The official community for ColdFusion.
Recently active
I understand that bytecode execution limitations were introduced with the Hotfixes earlier this year (2025), but I am suddenly running into new problems with this. I have recently been trying to implement CF Enterprise 2021 Hotfix 22 over a successful install of Hotfix 21, and I have got it working on a local instance of Tomcat for Windows. However, when I move the WAR file to Tomcat on Azure, I run into this error opening the Administrator: "ColdFusion, by default, disables the execution of bytecode in .cfm and .cfc files. To enable it, open the JVM.config file, and set -Dcoldfusion.compiler.block.bytecode=false or add path: (here it lists the path to my CF Admin)/CFIDE/adminapi/security.cfc to bytecodeexecutionpaths key of root/lib/pathfilter.json" I don't get this error locally. I've tried adding the path to pathfilter.json, and even to pathfinder.txt when that didn't work, and restarting the service. The error has persisted, and I can't get into the Administrator. Ob
Hello, everyone. About a week ago, our SA and DBA started a migration from CF2021 to CF2023, we are experiencing a couple of odd issues, and the weird thing is - it's limited to just one project. No other projects are experiencing these issues. The issue is in our custom built Workflow application. One issue is with setting an identifier for a user using data pulled from the user's Common Access Card (CAC). We are pulling the DoDID (lastName.firstName.middleName[.cadenceName].EPIDnumber) and I'm getting the 10 digit EPID from this string that is in the CGI scope. <cfset session.userepid = REMATCH("\d{10}",cgi.SSL_CLIENT_S_DN_CN)[1] />The number that is in the DoDID can be either a 10 digit number, or a 16 digit number. So I'm looking for all 10 digit numbers and taking the first position in the array as the desired number. This is the actual EPID. But I'm getting an error that position 1 of the array doesn't exist. I can ou
Hi, all. I will be installing CF2023 side-by-side with CF2021 on an important server soon, and I have some questions related to my particular situation that I have not been able to answer by searching the Web: In the CF2023 Administrator, in Package Manager -> Settings, there are Proxy fields at the bottom. After installing CF2023 on other servers, I find that Proxy Username (admin) and Proxy Password (*******) are already filled on first access of the page, and yet I don't know of anywhere that I specified them during CF2023 installation. Can anyone tell me what this magic password is, and where the Username/Password came from? I'll be using the standard GUI exe installer and specifying the Server Configuration (No J2EE). Should I run the installer as administrator? When installing CF2023 side-by-side on other machines, I was at some point offered the option to import the admin settings from CF2021. Can I expect that option every time I install CF2023 side-by-s
Hi all. I've been asked by a client to upgrade a production server from CF2021 to CF2023. While researching the existing server configuration, specifically what "server profile" is being used for CF2021, I was able to find in the original installation log that "Development Profile" was chosen. I'm hesitant to choose "Production" as the server profile when I do the CF2023 upgrade, as I'm not sure what unexpected effects this may have on the application. Regarding this, does the choice of "Server Profile" during installation only serve to appropriately pre-configure various CF Admin settings? If so, the CF Admin settings made in the years after initial CF2021 installation, which will be copied to the CF2023 installation, should suffice even if I choose "Development" as the server profile during CF2023 installation. If it affects more than Cf admin settings, I'd like to know necessary details about it. Thanks!
How can I host a Static coldfusion website for free?
We have recently migrated our Coldfusion 2021 environment to Coldfusion 2023 on Windows Server 2022 using Oracle JDK 17.0.16. We've noticed that on Coldfusion 2023, whenever we restart the server, there is a chance that each instance will generate a JVM error log & dump file in Coldfusion2023\instance_name\bin. The log (named in the pattern hs_err_pidXXXX.log, where XXXX is a 4 digit number) reports an EXCEPTION_ACCESS_VIOLATION (see the error details at the bottom). Also, a 1gb+ memory dump file named hs_err_pidXXXX.mdmp is generated. We have various ideas for strategies on how to clean up these files, but are concerned that they are an indication of some problem in our CF2023 environment. So far, we have not seen any indication that the environment is unstable, and the files only generate when the server is rebooted - not when manually shutting down CF services. We use the Adobe provided Oracle JDK build, but have reproduced this with Redhat Ope
Hi,The issue I have is that I have a bunch of emails that were undelivered because the password of the email addresse used for CFMail was changed. I was not aware of the problem for a day or so. So, there a bunch of undelivered emails. I am able to update the password and CFMail on webpages are now working. SI would like to resend the undelievered mails. From the Administration portal, Server Settings, Mail section, I can "respool" undelivered mails.When I "respool" an undelivered mail, it will disappear from the listing, but will reappear a few minutes later. I tried manually moving an undelivered mail from the "Undelivr" folder to the "Spool" folder. The .cfmail file will move back to "Undelivr" folder a few minutes later. Opening up one of the .cfmail file, I saw that there is a password on the file. So, I found correct "password" from the .cfmail file in the Spool folder by triggering a webpage that uses CFMail to send em
Current application runs on ColdFusion 2021 using SAML. We have setup up the SP and IDP configuration in CF Admin and it has been working for half a year. Installed ColdFusion 2023 on the same server as ColdFusion 2021. Used the CFSETUP utility to export and import the spconfiguration as a json file since that doesn't come over when you install and upgrade to ColdFusion 2023. Verified in ColdFusion 2023 Admin that the SP information was imported and the site is now running on ColdFusion 2023. I noticed however they keystore in CF2023 is pointing to or looking for it under CF2021 when I try to migrate my application to a new server with just CF2023 installed. Am I wrong to assume that the CFSETUP utility was supposed to create the necessary files from ColdFusion 2021 to ColdFusion 2023 regarding the SAML keystore in addition to adding an entry in ColdFusion 2023? It seems that if remove ColdFusion 2021 on the same server I installed ColdFusion 20
Subject: Planning CF21 to CF23 Migration in 2026 - Security & Support Concerns?Current Setup:ColdFusion 2021, Version 2021,0,02,328618 (Update 2)Planning to migrate to ColdFusion 2023 in 2026Question: I'm aware that ColdFusion 2021 reaches end-of-life on November 10, 2025. I'm currently running CF21 Update 2 (from September 2021) and planning to migrate to CF23 sometime in 2026.My concerns:What are the security risks of running CF21 after November 10, 2025 with no more updates available?Should I at least update to CF21 Update 22 before the EOL date?Is it feasible/safe to wait until 2026 for the CF23 migration, or should I accelerate this timeline?Are there any compliance issues (PCI, HIPAA, etc.) with running an unsupported CF version?Any advice on the best path forward would be appreciated. Should I prioritize updating to the latest CF21 patch first, or should I fast-track the CF23 migration?Thanks in advance for your guidance!
Hi,I came across something odd while working with ColdFusion 2021 . I have an array of structs representing student data and I'm trying to build a nested struct using arrayEach. Here's the code:<cfscript> arrayData = [ { "name": "Aisha Khan", "age": 21, "major": "Computer Science", "gpa": 3.5, "hobbies": ["coding", "chess", "hiking"] }, { "name": "Liam Patel", "age": 28, "major": "Economics", "gpa": 3.5, "hobbies": ["debating", "football", "photography"] }, { "name": "Sofia Zhang", "age": 20, "major": "Psychology", "gpa": 3.5, "hobbies": ["reading", "painting", "yoga"] }, { "name": "Noah Smith", "age": 23, "major": "Mechanical Engineering", "gpa": 3.2, "hobbies": ["robotics", "gaming", "cycling"] }, { "name": "Fatima Yusuf", "age": 21, "major
When I import the JSON into ColdFusion, the datasource password doesn’t work.The log shows this message:Datasource XXX could not be found. Ensure that you have spelled the name correctly and that the data source is registered in the ColdFusion Administrator Data Sources page.When I go to the datasource screen, without changing the password, and click submit, I get this message:An error occurred while trying to encrypt or decrypt your input string: Input length must be multiple of 16 when decrypting with padded cipher.However, if I enter the password and save it, the error disappears.I’m using Docker.Docker Log:2025-04-01 15:31:02 Import of DATASOURCE, MAIL, DEBUG successful.
First off – thanks for all the fantastic help so far. Just one last issue to resolve. Can I clear down the input fields once the user presses Submit to update the database?Otherwise if they press the submit button again, it add more (duplicate) records to the database. (my other option if to manage it in SQL code, ignoring duplicate entries) How it works------------------Page displays a variable list of rows, and a field to allow entry of a new date value on each row (as each row may have a different value, or indeed no changes). Each time a value is entered, we want to create a new “change log” record for that change.example layout : key current value data entry field to allow new value key current value &
Been banging my head against this server for a few days now. We are currently working with ColdFusion 2021 on update 21.While using cfcompile, we received an error concerning jsafe not being found. From what I can find, update 14 phased this encryption out in favor of a more modern standard. The problem I'm finding is I cant get around this error. The jsafejce.jar file is also missign from the coldfusion directory. See below. java.lang.reflect.InvocationTargetExceptionat java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)at java.base/java.lang.reflect.Method.invoke(Method.java:566)at coldfusion.tools.CommandLineInvoker.main(CommandLineInvoker.java:112)Caused by: java.lang.NoClassDefFoundError: com/rsa/jsafe/provider/JsafeJCEat coldfusion.security.Abstr
I am trying to run the ColdFusion 2025 Auto-Lockdown on ColdFusion Update 4. At first it was failing with the following error in the application log: Function getAdminSettings does not support adminpassword as an argument in ...CFIDE\lockdown\lockdown.cfc. I read on the Update 2 page (https://helpx.adobe.com/coldfusion/kb/coldfusion-2025-update-2.html), If you want to apply lockdown on this update, add the -Dcoldfusion.runtime.remotemethod.matchArguments flag. So I did that. Now I am getting a new error: The USERNAME parameter to the getAdminSettings function is required but was not passed in. Are there any other modification or jvm flags I need to add to run the auto-lockdown? Thank you.
Objective------------Creating a new page which allows you to amend dates in a table on the display, which then creates a “change log” in a SQL database table. How it should work--------------------------Page displays a variable list of rows, and a field to allow entry of a new date value on each row (as each row may have a different value, or indeed no changes). Each time a value is entered, we want to create a new “change log” record for that change. example layout : key current value data entry field to allow new value key current value data entry field to allow new value - optional 2nd row
Anyone else using Sendgrid with Coldfusion 2023? We are using the Sendgrid SMTP API, https://www.twilio.com/docs/sendgrid/for-developers/sending-email/integrating-with-the-smtp-api, and the issue is with the password. They have you create an API key for the password, and the key is 70 characters long in the format SG.xxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. When entering this as the password in the Coldfusion administrator mail server settings, and doing a test with cfmail, mail.log shows the error "Can not decode string "SG". The input string is not base64-encoded." All we can think is Coldfusion is treating it as a JWT since it has two dots in the string. When entering anything else, we get the normal authentication error in mail.log. Also tried the cfadmin API to set the mail settings and have the same issue. Can you think of a way we could change the way we enter the password in the mail settings? We could always use the Sendgrid Web API instea
I have a internal coldfusion 2023 application running on Windows 2022 server OS with IIS. We have been using MS SQL authentication to connect to the SQL database but organization recently changed policies to use Windows authentication using Kerberos ONLY. I am able to sucessfully connect to the database using NTLM but my org is not accepting NTLM as it is outdated.I went through the online articles followed the steps but I feel like I am missing something that is required for Kerberos authentication. I am able to successfully connect to the same database from a .NET application running on a Containarized application with Kerberos. Below is what I have done so far but no luck in CF 2023Changed the Coldfusion 2023 service to run as Domain account (DEV\userLAN)Changed the Coldfusion 2023 service to run as ServiceAccount (DEV\ServiceAccountName)used SQL JDBC server with integratedSecurity=true in AdvancedSettings under Data Source in AdministratorAlso tried with JavaKerberos as authen
Recently we updated our Coldfusion 2021 server to update 22 and are now getting several errors with packages, we followed the instructions from this post but still haven't been able to make it work. First the mail package wasn't installed, we tried to install it via cfpm and Cf admin without success, later we discovered that there were missing dependencies which we manually uploaded to the repo folder, cleared felix cache, both manually and programatically, deleted cfclasses folder. And finally we were able to install it but still having the same issue also we found out that even though postgresql is installed we get and error saying that the package is not suitable to make the connection and that we should use cfpm to install it, another error we get is when we use the function Encrypt it gives and error, any advice will help a lot.
I'm adding service bus integration using the azureservicebus package in ColdFusion 2023 update 16. I can send messages to a queue but I haven't been able to schedule a message for later processing. I've followed the documentation here https://helpx.adobe.com/coldfusion/using/integrate-coldfusion-azure-service-bus.htmlI've copied the code sample from "Schedule a message" but I get an error every time: "coldfusion.runtime.java.MethodSelectionException: The scheduleMessageToQueue method was not found." Does this method exist in ColdFusion 2023? Here's my simple example:<cfscript> credentialAlias = "AzureServiceBusCredential"; configAlias = "AzureServiceBusConfiguration"; sb = getCloudService(credentialAlias, configAlias); testQueue = sb.createQueue("testQueue"); sendMessage = { messageBody = "This is a test message", messageProperties = { contentType = "text/plain", subject = "Test Message",
Cannot use the data entry field on the page (this must be so basic, but I cannot get it to work)In the extract below NEWVALUE field is not recognised Process :The user selects a case and is taken to another page that displays a list of entries linked to a case (so the number varies each time).They complete an input field to update one or more the entry values.They then press the submit button and the page refreshes with the new values. extract :<cfquery name="table1"...> SELECT ...</cfquery> <cfoutput><input type="submit"><cfform action="page2.cfm" method="POST" name="FormX"> <table width="200" border="1" cellspacing="0" cellpadding="2"> <cfloop query="table1"> <tr>  
Just upgraded to CF2025 and am seeing this below in the coldfusion-out.log file at random times but almost every minute or more. What is it and what would it be doing. The only thing i could find with "sentiment" in the file name was this..."\\cfusion\jetty\work\jetty-127_0_0_1-8997-solr_war-_solr-any-\webapp\WEB-INF\lib\sentiment-analysis-parser-0.1.jar". I did google the url in the coldfusion-out.log below and found the github repo for it but dumbfounded why it is showing up in our coldfusion instance. Oct 13, 2025 13:51:24 INFO [ajp-nio-127.0.0.1-8024-exec-13] - Sentiment Model is at https://raw.githubusercontent.com/USCDataScience/SentimentAnalysisParser/master/sentiment-models/src/main/resources/edu/usc/irds/sentiment/en-netflix-sentiment.binOct 13, 2025 13:51:24 PM Information [ajp-nio-127.0.0.1-8024-exec-13] - Sentiment Model is at https://raw.githubusercontent.com/USCDataScience/SentimentAnalysisParser/master/sentiment-models/src/main/resources/edu/usc/irds/sen
I have a newsletter that gets the title of a post, the first 200 characters, then if there are more than 200 characters, text that says [... more].The title is a link. I'd like the [... more] text to also be a link, but that is coming from a cfset.Here is the title text ( removed other styling). I only need the a href part, just including the rest for context:<a href="https://www.pathlabtalk.com/forum/index.php?/topic/#tid#-#title_seo#/" style="font-size: 18px; text-decoration: none; color:##417394;">#ThreadTitle#</a>Here is the [... more] text:<!--- Set output to 200 characters, full words only ---> <cfif len(TopicPost.post) gt 200> <cfset trimmedQuote = fullLeft(TopicPost.post, 200)> <cfset trimmedQuote &= " [... more]"> <cfelse> <cfset trimmedQuote = TopicPost.post> </cfif>Is this possible?Thank you
Does anyone know if there is a PMT 2023, and if so, where is the installer - i can only find the installer for pmt 2021
I have followed the instructions and downloaded the CF2025 package. I unzipped it and put it in an accessible folder on my desktop. Each time that I double click on cfinstall.bat, I get the following 2 messages in the install log:2025-10-08 14:43:05 INFO - Welcome to the ColdFusion Setup Wizard2025-10-08 14:43:05 ERROR - Administrator access is required to continue. Exiting... I have a valid Local Account with Administrator privileges. I am the only user of this machine so I have never set up any other accounts. I have read elsewhere that it isn't required to use a Microsoft Account. I had no issue installing previous versions of CF but for some reason I can't install this one. Any ideas?
Hello,I am wondering if anyone could point me in the right direction. I am moving to a new Windows server and upgrading from CF2016 to CF2021, and I can't seem to get my SMS gateway running even though it works fine on the old server. The errors I am getting in my coldfusion-out log when it attempts to start the instance are:"SMSGateway (SMSWatch) Binding to SMSC""SMSGateway (SMSWatch) Bind operation failed: java.lang.NullPointerException"This is the code for the CFC I am using for my instance. I am not sure where it originally came from, but probably from a ColdFusion example:<cfcomponent> <cfset undeliverablePath = "C:\CF21\cfusion\sms\undeliverable" /> <cffunction name="send" output="false" access="private" returntype="boolean"> <cfargument name="username" required="true" type="string"/> <cfargument name="password" required="true" type="string"/> <cfargument name="from" required="true" type="string"/> <cfargument name="to" req
Remix with Firefly Community Gallery
Thousands of free creations to fall in love with and remix in Firefly.
Already have an account? Login
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.