RE: [DFW CFUG] Why Cold Fusion vs Java? vs PHP? vs .ASP? etc.

Sat, 04 Nov 2006 18:54:40 -0800

In some cases you can’t tell what technologies are being used behind the scenes because of certain web server extensions and filters can obfuscate the specific files being requested.  I’m currently in the middle of a project where we’re using an ISAPI filter that performs URL rewrites (basically the same type of filter being used by the Ruby on Rails framework).  The ISAPI filter basically can translate a requested URL to a different URL that’s passed on to the necessary web application engine.

 

e.g. http://www.foo.com/message_board/this-is-a-test.html translates to http://www.foo.com/index.cfm?messageid=32323 or http://www.foo.com/threads/message.asp?id=12344 or whatever web application server you use. www.foo.com/index.cfm?messageid=32323 gets passed to the CF server, it processes and returns it back to the browser.  Meanwhile the URL in the address bar still shows www.foo.com/message_board/this-is-a-test.html and the user is none the wiser. 

 

It’s nothing new, and I’m surprised that more sites don’t use such technologies with the fascination with search engine optimization.

 

With regards to personal sensitive info, it really doesn’t matter (in most cases) what technology you use to secure that data, what matters most is how you architect how that information is stored and how it’s accessed. 

 

I used to work for a mutual fund company that has a website that clients can use to access all their account info, including holdings and portfolio value.  All that data was stored behind 2 firewalls and CF accessed it through an Tuxedo transaction through both firewalls.  The CF server didn’t make inline SQL calls to the database, nor did it invoke a CFC that executed the SQL statement.  It was a secure, brokered transaction that prevented unauthorized access and architected to prevent too much info from being exposed. 

 

In that vein, the security of your web application is only as good as the developer who secures the web application.

 

Rick Law

 

 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bartlett, Susan
Sent: Friday, November 03, 2006 4:12 PM
To: Dallas/Fort Worth ColdFusion User Group Mailing List
Subject: RE: [DFW CFUG] Why Cold Fusion vs Java? vs PHP? vs .ASP? etc.

 

I agree with you. I just think you bring up a very interesting point. When you see the extensions, it leads you to believe

It is a web site created in that particular program. I am very new to web development. I would love to know more

About how you can tell. I don’t think you are promoting B of A.

 

I have a neighbor in network security at Citicard. I would greatly love to know more of what they use. Frankly

It is amazing to so much control of money on the web. I am a network administrator in higher education. Most

Of my work deals with PSI(personal sensitive info) I just can’t imagine trustly any web program that highly.

 

Thank you for your input

Susan

 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christopher Jordan
Sent: Friday, November 03, 2006 4:07 PM
To: Dallas/Fort Worth ColdFusion User Group Mailing List
Subject: Re: [DFW CFUG] Why Cold Fusion vs Java? vs PHP? vs .ASP? etc.

 

I didn't say that their Online Banking was coded in CF. I just said that they had really slick online banking. You made the inference yourself. It's a big company and they do use CF. I also wasn't trying to "promote" anything. I've got no business ties to BofA... I mearly pointed out that they use CF... and not to what end they use CF.

Chris

Daniel Eben Elmore wrote: 

Check out the Adobe case studies:
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productid=1522
 
I'm not sure what, if any, kind of techno babble will influence senior level
management. Present a few examples where ColdFusion is show to be
trustworthy, present a few where it's shown to cut development costs,
present a few showing decreased maintenance. Cost, reliability,
interoperability, cling to those aspects. 
 
You can even take the Hal Helms approach, whereby you prove Java (which is
very easy), then say "O, so we'll use some ColdFusion too, it's just
pre-built java code you can purchase".
 
Chris, I wouldn't promote a companies use of CF just by a URL. The Bank of
America front end may be built in CF because CF is so presentation friendly,
but their online backing system is most definitely not running CF.
 
 
-Daniel Elmore
 
 
 
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
On Behalf Of Christopher Jordan
Sent: Friday, November 03, 2006 3:12 PM
To: Dallas/Fort Worth ColdFusion User Group Mailing List
Subject: Re: [DFW CFUG] Why Cold Fusion vs Java? vs PHP? vs .ASP? etc.
 
Kipp,
 
Here's a major success for ya:
 
http://www.bankofamerica.com/index.cfm?page=corp_bofacom
(notice the .cfm in the url)
 
And Bank Of America is not only a huge company, but their online banking is
some of the slickest I've seen.
 
Hope that helps.
 
Chris
 
Baker, Kipp wrote: 
Group, 
I know you've heard this question before - but I'd like some succinct
reasons why you prefer CF over other technologies. 
 
Why is it the best tool for the job?
(Define "the job" =>  for me its Web Development. The fact that it's "Rapid"
is just icing on the cake;
...define "best" => fewer lines of code, less time spent coding, easier to
repair, etc...)
 
What's the talent pool like versus the other technologies out there?
What are some major successes of CF? (Does Adobe count?...I think so...)
 
I'm looking to put together a rationale for why CF to senior management
authorities.
Point me to URLs? Sure. I know Ben Forta and others, but I'd like some
personal testimonials too.
 
Thanks for the replies - and the help.
(Need answers by next Tuesday - November 7, 2006)
Regards, 
Kipp Baker 
==============================
Manager, Web  Communications
BellHelicopter Textron, Inc.
[EMAIL PROTECTED]
817.280.6426 tel 
817.996.8222 cel
817.923.5477 telecommute 
===============================
 
 
 
 
_______________________________________________
Reply to DFWCFUG: 
  [email protected]
Subscribe/Unsubscribe: 
  http://lists1.safesecureweb.com/mailman/listinfo/list
List Archives: 
    http://www.mail-archive.com/list%40list.dfwcfug.org/             
  http://www.mail-archive.com/list%40dfwcfug.org/
DFWCFUG Sponsors: 
  www.HostMySite.com 
  www.teksystems.com/
  
 
 
_______________________________________________
Reply to DFWCFUG: 
  [email protected]
Subscribe/Unsubscribe: 
  http://lists1.safesecureweb.com/mailman/listinfo/list
List Archives: 
    http://www.mail-archive.com/list%40list.dfwcfug.org/             
  http://www.mail-archive.com/list%40dfwcfug.org/
DFWCFUG Sponsors: 
  www.HostMySite.com 
  www.teksystems.com/
 
 
  





_______________________________________________
Reply to DFWCFUG: 
  [email protected]
Subscribe/Unsubscribe: 
  http://lists1.safesecureweb.com/mailman/listinfo/list
List Archives: 
    http://www.mail-archive.com/list%40list.dfwcfug.org/             
  http://www.mail-archive.com/list%40dfwcfug.org/
DFWCFUG Sponsors: 
  www.HostMySite.com 
  www.teksystems.com/

Reply via email to