In a hosted environment, you might need to move the cfform.js file to a directory other than CFIDE.
Google Map API Key Specify the Google Map API license key that you require to access Google Maps.
Component with onServerStart() method Specify the absolute path to a CFC having onServerStart() method or specify a dot delimited CFC path under web root, like “a.b.server”. By default, ColdFusion looks for server.cfc under web root.
Allowed file extensions for<cfinclude> tag (New in ColdFusion 11) Specify the list of allowed file extensions (as a comma separated list) while using the tag. Specifying a wildcard (‘*’) in the list makes any file included using the tag to be compiled. If any other file included using the tag is not found in this list, their content will be statically included. By default files with the extensions cfm and cfml always gets compiled irrespective of this setting. This value can be overridden at the application-level using the key compileExtForInclude in theApplication.cfc/Application.cfm file.
Application.cfc/Application.cfmlookup order Select the order in which ColdFusion searches for Application.cfm or Application.cfc if it is not found in the current project folder. You can set ColdFusion to search as follows:

  • default search order: ColdFusion looks for an Application.cfc/Application.cfm file from the current folder until the system root directory. On Windows, this could be C:\ and on UNIX, /opt.
  • till web root: ColdFusion looks for an Application.cfc/Application.cfm file from the current folder till web root.
  • in web root: ColdFusion looks for an Application.cfc/Application.cfm file in the current folder or web root.
Missing Template Handler Specify a page to execute when ColdFusion cannot find a requested page. This specification is relative to the web root.Note: If the user is running Microsoft Internet Explorer with “Show Friendly HTTP error messages” enabled, Internet Explorer displays this page only if it contains more than 512 bytes.
Site-Wide Error Handler Specify a page to execute when ColdFusion encounters an error while processing a request. This specification is relative to the web root. When you define a site-wide error handler or missing template handler, ColdFusion does not log page-not-found errors and exceptions.Note: If the user is running Internet Explorer with Show Friendly HTTP Error Messages enabled, Internet Explorer only displays this page if it contains more than 512 bytes.
Maximum Size Of Post Data Limits the amount of data that can be posted to the server in a single request. ColdFusion rejects single requests larger than the specified limit.
Request Throttle Threshold Requests smaller than the specified limit are not queued or counted as part of the total memory. Requests larger than the specified limit are counted as part of total memory and are queued if the request throttle-memory size is exceeded.
Request Throttle Memory Limits total memory size for the throttle. If sufficient total memory is not available, ColdFusion queues requests until enough memory is free.
Disable Creation of unnamed application Disallows creation of unnamed applications.
Allow REST Discovery Specify whether to allow Adobe API Manager to discover REST services published in ColdFusion.

Request Tuning page

Simultaneous request tuning overview

You can specify the number of simultaneous requests that can be processed for each of the following types of requests:

  • CFM page requests
  • CFC method invocations (via an HTTP GET)
  • Flash Remoting requests
  • Web Service requests
  • The settings are contained completely within ColdFusion code and work across all J2EE application servers. You do not have to restart the ColdFusion server for changes to the configuration to take effect. JSP processing is not affected by these changes.
  • Note: The Flash Remoting request control setting applies to remoting that uses ActionScript 2.0 and ActionScript 3.0, with each type treated independently. For example, a setting of 5 means that up to 5 ActionScript 2.0 Flash Remoting and 5 ActionScript 3.0. Flash Remoting requests are allowed simultaneously.

Capabilities by edition

  • Standard Edition: Only the Async CFML, DirectoryWatcher, Socket, and user written event gateways are enabled. The maximum number of threads in the pool for the cfthread tag is limited to 10. Only the CFM page request limit is adjustable.
  • Enterprise Edition: All event gateways are supported. The number of threads in the pool for the cfthread tag is unlimited. You can adjust the limits for each request type (CFM page, CFC, Flash Remoting, and Web Service) independently.

Client Variables page

You enable client variable default settings in ColdFusion on the Client Variables page of the Administrator. ColdFusion lets you store client variables in the following ways:

  • In database tables
  • Note: If your data source uses one of the JDBC drivers bundled with ColdFusion 10, ColdFusion can automatically create the necessary tables. If your data source uses the ODBC Socket or a third-party JDBC driver, you manually create the necessary CDATA and CGLOBAL database tables.
  • As cookies in the web browsers
  • In the operating system registry
  • Note: Adobe recommends that you do not store client variables in the registry because it can critically degrade performance of the server. If you use the registry to store client variables, you allocate sufficient memory and disk space.
  • To override settings specified in the Client Variables page, use the Application.cfc file or the cfapplication tag. For more information, see the Developing ColdFusion Applications.

Store client variables in a data source

  1. On the Client Variables page, in the Select Data Source to Add as Client Store table, select a data source from the drop-down.
  1. Click Add. The Add/Edit Client Store page for the data source appears.
  1. Select options for the data source, as described in the following table. (To exit from the page without saving changes, click the left-arrow icon.)
Option Description
Description A description of the client data store and its settings. Not displayed for Registry.
Create Client database tables If ColdFusion can determine that the database you use supports SQL creation of database tables, this option appears, and you do not need to create the client variable tables before they are used. In this case, the Create Client Database Tables option appears on the Add/Edit Client Store page; if you select this option, ColdFusion creates the necessary tables in the database. If the database does not support SQL table creation, if the database already has the required tables, or if you are using the Registry, this option does not appear.
Purge data for clients that remain unvisited for n days Typically, client data is saved for a limited time. To delete (purge) client data that has not been accessed in a specified number of days, select this option and enter a value for the number of days. If a cluster of ColdFusion servers uses this data source, ensure that only one server is configured to purge client data.
Disable global client variable updates By default, ColdFusion updates client variables for every page request. To prevent ColdFusion from updating variables, select this option. If updates are disabled, ColdFusion updates global client variables only when they are first created and when they are updated. This helps improve application performance.
  1. Click Submit Changes. The Client Variables page appears, with your data source in the list.
  1. In the Select Default Storage Mechanism for Client Sessions table, select the data source.
  1. Click Apply.

Store client variables in a cookie or in the system registry

  1. In the Client Variables page, select Cookie or Registry.
  1. Click Apply.

Client variable storage options

Storage type Advantages Disadvantages
Data source
  • Can use existing data source
  • Portable: not tied to the host system or operating system
  • Requires database transaction to read/write variables
  • More complex to implement
Browser cookies
  • Simple implementation
  • Good performance
  • Can be set to expire automatically
  • Client-side control
  • Users can configure browsers to disallow cookies
  • Cookie data is limited to 4-KB
  • Netscape Navigator allows only 20 cookies from one host; ColdFusion uses three cookies to store read-only data, leaving only 17 cookies available
System registry
  • Simple implementation
  • Good performance
  • Registry can be exported easily to other systems
  • Server-side control
  • Possible restriction of the registry’s maximum size limit in Windows in the Control Panel
  • Integrated with the host system: not practical for clustered servers
  • Not available for UNIX
  • Applicable only for Windows

Migrating client variable data

To migrate your client variable data to another data source, determine the structure of the database tables that store this information. Client variables stored externally use two simple database tables, as shown in the following tables:

CDATA Table

Column Data type
cfid CHAR(64), TEXT, VARCHAR, or equivalent
app CHAR(64), TEXT, VARCHAR, or equivalent
data MEMO, LONGTEXT, LONG VARCHAR, or equivalent

CGLOBAL Table

Column Data type
cfid CHAR(64), TEXT, VARCHAR, or equivalent
data MEMO, LONGTEXT, LONG VARCHAR, or equivalent
lvisit TIMESTAMP, DATETIME, DATE, or equivalent

Creating client variable tables

Use the following sample ColdFusion page as a model for creating client variable database tables in your own database.

However, keep in mind that not all databases support the same column data type names. For the proper data type, see your database documentation.

Scheduled Tasks page

Information that is read more often than written is a good candidate for scheduled tasks. Instead of executing a query to a database every time the page is requested, ColdFusion renders the static page with information that the scheduled event generates. Response time is faster because no database transaction takes place.

You can run scheduled tasks once; on a specified date; or at a specified time, daily, weekly, or monthly; daily; at a specified interval; or between specified dates.

When a scheduled page executes, ColdFusion writes a message to a log file called schedule.log automatically. This file identifies the name of the scheduled action, the page to be executed, and whether the task scheduled executed successfully.You can pause and resume scheduled tasks.

The Scheduled Task page lets you create, edit, pause, resume, and delete scheduled tasks. This page has the following areas:

Area Description
Schedule New Tasks Click to add new scheduled task.
Actions Click the icons to run, pause, edit or remove the schedule task.
Task Name Identifies the names of the existing tasks scheduled to run.
Duration Identifies the duration of the task to run.
Interval Identifies how often this task runs. The values for this column can be Once, Daily, or DailyEvery.
  • Application Level Scheduled Tasks: Provides a list of application-specific tasks that you have scheduled, with task details in tabular format. The table provides details such as actions, application name, group, task name, duration, interval, last run, next run, repeat count, and if cluster is enabled.
  • Note: Application-specific tasks cannot be created using ColdFusion Administrator. But you can pause, resume, or delete the tasks.
  • Server Level Scheduled Tasks: Provides a list of server-specific tasks that you have scheduled, with task details in tabular format. The table provides new details such as group, next run, repeat count, if cluster is enabled, and the remaining task count.

Enable Cluster Setup: Applies if you have at least one data source configured. Specify the following details:

  • Select Data source: All the data sources you have connected to are listed.
  • Create Tables for Cluster Setup: Check to create scheduler-specific tables for cluster.
  • Note: Enable this option only for one node in the cluster. Otherwise, the tables are overridden. If you have created tables from one node, in other nodes you need to only select and choose the data source. All nodes will point to the same data source and therefore will be part of the cluster.
  • After you specify the details, click Submit.
  • To disable cluster, select the option Disable Cluster.

Add/Edit Scheduled Task page

Add/Edit Scheduled Task page lets you add or edit task. Click Submit after you specify the following tasks. When the page loads for the first time, you are provided with only minimum options to create the task. Click Show Additional Settings to list all settings.

Option Description
Task Name Enter a name for the task in the Task Name text box.
Duration Enter the start and end dates for the task. The end date is optional. If you want this task to execute continuously, leave the End Date text box blank.
Frequency Select the schedule for running this task:

  • One-time Schedules the task to run once on the start date and scheduled time specified. Specify the date and time. The task must be set at least 15 minutes in the future in order for the task to execute successfully
  • Recurring Schedules the task to run daily, weekly, or monthly at the specified time.
  • Daily every Schedules the task to repeat during a day. Specify Start Time and End Time to designate when the task begins and ends. Specify Hours, Minutes, Seconds to set an interval after which the task repeats.
URL Enter the URL for the ColdFusion page that you want to execute. You can execute a local page or a page on a remote ColdFusion Server, assuming that you have the proper access rights.
Username (Optional) Specify a user name only if the page you want to execute is in a secure location.
Password (Optional) Specify a password only if the page you want to execute is in a secure location.
Timeout (Optional) Specify a timeout setting. This helps prevent requests from stalling due to an overloaded web server, a network problem, or a page that takes too long to execute.
Proxy Server: Port (Optional) If this request must be routed through a proxy server, enter the URL and Port number of that proxy server.
Publish; File (Optional) To publish an output file of this task, select the Save Output to a File option and then, in the File text box, enter the full path and filename of the output file. Note that the Publish file in scheduled tasks can now only have .txt and .log extensions by default. You can add more extensions in cfusion\lib\neo-cron xml.
Resolve URL (Optional) Select the Resolve URL option to replace any relative URLs used in links returned in the result page to absolute URLs.
Group The group to which the scheduled tasks belong. Ensure that the combination of task name and group are unique.
Crontime Specify task scheduling time in cron job syntax.
Overwrite If not selected, creates new output files every time the task executes.Select to overwrite the existing output file, instead of creating a new one.
Eventhandler A CFC file whose pre-defined methods are invoked for various events while running the task. The path you specify can be relative to webroot for example, schedulerdemo.eventhandler, or use a ColdFusion mapping.
Exclude Comma-separated list of dates or date range for exclusion in the schedule period.
On Misfire Specify what the server has to do if a scheduled task misfires.
On Exception Specify what to do if a task results in error.
On Complete The action to be performed after the completion of current task. Specify the details in the following format:Task1:Group1,Task3:Group3
Priority An integer that indicates the priority of the task.
Retry Count The number of reattempts if the task results in an error.
Cluster Enable to execute tasks in cluster setup.

Top Reasons Why To Go With Adobe ColdFusion (2016 Release) Enterprise Edition

Adobe ColdFusion Enterprise Edition

Adobe ColdFusion (2016 release) is a feature packed version of ColdFusion with benefits ranging from better security, performance, scalability, PDF improvements, language enhancements along with the all new API Manager.

This article serves as a quick introduction to what is new, enhanced and improved in ColdFusion (2016 release).

Product themes of ColdFusion (2016 release)

The entire feature set of ColdFusion (2016 release) can be categorized into three product themes. These themes are also focus areas for ColdFusion (2016 release). In this article, I will explain each theme along with its features. The three product themes of ColdFusion (2016 release) are as follows:

  1. Embrace Futuristic Technologies
  2. Deploy enterprise ready applications
  3. Build applications quickly

NEW in Adobe ColdFusion 2016

1. Security Code Analyzer

Use the new security code analyzer to scan existing application code to automatically detect vulnerabilities and potential security breaches. Identify the exact vulnerable code, type of vulnerability and severity level, and mitigate the vulnerability with the suggestion provided.

2. PDF Sanitization

Eliminate the unintentional release of sensitive hidden information that can be misused. Easily remove items, such as actions, JavaScript, flat form fields, alternate images, embedded page thumbnails, embedded files, document tags and metadata, from your PDF documents.

3. PDF Redaction

Ensure confidentiality of content while sharing or distributing PDF documents. Redact selected portions of visible content, including images, before sharing PDF files. Redacted areas are permanently removed and appear as blanked- or grayed-out in the PDF document.

4. Command-line Interface

Work faster by using CFML for your scripting needs. Execute CFM files via the command line to work with files, databases and email, or invoke web services. Pass named or positional parameters to the CFM files for dynamic customization.

5. Integration of ColdFusion with API Manager

Go live with minimal configuration. Readily import ColdFusion based REST services into the API management gateway by configuring the ColdFusion server within the admin portal of the API manager. Set up API Manager and ColdFusion to share the same JVM for faster access when the load is minimal.

6. API Version and Lifecycle Management

Manage APIs across their lifecycle, from draft to publish to deprecate and retire. Upgrade APIs without worrying about backward compatibility by managing multiple versions using a single platform. Tweak the API settings without affecting the production server by configuring a test server.

7. API Rate Limiting and Throttling

Restrict access to APIs beyond a specified threshold based on the number of requests per unit of time. Select from predefined SLAs or create custom SLA plans. Set soft limits in which access is allowed but the user is notified, and hard limits that deny access to additional requests

8. API Access Control

Secure your APIs by restricting access to authorized applications. Use basic authentication, API keys, OAuth or OAuth with a SAML-based authorization server to ensure that only valid applications are allowed to make an API call.

9. API Developer Portal

Leverage your APIs to the maximum by establishing a secure platform for developer onboarding, engagement and management. Allow developers to explore and try APIs, refer to documentation, view and select usage plans, sign up and track usage using the built-in developer dashboard.

10. SOAP to REST Translation

Leverage existing investments in SOAP services to engage with customers through modern apps. Use the new API Creation wizard to accomplish the long, cumbersome process of translation to REST in minutes. Simply import your SOAP services to create a REST API based on WSDL and do everything necessary to complete the translation without having to write any code.

11. SOAP Gateway

Get all the benefits of REST API management for SOAP APIs as well, including access control, rate limiting and throttling, API monitoring, caching, and version and lifecycle management. Easily configure the SOAP gateway by simply importing the Web Services Definition Language (WSDL) file corresponding to the SOAP service

Enhancements to features in Adobe ColdFusion 2016

1. PDF Digital Signatures and Archival

Make PDF files more secure with electronic signatures. Let your users sign, certify and validate PDF files to establish document authenticity and integrity. Leverage new archiving capabilities, including support for PDF/A-2b, to enable preservation of electronic files as long-term, self-contained documents of record.

2. Security Enhancements

Leverage the new NTLM authentication support on CFSHAREPOINT, CFOBJECT and CFINVOKE to provide authentication, integrity and confidentiality to users. Now easily lockdown ColdFusion Server because the scripts directory has been moved out of the CFIDE directory. Enjoy additional security with web server access to CFIDE now removed by default.

3. CFML Enhancements

Reduce multiple lines of code to just one by using the safe navigation operator to avoid multiple ISDEFINED or NULL checks. Leverage the new data structures to maintain the insertion order, and sort elements within data structures based on a predefined order. Use other language enhancements, such as additional member functions, the passarraybyreference setting and searchImplicitScopes to boost developer productivity and application performance.

Improvements to existing functionalities & Bug fixes

1. PDF Manipulation with Document Description XML (DDX)

Leverage full access to DDX to manipulate PDF documents. Perform advanced tasks, such as adding comments, bookmarks, file attachments, and headers and footers with automatic page numbers. Customize the appearance of your PDF files by setting page margins, size and rotation.

2. HTML to PDF Conversion

Use the powerful conversion engine from Adobe to generate superior quality PDF files from HTML pages. The engine parses the CSS and applies its settings to ensure that the content in the PDF file appears and functions as it does in the web browser, retaining its formatting, layout and hyperlinks.

3. Full CFSCRIPT Support

Work more productively with complete scripting support for CFSCRIPT. Develop applications faster and more easily by accessing every ColdFusion 11 functionality using CFSCRIPT.

4. Microsoft Office File Interoperability

Leverage additional functionalities, such as page break and auto filter, to manage spreadsheets better. Generate PDF files from PowerPoint and Word files. Produce HTML and SWF files from PowerPoint presentations. Take advantage of several performance enhancements to work faster with Microsoft Office 2010 files.

5. Enterprise Infrastructure

Achieve scalability by creating and managing multiple server instances in a clustered or virtualized environment. Easily deploy ColdFusion as an EAR or WAR from within your existing Java EE application servers. Send and receive unlimited emails using the built-in, highly scalable email engine.

Source : https://helpx.adobe.com/pdf/Cf2016-enterprise-datasheet.pdf

Additional Reads:

https://helpx.adobe.com/pdf/Cf2016-enterprise-comparison.pdf
https://helpx.adobe.com/pdf/Cfbuilder2016-datasheet.pdf
http://wwwimages.adobe.com/content/dam/acom/en/products/coldfusion/pdfs/cf2016/CF2016_Performance.pdf