Re: Hash SHA-512 equivalent in JS
Thanks for the help guys Hi, We store user passwords as a hash value with a salt phrase using CF. However, we have recently had a penetration test done on our servers and they have advised that when the password gets sent to the server, the actual password gets stored in the browser memory. They have suggested adding the salt phrase and hashing using javascript before we send it to the server. However, I am wondering: 1) is this best practise as if the salt phrase is contained within Javascript it will be easy for anyone to see what it is 2) if this is best practise then how can i obfuscate the salt phrase and also is there a JS equivalent to coldfusions SHA-512 hash function? Many thanks, Richard ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357633 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Adding Coldfusion to an existing J2EE java system
On Sun, Feb 9, 2014 at 1:25 PM, Dave Watts dwa...@figleaf.com wrote: Can you be more specific about what you're trying to do? You can certainly deploy CF on a J2EE server running BlazeDS and your custom J2EE applications, but it's going to be a separate application. There are 2 things I'm thinking of: 1) since you can load any Java jar file from within CF, I wanted know if you can do it the other way around 2) have a mix of remote calls to either java or cf components Chris -- Chris Velevitch Manager - Adobe Platform Users Group, Sydney m: 0415 469 095 www.apugs.org.au Adobe Platform Users Group, Sydney Topic: TBD Date: Monday, 24th February Details and RSVP on http://www.meetup.com/Sydney-Adobe-Platform-User-Group ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357634 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
CF10 Apache won't process CF pages outside of localhost
So I have a developer version of CF. I also have apache (2.2) set up since I wasn't able to connect at all with the built in webserver. I can connect to http://127.0.0.1/Ubersite/wwwroot/ and it displays the CF fine. I can connect to http://127.0.0.1/index.cfm and I get the CF page. I go to http://192.168.1.2/ from my laptop and I get the HTML page. I go to http://192.168.1.2/index.cfm from my laptop and I get the CF page. But I go to http://192.168.1.2/Ubersite/wwwroot/ and I get a blank page. Any idea what I'm doing wrong here? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357635 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
Oh yeah.. I also set 192.168.1.* in *Allowed IP Addresses for Exposed Services. No luck.* On Sun, Feb 9, 2014 at 9:57 AM, Phillip Vector vec...@mostdeadlygame.comwrote: So I have a developer version of CF. I also have apache (2.2) set up since I wasn't able to connect at all with the built in webserver. I can connect to http://127.0.0.1/Ubersite/wwwroot/ and it displays the CF fine. I can connect to http://127.0.0.1/index.cfm and I get the CF page. I go to http://192.168.1.2/ from my laptop and I get the HTML page. I go to http://192.168.1.2/index.cfm from my laptop and I get the CF page. But I go to http://192.168.1.2/Ubersite/wwwroot/ and I get a blank page. Any idea what I'm doing wrong here? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357636 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
192.168.1.3 - - [09/Feb/2014:10:01:35 -0800] GET /Ubersite/wwwroot/ HTTP/1.1 200 - That is what the apache logs say is happening. So it's returning a webpage.. Just ... no CF. On Sun, Feb 9, 2014 at 9:59 AM, Phillip Vector vec...@mostdeadlygame.comwrote: Oh yeah.. I also set 192.168.1.* in *Allowed IP Addresses for Exposed Services. No luck. * On Sun, Feb 9, 2014 at 9:57 AM, Phillip Vector vec...@mostdeadlygame.comwrote: So I have a developer version of CF. I also have apache (2.2) set up since I wasn't able to connect at all with the built in webserver. I can connect to http://127.0.0.1/Ubersite/wwwroot/ and it displays the CF fine. I can connect to http://127.0.0.1/index.cfm and I get the CF page. I go to http://192.168.1.2/ from my laptop and I get the HTML page. I go to http://192.168.1.2/index.cfm from my laptop and I get the CF page. But I go to http://192.168.1.2/Ubersite/wwwroot/ and I get a blank page. Any idea what I'm doing wrong here? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357637 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Adding Coldfusion to an existing J2EE java system
Has anyone had any success in adding coldfusion to an existing application built on Java (J2ee server) and Blazds? Can you be more specific about what you're trying to do? You can certainly deploy CF on a J2EE server running BlazeDS and your custom J2EE applications, but it's going to be a separate application. There are 2 things I'm thinking of: 1) since you can load any Java jar file from within CF, I wanted know if you can do it the other way around 2) have a mix of remote calls to either java or cf components While you can load a jar file from within CF, that's not the same as a J2EE application. A J2EE application is a war or ear file deployed within a J2EE server. But once you install CF on a J2EE server, you can use CF just like you would any other J2EE application - you can add JSP pages, servlets, etc. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357638 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
sounds like the connectors didn't install correctly. This is evident that the index.cfm is not in the default file list or it is not at the top like it is suppose to be... Did you run the web configuration tool? Regards, Andrew Scott WebSite: http://www.andyscott.id.au/ Google+: http://plus.google.com/113032480415921517411 On Mon, Feb 10, 2014 at 5:04 AM, Phillip Vector vec...@mostdeadlygame.comwrote: 192.168.1.3 - - [09/Feb/2014:10:01:35 -0800] GET /Ubersite/wwwroot/ HTTP/1.1 200 - That is what the apache logs say is happening. So it's returning a webpage.. Just ... no CF. On Sun, Feb 9, 2014 at 9:59 AM, Phillip Vector vec...@mostdeadlygame.com wrote: Oh yeah.. I also set 192.168.1.* in *Allowed IP Addresses for Exposed Services. No luck. * On Sun, Feb 9, 2014 at 9:57 AM, Phillip Vector vec...@mostdeadlygame.comwrote: So I have a developer version of CF. I also have apache (2.2) set up since I wasn't able to connect at all with the built in webserver. I can connect to http://127.0.0.1/Ubersite/wwwroot/ and it displays the CF fine. I can connect to http://127.0.0.1/index.cfm and I get the CF page. I go to http://192.168.1.2/ from my laptop and I get the HTML page. I go to http://192.168.1.2/index.cfm from my laptop and I get the CF page. But I go to http://192.168.1.2/Ubersite/wwwroot/ and I get a blank page. Any idea what I'm doing wrong here? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357639 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
I set it up for apache and it seems to have added the stuff to httpd.conf IfModule dir_module DirectoryIndex dex index.html index.cfm /IfModule I went and changed it to IfModule dir_module DirectoryIndex dex index.cfm index.html /IfModule and it still isn't working. On Sun, Feb 9, 2014 at 10:32 AM, Andrew Scott andr...@andyscott.id.auwrote: sounds like the connectors didn't install correctly. This is evident that the index.cfm is not in the default file list or it is not at the top like it is suppose to be... Did you run the web configuration tool? Regards, Andrew Scott WebSite: http://www.andyscott.id.au/ Google+: http://plus.google.com/113032480415921517411 On Mon, Feb 10, 2014 at 5:04 AM, Phillip Vector vec...@mostdeadlygame.comwrote: 192.168.1.3 - - [09/Feb/2014:10:01:35 -0800] GET /Ubersite/wwwroot/ HTTP/1.1 200 - That is what the apache logs say is happening. So it's returning a webpage.. Just ... no CF. On Sun, Feb 9, 2014 at 9:59 AM, Phillip Vector vec...@mostdeadlygame.com wrote: Oh yeah.. I also set 192.168.1.* in *Allowed IP Addresses for Exposed Services. No luck. * On Sun, Feb 9, 2014 at 9:57 AM, Phillip Vector vec...@mostdeadlygame.comwrote: So I have a developer version of CF. I also have apache (2.2) set up since I wasn't able to connect at all with the built in webserver. I can connect to http://127.0.0.1/Ubersite/wwwroot/ and it displays the CF fine. I can connect to http://127.0.0.1/index.cfm and I get the CF page. I go to http://192.168.1.2/ from my laptop and I get the HTML page. I go to http://192.168.1.2/index.cfm from my laptop and I get the CF page. But I go to http://192.168.1.2/Ubersite/wwwroot/ and I get a blank page. Any idea what I'm doing wrong here? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357640 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
If it helps, here's the log from mod_jk. It looks like it's getting to coldfusion... But just not parsing it out to the screen? [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] uri_worker_map_update::jk_uri_worker_map.c (1168): File C:/ColdFusion10/config/wsconfig/1/uriworkermap.properties is not modified [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] map_uri_to_worker_ext::jk_uri_worker_map.c (1036): Attempting to map URI '/Ubersite/wwwroot/index.cfm' from 24 maps [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/flashservices/gateway/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/cfform-internal/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/flex-internal/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/CFFormGateway/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/cffileservlet/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/cfformgateway/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/CFFileServlet/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/flex2gateway/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfml/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfc/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfm/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/rest/*=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/flex2gateway=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.hbmxml=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfswf=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.mxml=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfml=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfr=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfc=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (850): Attempting to map context URI '/*.cfm=cfusion' source 'uriworkermap' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] find_match::jk_uri_worker_map.c (863): Found a wildchar match '/*.cfm=cfusion' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] jk_handler::mod_jk.c (2569): Into handler jakarta-servlet worker=cfusion r-proxyreq=0 [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] wc_get_worker_for_name::jk_worker.c (116): found a worker cfusion [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] wc_maintain::jk_worker.c (339): Maintaining worker cfusion [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] wc_get_name_for_type::jk_worker.c (293): Found worker type 'ajp13' [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] init_ws_service::mod_jk.c (1071): Service protocol=HTTP/1.1 method=GET ssl=false host=(null) addr=192.168.1.3 name=192.168.1.2 port=80 auth=(null) user=(null) laddr=192.168.1.2 raddr=192.168.1.3 uri=/Ubersite/wwwroot/index.cfm [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] ajp_get_endpoint::jk_ajp_common.c (3186): acquired connection pool slot=0 after 0 retries [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] ajp_marshal_into_msgb::jk_ajp_common.c (665): ajp marshaling done [Sun Feb 09 11:33:27 2014] [10680:25804] [debug] ajp_service::jk_ajp_common.c (2462): processing cfusion with 2 retries [Sun Feb 09 11:33:27
Re: CF10 Apache won't process CF pages outside of localhost
I can't believe I was that stupid... So I installed IIS (getting frustrated with Apache). I FINALLY get that working and same issue.. WTF... So I check out other small CFM files and finally get to my index.cfm of the site (fusebox based). Great. Fusebox is failing on me... I peek in and what do I find.. cfif cgi.REMOTE_ADDR is '127.0.0.1' cfset FUSEBOX_PARAMETERS.mode = Development-full-load / cfelse cfset FUSEBOX_PARAMETERS.mode = Production / /cfif It breaks there.. . Yeah. I'm not hitting it from 127 anymore... So I change it to this.. cfif cgi.REMOTE_ADDR is '127.0.0.1' or cgi.REMOTE_ADDR contains '192.168.1' Kabam.. Works. I feel so stupid right now. To my defense though, I've coming off an all nighter of coding.. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357642 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CF10 Apache won't process CF pages outside of localhost
lol... don't worry about it. I think we all have moments like that. Regards, Andrew Scott WebSite: http://www.andyscott.id.au/ Google+: http://plus.google.com/113032480415921517411 On Mon, Feb 10, 2014 at 8:15 AM, Phillip Vector vec...@mostdeadlygame.comwrote: I can't believe I was that stupid... So I installed IIS (getting frustrated with Apache). I FINALLY get that working and same issue.. WTF... So I check out other small CFM files and finally get to my index.cfm of the site (fusebox based). Great. Fusebox is failing on me... I peek in and what do I find.. cfif cgi.REMOTE_ADDR is '127.0.0.1' cfset FUSEBOX_PARAMETERS.mode = Development-full-load / cfelse cfset FUSEBOX_PARAMETERS.mode = Production / /cfif It breaks there.. . Yeah. I'm not hitting it from 127 anymore... So I change it to this.. cfif cgi.REMOTE_ADDR is '127.0.0.1' or cgi.REMOTE_ADDR contains '192.168.1' Kabam.. Works. I feel so stupid right now. To my defense though, I've coming off an all nighter of coding.. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357643 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm