Skip to main content
A
Anonymous
March 4, 2010
Question

Authentication

  • March 4, 2010
  • 2 replies
  • 647 views

We have a rather large complex ColdFusion application that prompts the user for authentication using the server account name and password, the standard authentication method.  Recently the government has strengthened their security and now users, our customers, from within military bases recieved the following error:

Access Denied (content_filter_denied) 
Your request was denied because of its content categorization: "none"

We have not control over this and the government has declined correcting their system.  As a normal ColdFusion web site the basic identity is “anonymous” and I see that as potentially allowing too little security.  Is there an alternate means of authentication, possibly using .NET as a front-end?  We currently have a .NET application working so we know that is possible.  Without a solution to this we may have to rewrite thousands of lines of complex code from ColdFusion.

    This topic has been closed for replies.

    2 replies

    T
    TLC-IT
    Inspiring
    March 11, 2010

    Well, you do need to find out more about what the client and the server are actually doing, and whether the information is actually getting through.  The message "content_filter_denied" strongly implies that someone on the "inside" has gotten tired of their "secure" computers winding up as spam-bot slaves.   (And government types have a wonderful way of putting on the stone-face, especially if they think it will make their lives easier.)  So, don't expect 'em to tell you squat.

    Fortunately... a quick Google on this reveals that, whatever they're doing "in there," it's just an ordinary tool.  Content-categorization is a fairly common technique and because the offensive designation is "none," it probably means that they expect to be able to categorize everything that they want to admit into their lair, such that anything which they cannot "categorize" should be left out.

    Don't jump to the conclusion that you "might have to rewrite thousands of lines of complex ColdFusion."  You simply need to diagnose the problem, and if you can prize anything from the military types, e.g. a snippet from their log-files when your traffic tries to pass through, you should be in business.  This clearly isn't an "application" problem.

    Owainnorth
    Owainnorth
    Inspiring
    March 4, 2010

    If you want to avoid going near the CF code there are security methods in IIS you can use to secure the site as a whole.

    Sadly that's about as much as I know about them, but seeing as IIS wraps up all your CF i/o that'd be a fairly good place to start looking.

    O.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices