Instructions
This filter has been tested on Windows/Apache and Linux/Apache, though it should work on any OS that runs
ColdFusion. The main drawback to using this filter is that it will only secure ColdFusion files. So if you
have a mixture of .cfm and other files (html, images, etc.), anyone who knows the url to the non-cfm files
will be able to access them.
The advantage is that the Coldfusion modules are very easy to set up. So if the site you want to use distauth
for is all-coldfusion, or the non-Coldfusion components don't need to be protected from unauthorized access,
this may be the best way to do it.
Another advantage to using the coldfusion module is that it can do things like build an access list from the
database you're using (assuming it has a table containing their usernames) with cold fusion statements,
rather than relying on a text file of usernames that must be updated.
With the use of the newer Coldfusion filter, you can add AccessFiles to limit the users. If you would like to limit to only current Faculty, Staff and Students (i.e. no prospective students) then the AccessFile setting (inside the filter itself) would need to be changed to:
Unix: <CFPARAM NAME="Attributes.AccessFile" DEFAULT="/afs/ucdavis.edu/common/authinfo/SFSX">
Windows (may need to double up the \ if it doesn't work): <CFPARAM NAME="Attributes.AccessFile" DEFAULT="T:\ucdavis.edu\common\authinfo\SFSX">
Note, the use of above configuration will require the installation of an AFS client as well as submission of the server IP to afs-setup@ucdavis.edu. If you do configure the AccessFile parameter, you should also configure CheckAFS to be Yes. This is the hightest level of security and requires the same installation steps as above.