Skip to main content
collaboranaut
collaboranaut
Participating Frequently
June 16, 2025
Question

ColdFusion 2021 HF 20; pathfilter.json

  • June 16, 2025
  • 2 replies
  • 728 views

We installed HF 20 on our CF 2021 instance (from HF 19) and saw "Security violation: Scheduled task 'XXX' attempted to execute unauthorized path: F:/Tasks_Logs/xxx.log. To allow it, whitelist the path in cf-root/lib/pathfilter.json against key schedulerexecutionpaths." in the scheduler.log (and consequently the task did not run (actually found the task to be deleted). Anway, based on the release notes, we updated pathfilter.json as such:

"schedulerexecutionpaths": "F:/Tasks_Logs/**."

Restarted CF and then broke our SAML/SSO login altogether to the site, so the site was hard down. Backed out change to pathfilter.json and restarted CF, still hared down. Backed out HF 20, back to HF 19 and restarted, all good (sans deleted scheduled tasks).

 

Error when hard down, on our consume page (SAML response) looked like:

  • Diagnostics org/hibernate/HibernateException null <br>The error occurred on line -1.
  • GeneratedContent [empty string]
  • HTTPReferer https://subdomain.onelogin.com/
  • Mailto [empty string]
  • Message org/hibernate/HibernateException
  • QueryString [empty string]

 

coldfusion-out.log shows:

  • Jun 13, 2025 07:48:11 AM Error [ajp-nio-127.0.0.1-8020-exec-8] - org/hibernate/HibernateException null <br>The error occurred on line -1., https://subdomain.onelogin.com/, /[root]/onelogin/consume.cfm
  • Jun 13, 2025 07:48:12 AM Error [ajp-nio-127.0.0.1-8020-exec-8] - org/hibernate/HibernateException The specific sequence of files included or processed is: [webroot]\[root]onelogin\consume.cfm''

    2 replies

    collaboranaut
    collaboranautAuthor
    Participating Frequently
    June 24, 2025

    I think and will look more, but Microsoft June updates, KB5060531, are somehow at play. We have a dev box that has HF 20 fine, sans scheduled tasks working, but our Sys Admin installed the aforementioned Windows update and broke the consume.cfm (login page) above. Now when we did this in production on June 13, the Windows updates were pending and got installed then. Of course I could just be  candidate for a Jump to Conclusion mat.

     

    https://support.microsoft.com/en-us/topic/june-10-2025-kb5060531-os-build-17763-7434-32fce7e7-305d-4d32-913f-3fdc0709a763

    BKBK
    BKBK
    Community Expert
    June 24, 2025

    Thanks for sharing the information about Microsoft June updates, KB5060531. That aside, I am glad to inform you of the following:

    1.  I installed ColdFusion 2021 and applied Update 20.
    2.  I then created a scheduled task in the ColdFusion Administrator, according to the 6 steps that I gave in my earlier post.

     

    The scheduled task worked as expected, and there were no errors.

    BKBK
    BKBK
    Community Expert
    June 17, 2025

    You followed the right steps. About the cause of the problem, my bet is on one of two things: either (1) ColdFusion hates the fact that your file path ends with a dot or (2) you forgot to restart ColdFusion afterwards.

     

    So, to recap, the steps I suggest are:

     

    1.  (Re)install Update 20.
    2.  Make sure the directory F:/Tasks_Logs exists and that ColdFusion has access to it.
    3.  In the file /lib/pathfilter.json, enter the setting
      "schedulerexecutionpaths": "F:/Tasks_Logs/**"​

      or

      "schedulerexecutionpaths": "F:/Tasks_Logs/xxxx.log"
    4.  Restart ColdFusion
    5.  Under the setting Publish > File in the scheduled tasks page in the Administrator, enter the full path of the file.
    6.  Press the button Submit Changes.  



    collaboranaut
    collaboranautAuthor
    Participating Frequently
    June 18, 2025

    Thanks BKBK! The dot is a typo, shoudl have been a semicolon (because that was in the technote). I did want to note, even thogu we saw those erros in the log, we do nto actually have Publish selected on the the tasks in question (or any for that matter).

     

    BKBK
    BKBK
    Community Expert
    June 19, 2025

    Thanks for the new information. 

    Install Update 20 and follow the steps I suggested. I hope there won't be any errors.

    Upgrading to Update 20 is the main goal.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices