Brian Pickens wrote:
Hi all, Im new to openbd. Now, the way I understand it is each "application" runs with in its own context and has its own administrator. Does this mean that the bluedragon and WEB-INF folders must exist beneath that application's webroot, or is there a way to remove them from the webroot?
Realize that even though WEB-INF is in the webroot it is NON-browsable. Everything in there is safe from prying browser eyes.
As for the administrator, of course that does need to be browsable, but you can lock down that whole directory with file system permissions, or the administrator itself does have IP-based restrictions.
Maybe I'm just used to coldfusion... but it seems to me this could be a possible issue in the future (for me that is).
ColdFusion is no different--it's Java under the hood. It just looks different at the filesystem level because your web files and your engine files are (traditionally) separated from one another, and particularly where CF Standard is concerned, a lot of that stuff is just preconfigured for you.
Rest assured that this is totally standard stuff in the Java world and has been for years, so if there were glaring issues or problems they would have come up by now. ;-)
If there's something specific you're trying to accomplish that we can help with, please let us know.
-- Matt Woodward [email protected] http://www.mattwoodward.com/blog Please do not send me proprietary file formats such as Word, PowerPoint, etc. as attachments. http://www.gnu.org/philosophy/no-word-attachments.html
smime.p7s
Description: S/MIME Cryptographic Signature
