CF Exceptions, disable CF security & CF oddities
Hi again,
Been a while since my last post so quite a bit to post, will probably split into two.
I was having a very strange problem in CF last week where CF was unable to find any Application.cfc of any of my sites. I did many updateapps, restarted ColdFusion a couple of times, ensured the relative paths were correct and there were no errors in the cfc. After reaching my wits end with it, I asked a co-worker(cheers Sharmo!) for his assistance. We checked the logs and a whole bunch of other things with no avail to figure out what was going wrong. Michael then explained how cfcs are converted into Java bytecode classes in the backend so we figured that there could be something funky going on with the caching in the backend or on of the classes had become corrupt. So we deleted all the classes from /Applications/JRun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cfclasses and did a restart of ColdFusion and voila…all working again.
I’ve been performing a lot of exception checking for ColdFusion of late. There are several different types of ColdFusion error listed below. Some exceptions CAN contain exception specific data thrown along with the error. Every exception contains a message and a type(i.e. database, application etc. ). Each exception can also include two members of the cfcatch struct called rootCause and cause which include data that can explain the reason behind the exception.
Database – Mysql errors
Special variables
* cfcatch.rootcause.datasource : the SQL datasource
* cfcatch.rootcause.sql : the problematic sql code
Application – Errors in the application scope
Special variables
* cfcatch.extendedInfo : exactly what it says on the tin
Template – Occurs when a template which is included can’t be found
Special variables
* cfcatch.missingfileName : The name of the missing template
Security – Occurs with ColdFusion sandbox and other security exceptions
Special variables
* Couldn’t find any in specific but I’m sure there are, had some sandbox setup issues 
MissingInclude – Thrown when a CF resource isn’t found when using cfinclude, cfmodule
Special variables
* cfcatch.misingFilename : The missing include filename
Lock – Exceptions which occur when failed locking operations occur.
Special variables
* cfcatch.lockName : the name of the lock that failed
* cfcatch.lockOperation : the type of lock operation that failed(timeout, mutex or unknown)
Object – Object exceptions, occur when an operation is performed on an object or something invalid is done with an object
Special variables
* Nothing special
Expression – Exceptions thrown by invalid CF expressions
Special variables
* cfcatch.errNumber : The expression error number
Any – Other errors including custom errors, search engine errors and other Java exceptions not caught by CF.
I’m sure there more but this is what I found from testing. You can find Adobe’s (rather poor) explanation of the CF8 exceptions here
I recently had the need to disable ColdFusion passwords for both the Administrator and the Sandbox security sections of the CF backend. The best way to do this is to directly modify the security xml file that ColdFusion reads in. On the Mac I’m working on this security file was located in /Applications/JRun4/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/cfusion/lib/neo-security.xml
Alter the end of this file and there are a few booleans there that be set to disable sandbox security, disable admin security, disable rds security and set the admin user name(I believe thats what the final entry is, I haven’t looked into it)
admin