Are you using IIS? I believer using IIS, you can map content directories from
another server. I've never needed to do this, but it should overcome your
security problem. I don't think it uses IIS on the shared machine - probably
just Windows shares.
Jim
-----Original Message-----
From: Jason <[EMAIL PROTECTED]>
To: CF-Server <[EMAIL PROTECTED]>
Date: Sunday, March 11, 2001 2:49 PM
Subject: Cluster Security Issue
>I am running a clustered setup of web servers using Win 2K and CF 4.5.1 Sp2.
>These machines connect to backend SQL 2000 DB and a standard NT 4.0 Sp 6.0a
>which is the image / file server. I currently authenticate users at the
>webserver level and choose items to allow / disallow access to based on
>their specific access level.
>The problem I am having is I want to avoid using NT Directory Security on
>the Image/File server ( I want to allow disallow access based on their
>cookie login and information contained in the database) but the problem this
>creates is that the users could share the hard link to a file/image or guess
>a file name and be granted access to it since its secured at the
>application.cfm level and not at the directory level.
>
>
>Example:
>
>webserver 1 - http://www.domain.com authenticates users and pulls info -
>chooses files/images to show
>
>
>fileserver 1 - http://files.domain.com file links embedded on pages served
>by Webserver 1 are called from this machine.
>
>Thanks for any suggestions.
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
