IN THIS CHAPTER
Options for Securing Your Application 617
Using ColdFusion to Control Access 621
Using Session Variables for Authentication 622
Using Operating System Security 653
Defending against Cross-Site Scripting 654
At this point, you have learned how to create interactive, data-driven pages for your users and have started to see how your applications can really come alive using the various persistent scopes (particularly client and session variables) provided by Macromedia ColdFusion's Web application framework. Now is a good time to learn how to lock down your application pages so they require a user name and password and show only the right information to the right people.