Is there any reason you have CF on a separate server?
The reason I ask it that I am currently implementing
something similar on
our extranet. Basically we our extranet server and our
intranet server.
Because the extranet has to be more "open" we don't want our
"protected"
pdfs, word docs, etc stored on that server, but some of those
items need to
be accessible to our extranet users. What was decided here
was to put all
our "protected" files on the intranet server and use cfcs
(one on the
extranet, one on the intranet), along with a new page (on the
extranet) to
"pull" the requested file. Basically all links on the
extranet that would
normally point to a document now point to a page that calls
the extranet cfc
and passes the UUID for the document. This cfc does an http
request to the
cfc on the intranet which determines which document is being
requested,
grabs that file and passes it back to the extranet for
display. This serves
a couple of purposes. 1) The user never actually knows where
the file is
stored. 2) We can pass a username and password via the http
call for
authentication.
We don't have to have multiple copies of directory structure
as all our
non-restricted content can be stored on the extranet. But we
do have CF
installed on both servers.
--
Bryan Ashcraft (remove brain to reply)
Web Application Developer
Wright Medical Technologies, Inc.
=============================
Macromedia Certified Dreamweaver Developer
Adobe Community Expert (DW) ::
http://www.adobe.com/communities/experts/
"sdsinc_pmascari" <webforumsuser@macromedia.com> wrote
in message
news:e4fg52$e00$1@forums.macromedia.com...
> We are in the process of setting up our sites with CFMX7
Enterprise in
> distributed mode. IIS on one server and our CF instances
on another. We
> have
> this working fine.
>
> In our current setup, IIS is set to allow anonymous
access to allow access
> to
> the public side of our sites. For the password-protected
portions we've
> development our own authentication system and it is
working fine.
>
> However, we have found that in distributed mode, all
non-coldfusion
> material
> (images, HTML pages, PDFs, etc...) are processed and
sent from the IIS
> server
> directories and never touches the CF server. CF requests
are sent to
> their
> respective instance on its separate machine, the results
returned to IIS
> where
> it then grabs the images and any other non-CF content
from itself and
> serves
> the page to the user. This appears to be by design and
forces us to
> maintain
> our directory structure on two machines. We're willing
to live with that
> but
> is there any way to protect the non-CF content residing
on the IIS server?
> We
> have some images and PDFs we'd like to keep available
only for authorized
> users
> but it seems using the built-in ColdFusion tools we can
only protect CF
> material on the CF machine.
>
> Thoughts or insights?
>