This content has been marked as final. Show 1 reply
Is there any reason you have CF on a separate server?
The reason I ask it that I am currently implementing something similar on
our extranet. Basically we our extranet server and our intranet server.
Because the extranet has to be more "open" we don't want our "protected"
pdfs, word docs, etc stored on that server, but some of those items need to
be accessible to our extranet users. What was decided here was to put all
our "protected" files on the intranet server and use cfcs (one on the
extranet, one on the intranet), along with a new page (on the extranet) to
"pull" the requested file. Basically all links on the extranet that would
normally point to a document now point to a page that calls the extranet cfc
and passes the UUID for the document. This cfc does an http request to the
cfc on the intranet which determines which document is being requested,
grabs that file and passes it back to the extranet for display. This serves
a couple of purposes. 1) The user never actually knows where the file is
stored. 2) We can pass a username and password via the http call for
We don't have to have multiple copies of directory structure as all our
non-restricted content can be stored on the extranet. But we do have CF
installed on both servers.
Bryan Ashcraft (remove brain to reply)
Web Application Developer
Wright Medical Technologies, Inc.
Macromedia Certified Dreamweaver Developer
Adobe Community Expert (DW) :: http://www.adobe.com/communities/experts/
"sdsinc_pmascari" <email@example.com> wrote in message
> We are in the process of setting up our sites with CFMX7 Enterprise in
> distributed mode. IIS on one server and our CF instances on another. We
> this working fine.
> In our current setup, IIS is set to allow anonymous access to allow access
> the public side of our sites. For the password-protected portions we've
> development our own authentication system and it is working fine.
> However, we have found that in distributed mode, all non-coldfusion
> (images, HTML pages, PDFs, etc...) are processed and sent from the IIS
> directories and never touches the CF server. CF requests are sent to
> respective instance on its separate machine, the results returned to IIS
> it then grabs the images and any other non-CF content from itself and
> the page to the user. This appears to be by design and forces us to
> our directory structure on two machines. We're willing to live with that
> is there any way to protect the non-CF content residing on the IIS server?
> have some images and PDFs we'd like to keep available only for authorized
> but it seems using the built-in ColdFusion tools we can only protect CF
> material on the CF machine.
> Thoughts or insights?