> So, can anyone suggest the preferred way of enforcing 128-bit SSL > throughout an entire ColdFusion site that runs using an Apache-like > Web server? > > If I take out the jrunfilter line in the config file, and rely on the > file extensions to pass requests to ColdFusion, it works. However, it > is my understanding that it is desirable to leave the jrunfilter in > place. I could also have the developer add a check of the CGI variable > in Application.cfm. I am thinking there might be some setting in one > of these XML files where I can tell JRun to throw an error if the > 128-bit rule is not met.
If you want that error handling functionality, you will need to disable the filter. If you want to allow CF to handle this, you will need to allow unsecured and secured connections of all types, and then programmatically determine outcomes based on the CGI variables you mention. The jrunfilter is needed if you want to use Flash Remoting or servlets run through CF (and perhaps Flash forms in CF 7). If you don't use any of those things, removing the filter shouldn't cause any problems. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:218123 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
