CF Sandbox Security Tricks and Tips
I've been working on getting CF Sandbox security working. It's trickier than I first thought so here's how to do it for future reference:
Enable security Manager
Instructions from Steven Erat's blog:
Locate the jvm.config file in jrun_root/bin.
Back up the file.
Open the file in a text editor.
Add the following lines to the java.args section:
NOTE the example from the adobe site has the quotes in the wrong place.
Note you also need to change [cf_webapp_root] to match the location on your machine.
After I enabled Datasource security I began to receive the following error, a bit of digging reminded me that the MySQL connector tries to do some autoconfiguration for coldfusion to optimise it.
Message: Can't find configuration template named 'coldFusion'
It was failing to load the configuration file which is inside the mysql connector jar file /com/mysql/jdbc/configs/coldFusion.properties
I haven't gotten to the bottom of why it couldn't be loaded but adding the following to the datasource query string fixed it up:
I would suggest adding some of the settings from this file as paramaters in your datasource settings as per previous post
Note: This was using the following:
- ColdFusion 7.0.2 Cumulative Hotfix 1 Multiserver install
- MySQL connector/J 5.0.8
Hope it helps.