CFMX Administrator "for Dummies" Jo Ann Goertner
Transcription
CFMX Administrator "for Dummies" Jo Ann Goertner
CFMX Administrator "for Dummies" Jo Ann Goertner [email protected] TeraTech, Inc. Speaker Information Absorbing programmer-think 'by osmosis' since childhood Began software experience as a user – on the job since 1981 Career change to software development 1998 Formal training: “Fast Track” Software Development Certificate (Enterprise Focus) in procedural and object-oriented languages Learned to "break software" on the job (Quality Assurance) Programmer since 2000 – ColdFusion, Java, SQLServer Enterprise-scale CF applications (Application Service Provider model) ColdFusion Developer with TeraTech since May 2006 Why “for Dummies”? None of us are really “dummies”! Many times as coders, someone else is administering the server. We just don’t get much experience in this area. This presentation assumes you have a basic understanding of CF development (but maybe not much interest in servers). So why do I need to know this? If you want to be able to write code locally or try new things, at home or on your laptop, you become the administrator of your own local CF server. When troubleshooting code, it is helpful to understand the environment your code is running in: What parts are “just how ColdFusion works”? What parts are dependent on settings that can be changed? Why does my code sometimes work on one server, but fail when deployed in a different environment? What this presentation will cover What is the Administrator? Where is it and how do I get into it? ColdFusion data sources Debugging settings & why they are important Path settings in the Administrator (mappings and custom tag paths) CF variable settings Logging settings & CF log files Remote Development Services (RDS) Other settings and services to be aware of Suggested resources for learning more 1. What is the Administrator? (and why do I need to know?) The ColdFusion MX Administrator is a browser-based interface that runs on the same machine with the ColdFusion application server. It is used to configure your ColdFusion server, thereby managing your ColdFusion environment. Many settings related to security and functionality. Available options differ depending on: Edition of ColdFusion MX 7: Standard or Enterprise Server installation: server, multiserver, or J2EE You need to know the territory your code is running in, and the invisible rules it is following. Would you drive down the highway without knowing which side of the road they drive on here? 2. Where is the Administrator? You browse to the CFMX Administrator using your web browser. The default location is: http://servername[:portnumber]/CFIDE/administrator/index.cfm On your local computer, common names for the webserver are localhost or 127.0.0.1 (use as servername above). If using the CF built-in webserver, include the port number. Default port number is 8500. Local example using CF built-in webserver: http://127.0.0.1:8500/CFIDE/administrator/index.cfm 2. Where is the Administrator? (continued …) For a remote server, use the DNS name or IP address. http://www.mysite.com/CFIDE/administrator/index.cfm Default port numbers may vary: Default for multiserver configuration is 8300. (Be sure to use the site (DNS or IP) pointing to the specific instance of CF Server you want to administer.) Upgrades from a previous version to MX7 will assign an unused port (typically 8501). If you move the Administrator outside the web root, you need to create webserver mappings … actually two of them: /cfide/ and /CFIDE/ … case matters, both ways! 3. How do I find my way around? Left menu (expandable tree) Topics listed under broad categories (Server Settings, Data & Services, etc.) Tree may differ based on edition and configuration. Top links and menu choices System Information Help Other resources and documentation. 4. Password protection Must use the password specified when ColdFusion MX was installed. Just one password! Limit to trusted users. No roles-based access. In the Administrator, under Security > CF Admin Password, you can change the password or turn password protection off and on. 4. Password protection (continued) “How do I retrieve a lost or forgotten password?” “You cannot access the password, but you can turn off password usage so as to be able to reset it. To do this locate the neo-security.xml file (it will be in the lib directory beneath the ColdFusion root). “Look for a section that reads: <var name='admin.security.enabled'><boolean value='true'/></var>, change the 'true' to 'false', save the file, and then restart ColdFusion. You will then be able to log into the ColdFusion Administrator without a password so as to set a new password and then turn on password use again.” – Ben Forta’s www.cffaq.com Caution! Always back up any XML configuration file before handediting. 5. Data Services > Data Sources “Data Sources” topic under “Data Services” category (left navigation tree). A CF data source is a complete database configuration that uses a JDBC driver to communicate with a specific database. Must configure a data source in CFMX Administrator for each database before it can be accessed with your CF code. After configuring the data source, CF can communicate with the database by referencing the data source name. Not to be confused with the Windows data source (ODBC) configuration tool (under Start > Control Panel > Administrative Tools) If you need to use an ODBC data source, the Administrator provides a driver type of “ODBC Socket” for this purpose. Preferred way is to connect directly with the correct JDBC driver for your database, when possible. 5. Data Sources, continued To add a new data source: Assign a unique name to the data source. (The name you will later use for the <cfquery> datasource attribute in your code.) Select the appropriate driver type for the database and click “Add”. A form will appear with fields specific to the selected driver and database type. Complete required fields and submit. Should show a status of OK if it is able to successfully connect. Can also edit, verify or delete any of the listed data sources. 5. Data Sources, continued An “interesting” quirk to be aware of: Data sources “should not” be case-sensitive. However, if you enable Sandbox Security (SBS), also called Resource Security in the Standard Edition, they can become case-sensitive. Again, this is because of the underlying Java code. Version 7.0.2, hot fix 1 included a fix for this behavior. Check System Information link at top of Administrator for your version level. If your code works great in development, and suddenly stops working when deployed in a shared hosting environment using Sandbox Security, this is a possible culprit. To find out if Sandbox Security is configured, go to Security > Sandbox Security or Security > Resource Security (depending on your server edition) 6. Debugging & Logging > Debugging Settings & IP Addresses The settings in here are critically important to the performance and security of your server! Enable Robust Exception Information Very useful on a development server Very dangerous on a live server! Exposes server information to would-be attackers Enable Debugging – turns debugging on or off (the output appended to end of every page request). The “Enable Debugging” checkbox overrides all customized debugging configuration in the section below. Custom Debugging Output – detailed configuration options. On a live server, you will normally keep debugging disabled. However, your custom configuration remains. If you need to enable it temporarily to troubleshoot a problem, one click on “Enable Debugging” enables all custom settings. 6. Debugging & Logging (continued) > Debugging Settings Performance considerations! When turned on, debugging consumes significant resources on the server … whether you see any debug output or not! This is an important place to look when troubleshooting performance issues such as slow response times or processes that never return. Long-running processes can run out of memory and fail invisibly, based on the information you told CF to collect through these settings. 6. Debugging & Logging (continued) > Debugging IP Addresses Specify the IP addresses to receive debugging messages The output appended to end of every page request. Enter or delete IP addresses to maintain the list. When no IP addresses are entered, all users receive debugging information. So, at least keep the local address (127.0.0.1) in here. And remember, to show it for one, the server must collect it for all. Go back to “Debugging Settings” and disable it when that is not what you want! 7. Path settings in the Administrator The CFMX Administrator lets you configure paths, where CF will look for code you can call from within the currently executing template. Use Server Settings > Mappings to create ColdFusion mappings. Use Extensions > Custom Tag Paths to specify paths where CF will look for custom tags. 7. Path settings, continued Server Settings > Mappings ColdFusion mappings are directory aliases created in CFMX Administrator, for use by <cfinclude> and <cfmodule> tags <cfinvoke> and <cfobject> tags CreateObject() function Mappings can simplify code reuse and site maintenance by replacing relative paths with an absolute alias, maintained at one location rather than hundreds. If the physical location changes, one edit to the mapping applies to all code that uses it. 7. Path settings, continued Server Settings > Mappings (continued) Mappings in tag attributes begin with ‘/’ and can be called the same way regardless of where in your directory structure they are located. Why would you want to write this: <cfinclude template=‘header.cfm> <cfinclude template=‘display/header.cfm> <cfinclude template=‘../display/header.cfm> <cfinclude template=‘../../display/header.cfm> etc … When you can do this from ANY location, instead? <cfinclude template=‘/display/header.cfm> 7. Path settings, continued Server Settings > Mappings (continued) To create a ColdFusion mapping: Enter the name for your mapping. The leading ‘/’ is not required. The Administrator will add it for you. Browse to select the physical location your mapping will point to. Note: ColdFusion mappings are independent of web server mappings, aka “virtual directories”. If you would like to create a virtual directory to access a given directory through a URL, consult your web server documentation. 7. Path settings, continued Extensions > Custom Tag Paths Custom tag paths tell CF where to look for custom tags. Custom tag paths affect tags called by simple syntax (<cf_mytagname>) or by using the <cfmodule> tag. Simple syntax: CF always looks for custom tags in the current directory first. If not found, it searches a special directory created by CF upon installation (normally c:\cfusionmx7\customtags\ on a Windows machine). This default Custom Tag Path can be seen in the CFMX Administrator. Any subdirectories of this path are also searched (recursively, in alphabetical order). Additional custom tag directories may be added using the Administrator, causing CF to look there as well. CF will execute the first custom tag it finds that matches the name you called. 8. CF variable settings Server Settings > Memory Variables ColdFusion Application variables and Session variables must be enabled in the CF Administrator before they can be used in your code. Application variables expire when you restart the ColdFusion server. Session variables expire when the user's session ends. Both types of variables also expire after a time-out period that you specify on this page or in the <cfapplication> tag. Use this page to: Enable or disable Application variables or Session variables Specify maximum and default timeouts for these variable types. You can also specify the type of Session management (a server-wide setting). 8. CF variable settings (continued) Server Settings > Memory Variables (troubleshooting) The “CFAPPLICATION tag” part of this message can be rather misleading. You could get this same error message for 2 different reasons: Application variables enabled in the Administrator, but code is trying to read or write to Application scope before executing a <cfapplication> tag. Application variables disabled in the Administrator. Your <cfapplication> tag will not enable Application scope until you first enable Application variables in the Administrator. 8. CF variable settings (continued) Server Settings > Memory Variables (troubleshooting) The following message about Session scope is more accurate: Once Session variables are enabled using the Administrator, you may get the error “Before session variables can be used, the session state management system must be enabled using the CFAPPLICATION tag.” This will happen if session variables are enabled on the server but you did not enable them in your <cfapplication> tag prior to referencing them in code. 8. CF variable settings (continued) Server Settings > Memory Variables Once Application and Session variables are enabled in the Administrator, you can turn them on and off and set their timeouts in the normal way: <CFAPPLICATION NAME="MyApp" SESSIONMANAGEMENT="Yes" SESSIONTIMEOUT="#CreateTimeSpan(0, 0, 20, 0)#" APPLICATIONTIMEOUT="#CreateTimeSpan(2, 0, 0, 0)#"> 8. CF variable settings (continued) Server Settings > Client Variables Client variables are used to store user information and preferences (specific to a single user) between sessions. Client variables must be enabled in <cfapplication> tag before they can be used. When you use Client variables in your code, there are several places CF can store them. Registry Cookie A CF Data Source This page of the Administrator lets you tell ColdFusion how to store them: Available storage mechanisms Which is the default. Unless you specify a different ClientStorage attribute in your <cfapplication> tag, this setting applies. 8. CF variable settings (continued) Server Settings > Client Variables THE DEFAULT STORAGE METHOD SHOULD BE CHANGED! Registry use should be avoided, as it can de-stabilize your system through unnecessary use of the registry. Best practice is to create a data source for ColdFusion’s use and make it your default Client storage location. CF must be allowed to create tables in this database (temporarily at least). ColdFusion will create 2 tables in the database, named CDATA and CGLOBAL, to be used for client variable storage. 8. CF variable settings (continued) Server Settings > Client Variables To add a ColdFusion data source to the list of available client storage mechanisms: Select the data source from the drop-down list and click “Add” To set a data source as the default storage mechanism: Select the radio button and click “Apply” You can also set a Purge Interval to control how often ColdFusion executes a purge operation on your client stores. Default is 1 hour 7 minutes. 8. CF variable settings (continued) Server Settings > Client Variables You can turn Client variables on or off in your applications using the <cfapplication> tag: <CFAPPLICATION NAME="MyApp" CLIENTMANAGEMENT="Yes" CLIENTSTORAGE=“datasource_name"> ClientStorage attribute must refer to something in the list of available Client Storage mechanisms CF must be able to access it. Otherwise, an error will be thrown. 9. Debugging & Logging > Logging Settings & Log Files Debugging & Logging > Logging Settings Here, you can set the Logging directory to which CF error log files should be written. Default is C:\CFusionMX7\logs (Windows, single-server) To change the logging directory, type in or click Browse Server to select from the directory tree. Drive must have sufficient disk space Must have security privileges for the ColdFusion system service. Stop and restart the ColdFusion Service for the change to take effect. Other logging settings available: Maximum file size Maximum number of archives Log slow pages taking longer than ____ seconds Log all CORBA calls Enable logging for scheduled tasks 9. Debugging & Logging (continued) > Logging Settings & Log Files Debugging & Logging > Log Files Use this page to manage CF log files: search, view, download, archive, delete Some log views on this page are more useful than others. Can select and view multiple logs at once interleaved according to time stamp Log files can also be opened directly through your file system with any text editor/viewer. 9. Debugging & Logging (continued) > Logging Settings & Log Files Debugging & Logging > Log Files Suggested viewers for very large log files (I haven’t tried these yet!): Far Manager (File and ARchive Manager) http://farmanager.com/ Console.app in OS X (built-in under /Applications/Utilities) Or another application wrapped around the Unix “Tail” utility. (Google search: Tail Windows GUI) Eclipse plug-in CF LogViewer 1.0? For very large log files, look for a viewer that is: Not also an editor (without the overhead of tracking changes) Live – stays open and refreshes to watch new info being logged Stays at the end of the log file (Tail) Doesn’t interfere with the process of writing logs 10. Security > RDS Password Remote Development Services (RDS) cannot be enabled and disabled on this page. Contrary to what some of the CF documentation states. All you can do here is change the password, or specify whether RDS requires a password. If you uncheck the box, RDS will simply allow all connections without a password. RDS allows developers (or hackers) to remotely access all the drives and all the data sources on the server where it resides. Disable RDS in a production environment! For an explanation on how to do this (disable the RDS servlet by editing the web.xml file) refer to: http://www.adobe.com/devnet/coldfusion/articles/cf7_security_04.html Learning more … Server Settings > (multiple sub-sections) Spend some time browsing through the remaining pages of the Administrator. Brief, helpful explanations included on the pages. HELP link in upper right corner gives default values, and in some cases additional information. Server Settings > Settings Summary: A compact view of existing settings Provides quick links back to where these settings can be modified. Learning more (continued) … System Information (link at top of page) Shows your current CF server version, edition, update level Apply license (serial number) here Apply update files to your installed CF server Security Read up on RDS and Sandbox security (aka Resource security) That is a whole presentation in itself! Mail settings Specify a default Mail Server (for your <cfmail> tags) and other mail-related settings on the Server Settings > Mail page. Learning more (continued) … CF scheduled tasks Schedule a CF template to run once or periodically at specified time(s) or intervals, using the Debugging & Logging > Scheduled Tasks page. What is the Code Analyzer? The Code Compatibility Analyzer (Debugging & Logging > Code Analyzer) helps migrate your applications to ColdFusion MX from earlier versions of ColdFusion. It reviews the CFML pages that you specify, and informs you of any potential compatibility issues. It detects unsupported and deprecated CFML features, and outlines the required implementation changes that ensure a smooth migration. Linked documentation Spend a few minutes getting familiar with the links across the top of the page (Getting Started, Documentation, TechNotes, Release Notes, Resources). Resources ColdFusion MX 7 documentation: many ways to get it! Follow the “Documentation” link at top of the CFMX Administrator Local HTML version on any machine with CF installed: C:\CFusionMX7\wwwroot\cfdocs\dochome.htm LiveDocs: http://livedocs.macromedia.com/coldfusion/7/ Download the full CFMX7 pdf documentation set (15.2 MB .zip file) and search the index: http://www.adobe.com/support/documentation/en/coldfusion/index.html http://cfdocs.org/ Can search on any tag name and for different CF server versions Searches LiveDocs first If nothing found, it goes to Google Ben Forta’s http://www.cffaq.com Macromedia ColdFusion MX7 Certified Developer Study Guide by Ben Forta http://www.houseoffusion.com/groups/ Questions? Comments? Thank you for your listening! Jo Ann Goertner ColdFusion Developer TeraTech, Inc. [email protected]