ColdFusion MX 7 Login Security

Publication Date



Before reading through this tutorial you should understand the basic concepts of ColdFusion's Application Framework. You should also possess a good understanding of shared-scope variables - particularly Application and Session variables.

You must also have the following installed and configured properly:

  • ColdFusion MX 7
  • MySQL Server or Microsoft SQL Server

Topics Covered

  • CFMX7 Application Framework (Application.cfc)
  • ColdFusion Components "this" scope
  • Securing ColdFusion templates from unauthorized viewing
  • Application, Session, and Request scoped variables
  • Locking (CFLOCK)
  • ColdFusion's Hash() function
  • Tracking active sessions application-wide
  • Updating the "last login date" each login
  • Issuing "smart redirects" each login

Source Files

Throughout the tutorial I'll reference particular lines of code in ColdFusion templates. Wherever possible, I've tried to also include the code within the tutorial including line numbers. The line numbers in the tutorial correspond to the line numbers in the downloadable source files and in most cases are not sequential. This is because I've ommitted the ColdFusion comments in the interest of brevity. To download the source files for this tutorial, click here.