IIS security is very fine grained. You can apply security
setting as
global as the entire website or as granular as an individual
file or
directory.
When I have been presented with the exact issue you are
experiencing;
having anonymous access for scheduled tasks, I would set up a
file or
directory for the scheduled tasks and allow anonymous access
for just
that file or directory, while leaving the rest of the site
secured.
You can use other filters to prevent unlimited access to
these files if
that is necessary. Such as restricting the IP address for
these files
to just the CF server, or similar restrictions.
You can not set any user for ColdFusion that will pass IIS
integrated
security. The reason for this is that for IIS integrated
security, the
browser must understand the protocol and respond correctly.
The only
browser that does this is IE. Any other browser, including
the very
basic browser CF uses to make a scheduled task request, do
not
understand this protocol. They will either present a dialog
box for a
user name and password or just fail completely upon making
the request.
If you can accept IIS basic security, you can use the user
name and
password fields on the scheduled task form to provide these.
Just be
aware that these creditionals are passed between client and
server in
open, plain text and can be snooped. The usual mitigation for
this is
using HTTPS or another security protocol to encrypt data in
transition.
HTH
Ian
1
Reply
AdChoices