Manages passwords, RDS, and sandbox security.
checkAdminPassword |
---|
public
checkAdminPassword
(
required string
password,
boolean
isHashed="false"
)
Checks admin password. Output: suppressed Parameters: password: string, required, password - Administrator password. isHashed: boolean, optional, isHashed - Set it to true if the password sent is already hashed once. |
checkRdsPassword |
public
checkRdsPassword
(
required string
password
)
Checks RDS password. Output: suppressed Parameters: password: string, required, password - Administrator password. |
createDefaultSandboxes |
public
void
createDefaultSandboxes
(
)
Creates the default sandboxes needed to secure the ColdFusion Administrator and the WEB-INF system folder. Output: suppressed |
deleteAllowedIPAddresses |
public
void
deleteAllowedIPAddresses
(
required string
debugip
)
Removes an IP address from client IP addresses that should be allowed to invoke exposed services. Output: suppressed Parameters: debugip: string, required, debugip - List of IP addresses to remove. |
deleteDisabledCFFunction |
public
void
deleteDisabledCFFunction
(
required
directory,
required
functionName
)
Remove a function from the list of disabled functions in the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the function is enabled. functionName: any, required, functionName - Specifies the name of the function to enable. |
deleteDisabledCFTag |
public
void
deleteDisabledCFTag
(
required
directory,
required
tag
)
Removes a tag from the list of disabled tags in the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the tag is enabled. tag: any, required, tag - Specifies the name of the tag to be enabled. |
deleteDisabledDatasource |
public
void
deleteDisabledDatasource
(
required
directory,
required
datasource
)
Removes a data source from the list of disabled data sources in the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the data source is enabled. datasource: any, required, datasource - Specifies the name of the data source to enable. |
deleteSecuredFolder |
public
void
deleteSecuredFolder
(
required
directory,
required
folder
)
Makes a folder inaccessible to a secured sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which a folder is disabled. folder: any, required, folder - Specifies the path of the folder to be made inaccessible. |
deleteSecuredIPPort |
public
deleteSecuredIPPort
(
required
directory,
required
IP,
required
PORT,
portType="single"
)
Removes a specified IP address and port from restricted status. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the restriction is removed. IP: any, required, IP - Specifies the target IP address. PORT: any, required, PORT - Specifies the target port. portType: any, optional, portType - Specifies the port type:
|
deleteSecuritySandbox |
public
void
deleteSecuritySandbox
(
required
directory
)
Removes security sandbox restrictions for a directory. Output: enabled Parameters: directory: any, required, directory - Specifies the directory of the security sandbox to be removed. |
deleteUser |
public
void
deleteUser
(
required
username
)
Removes the user. Output: suppressed Parameters: username: any, required, username - Specifies the username of the user to delete. |
disableRDSServlet* |
private
boolean
disableRDSServlet
(
)
Disables the servlet that performs RDS processing. Output: suppressed |
disableSecureProfile |
public
disableSecureProfile
(
)
Disables secure profile and reverts all required settings from secure value to default value. Output: suppressed |
enableRDSServlet* |
private
boolean
enableRDSServlet
(
)
Enables the servlet that performs RDS processing. Output: suppressed |
enableSecureProfile |
public
enableSecureProfile
(
)
Enables secure profile and applies all required settings for it. Output: suppressed |
formatPort* |
private
formatPort
(
required
port,
required
portType
)
Format a port based on the specified range. Output: Parameters: port: any, required, port - Specifies the port number. portType: any, required, portType - Specifies the range designation:
|
getAllAdminRoles |
getAllAdminRoles
(
)
Output: |
getAllExposedServices |
getAllExposedServices
(
)
Output: |
getAllowedIPList |
public
getAllowedIPList
(
)
Returns a list of client IP addresses that should be allowed to invoke exposed services. Output: suppressed |
getAllRuntimePermissions |
public
array
getAllRuntimePermissions
(
)
Get array of all runtime permissions Output: suppressed |
getAllSecureProfileSettings |
public
getAllSecureProfileSettings
(
)
Returns all settings from Secure Profile. Output: suppressed |
getAllSecureProfileSettingsInArray |
public
getAllSecureProfileSettingsInArray
(
)
Returns all settings from Secure Profile. Output: suppressed |
getCFIDEDirectory* |
private
getCFIDEDirectory
(
)
Returns full path for CFIDE Output: suppressed |
getDefaultSecuritySandbox* |
private
getDefaultSecuritySandbox
(
required
directory
)
Create the default structure for a blank sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the directory of the sandbox. |
getDisabledCFFunctions |
public
getDisabledCFFunctions
(
required
directory
)
Returns an array of functions that have been disabled for the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which disabled functions are returned. |
getDisabledCFTags |
public
getDisabledCFTags
(
required
directory
)
Returns an array of tags that have been disabled for the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which disabled tags are returned. |
getDisabledDatasources |
public
array
getDisabledDatasources
(
required
directory
)
Returns an array of data sources that have been disabled for the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which disabled data sources are returned. |
getEnableRDS |
public
boolean
getEnableRDS
(
)
Checks whether RDS is enabled. Output: suppressed |
getEnableSandboxSecurity |
public
getEnableSandboxSecurity
(
)
Checks whether sandbox security is enabled. Output: suppressed |
getFunctionPermissionPosition* |
private
getFunctionPermissionPosition
(
required
webapp,
required
directory
)
Returns the index in the function permissions array. Output: suppressed Parameters: webapp: any, required, webapp - Specifies the name of the web application using the secured sandbox. directory: any, required, directory - Specifies the sandbox directory for which the index is returned. |
getSecurableCFFunctions |
public
getSecurableCFFunctions
(
)
Returns an array of securable functions. Output: suppressed |
getSecurableCFTags |
public
getSecurableCFTags
(
)
Returns an array of securable tags. Output: suppressed |
getSecuredFolders |
public
getSecuredFolders
(
required
directory
)
Returns an array of secured folders for the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which secured folders are returned. |
getSecuredIPPorts |
public
getSecuredIPPorts
(
required
directory
)
Returns an array of secured ports for the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which secured ports are returned. |
getSecuritySandboxes |
public
getSecuritySandboxes
(
directory
)
Returns all security sandboxes or a specified sandbox. Output: suppressed Parameters: directory: any, optional, directory - Sandbox directory to be returned. |
getTagPermissionPosition* |
private
getTagPermissionPosition
(
required
webapp,
required
directory
)
Returns the index in the permissions array. Output: suppressed Parameters: webapp: any, required, webapp - Specifies the name of the web application using the secured sandbox. directory: any, required, directory - Specifies the sandbox directory for which the index is returned. |
getUseAdminPassword |
public
getUseAdminPassword
(
)
Checks whether ColdFusion Administrator security is required. Output: suppressed |
getUser |
public
struct
getUser
(
string
username
)
Get all users or get single user by specifying a username. Output: suppressed Parameters: username: string, optional, username - Specifies the username of the user to return. |
getUseRDSPassword |
public
getUseRDSPassword
(
)
Checks whether a Remote Development Services (RDS) password is required. Output: suppressed |
getUseSingleRDSPassword |
public
boolean
getUseSingleRDSPassword
(
)
Indicates whether or not a user is is required in addition to a password for logging in to RDS Output: suppressed |
getWebInfDirectory* |
private
getWebInfDirectory
(
)
Returns full path for WEB-INF Output: suppressed |
isAllowConcurrentAdminLogin |
public
isAllowConcurrentAdminLogin
(
)
Checks whether concurrent login sessions are allowed Output: suppressed |
isInternalSandBox |
public
isInternalSandBox
(
required
directory
)
Returns true if the sandbox directory is CFIDE or WEB-INF Output: suppressed Parameters: directory: any, required, directory - Specifies the directory of the sandbox. |
isLoginUserIdRequired |
public
isLoginUserIdRequired
(
)
Checks whether or not a user id is required in addition to a password in order to login. If this returns true, a user id must be passed to the login function in addition to a password. Output: suppressed |
isRAMAllFiles* |
private
boolean
isRAMAllFiles
(
required
path
)
Checks if the argument is ram:///- or ram://- Output: suppressed Parameters: path: any, required, path - specifies the path to the ram file |
isSecureProfile |
public
isSecureProfile
(
)
Checks whether secure profile is selected while installation Output: suppressed |
setAdminPassword |
public
setAdminPassword
(
required string
password,
boolean
isHashed="false"
)
Sets the ColdFusion Administrator password. Output: suppressed Parameters: password: string, required, password - Administrator password. isHashed: boolean, optional, isHashed - Set it to true if the password sent is already hashed once. |
setAllowConcurrentAdminLogin |
public
void
setAllowConcurrentAdminLogin
(
required boolean
adminconclogin
)
Specifies whether concurrent login sessions are allowed for ColdFusion Administrator. Output: suppressed Parameters: adminconclogin: boolean, required, adminconclogin - True or False |
setAllowedIPAddresses |
public
void
setAllowedIPAddresses
(
required string
debugip
)
Sets a list of one or more client IP addresses that should be allowed to invoke exposed services. Output: suppressed Parameters: debugip: string, required, debugip - List of IP addresses. |
setDefaultFilePermission* |
private
void
setDefaultFilePermission
(
required
directory
)
Removes the wildcard and sets the permission for only the defined folder. Output: suppressed Parameters: directory: any, required, directory - Specifies the directory to receive permission. |
setDisabledCFFunction |
public
void
setDisabledCFFunction
(
required
directory,
required
functionName
)
Disables the use of a function in the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the specified function is disabled. functionName: any, required, functionName - Specifies the function to disable. |
setDisabledCFTag |
public
void
setDisabledCFTag
(
required
directory,
required
tag
)
Disables use of a tag in the sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the specified tag is disabled. tag: any, required, tag - Specifies the tag to disable. |
setDisabledDatasource |
public
void
setDisabledDatasource
(
required
directory,
required
datasource
)
Disables use of a data source in the sandbox. Output: enabled Parameters: directory: any, required, directory - Specifies the sandbox directory for which the data source is disabled. datasource: any, required, datasource - Specifies the name of the data source to disable. |
setEnableRDS |
public
void
setEnableRDS
(
required boolean
flag
)
Specifies whether to enable or disable RDS. Output: suppressed Parameters: flag: boolean, required, flag - Specify true or false. |
setEnableSandboxSecurity |
public
void
setEnableSandboxSecurity
(
required boolean
enable
)
Specifies whether to enable sandbox security. Output: suppressed Parameters: enable: boolean, required, enable - True or False |
setLoginUserIdRequired |
public
setLoginUserIdRequired
(
required boolean
isUserIdRequired
)
Sets whether or not a user id is required for login. Output: suppressed Parameters: isUserIdRequired: boolean, required, isUserIdRequired |
setRdsEnabled |
public
void
setRdsEnabled
(
required boolean
enabled
)
Specifies whether RDS is enabled or not. Output: suppressed Parameters: enabled: boolean, required, enabled - Specify true or false. |
setRDSPassword |
public
setRDSPassword
(
required string
password
)
Sets the RDS password. Output: suppressed Parameters: password: string, required, password - RDS password. |
setRdsSecurityEnabled |
public
void
setRdsSecurityEnabled
(
required boolean
useAdminPassword
)
Specifies whether RDS security is required. Output: suppressed Parameters: useAdminPassword: boolean, required, useAdminPassword - Specify true or false. |
setSecuredFolder |
public
void
setSecuredFolder
(
required
directory,
required
folder,
fileRead="true",
fileWrite="true",
fileExecute="true",
fileDelete="true"
)
Makes a folder accessible for the secured sandbox. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the folder is enabled. folder: any, required, folder - Specifies the directory path of the folder to be enabled. fileRead: any, optional, fileRead - Allow read permission. fileWrite: any, optional, fileWrite - Allow write permission. fileExecute: any, optional, fileExecute - Allow execute permission. fileDelete: any, optional, fileDelete - Allow delete permission. |
setSecuredIPPort |
public
setSecuredIPPort
(
required
directory,
required
IP,
required
PORT,
portType="single"
)
Restrict the IP addresses and ports that ColdFusion tags can access. Output: suppressed Parameters: directory: any, required, directory - Specifies the sandbox directory for which the IP address and port are secured. IP: any, required, IP - Specifies the IP address to restrict. PORT: any, required, PORT - Specifies the port to restrict. portType: any, optional, portType - Specifies the port type:
|
setSecuritySandbox |
public
void
setSecuritySandbox
(
required string
directory,
array
sandbox
)
Creates a security sandbox for a specified directory. Output: suppressed Parameters: directory: string, required, directory - Specifies a sandbox directory. sandbox: array, optional, sandbox - The sandbox array object, which is an array of structures with each structure being a permission. |
setSeed |
public
setSeed
(
required string
seed
)
Sets the ColdFusion server seed. Output: suppressed Parameters: seed: string, required, seed - Server seed. |
setUseAdminPassword |
public
void
setUseAdminPassword
(
required boolean
useAdminPassword
)
Specifies whether ColdFusion Administrator security is required. Output: suppressed Parameters: useAdminPassword: boolean, required, useAdminPassword - True or False |
setUser |
public
void
setUser
(
required string
username,
required string
password,
string
description="",
array
roles="[runtime expression]",
boolean
allowrdsaccess="false",
boolean
allowadminaccess="false",
boolean
allowadminapiaccess="false",
array
services="[runtime expression]",
array
enabledds="[runtime expression]",
array
filepermissions="[runtime expression]",
boolean
isHashed="false",
boolean
allowclientcertauth="false"
)
Add or Update a new user. Output: suppressed Parameters: username: string, required, username - Specifies the username for this user. password: string, required, password - Specifies the password for this user. description: string, optional, description - Specifies a description of the user. roles: array, optional, roles - Administrative roles assigned to user allowrdsaccess: boolean, optional, allowrdsaccess - Specifies whether or not RDS access is allowed for this user. allowadminaccess: boolean, optional, allowadminaccess - Specifies whether or not CF Administrator and Admin API access is allowed for this user. allowadminapiaccess: boolean, optional, allowadminapiaccess - Specifies whether or not Admin API access is allowed for this user. services: array, optional, services - Services user is allowed to access. enabledds: array, optional, enabledds - datasources to allowed to access. filepermissions: array, optional, filepermissions - Files to allowed to access. isHashed: boolean, optional, isHashed - Set it to true if the password sent is already hashed once. allowclientcertauth: boolean, optional, allowclientcertauth |
setUseRDSPassword |
public
void
setUseRDSPassword
(
required boolean
useAdminPassword
)
Specifies whether RDS security is required. Output: suppressed Parameters: useAdminPassword: boolean, required, useAdminPassword - Specify true or false. |
setUseSingleRDSPassword |
public
setUseSingleRDSPassword
(
required boolean
useSingleRDSPassword
)
Sets whether or not to allow a user id in addition to a password for logging in to RDS Output: suppressed Parameters: useSingleRDSPassword: boolean, required, useSingleRDSPassword |
validateDirectory* |
private
validateDirectory
(
required
directory
)
Ensure that the directory starts with / and ends with /* Output: suppressed Parameters: directory: any, required, directory - Specifies the directory to be secured. |