ColdFusion 9 New Features
Illustration by Don Barnett

Reviewing the new onCFCRequest method


From:

ColdFusion 9 New Features

with Daniel Short

Start your free trial now, and begin learning software, business and creative skills—anytime, anywhere—with video instruction from recognized industry experts.

Start Your Free Trial Now

Video: Reviewing the new onCFCRequest method

In ColdFusion 8 you had to jump through a couple of hoops to remove the onRequest method from the Applications .cfc in order to allow AJAX and SOAP requests to work correctly with remote access CFCs. In ColdFusion 9 Adobe has added an onCFCrequest method that will run on any remote CFC method call, allowing you to find or control over who and how your CFCs are accessed. So first let's take a look at the workaround we've all been using to actually get past some of the issues with onRequest method breaking remote CFC calls.
Expand all | Collapse all
  1. 4m 30s
    1. Welcome
      53s
    2. Using the exercise files
      3m 37s
  2. 7m 49s
    1. Adding managing and comparing servers
      5m 26s
    2. Monitoring server health
      2m 23s
  3. 22m 10s
    1. Setting the default data source and SMTP
      5m 6s
    2. Getting programmatic debugging and exception handling
      5m 54s
    3. Reviewing the new onCFCRequest method
      5m 29s
    4. Using ApplicationStop()
      2m 24s
    5. Working with Server.cfc and onServerStart
      3m 17s
  4. 17m 45s
    1. Using ternary and chained operations
      5m 46s
    2. Using New and Import
      4m 2s
    3. Reviewing CFScript enhancements
      7m 57s
  5. 20m 23s
    1. Building with implicit getters and setters
      4m 26s
    2. Working with LOCAL scope in functions
      4m 35s
    3. Serializing objects
      6m 6s
    4. Writing components in CFScript
      5m 16s
  6. 19m 27s
    1. Getting started with ORM
      5m 51s
    2. Logging ORM activity
      2m 13s
    3. Saving objects to the database
      6m 10s
    4. Defining table relationships
      5m 13s
  7. 16m 59s
    1. Caching page fragments
      5m 29s
    2. Managing the cache
      4m 48s
    3. Working with in-memory files using VFS (RAM disks)
      6m 42s
  8. 12m 39s
    1. Working with Excel spreadsheets
      4m 56s
    2. Working with Word documents
      4m 4s
    3. Working with PowerPoint presentations
      3m 39s
  9. 28m 59s
    1. Loading Google maps with markers onto a page
      4m 53s
    2. Adding a Flash movie with the built-in FLV player
      2m 14s
    3. Using multi-file upload control
      6m 7s
    4. Building a progress indicator
      3m 37s
    5. Working with accordion layouts
      3m 19s
    6. Showing information with data grid enhancements
      5m 1s
    7. Informing users with Confirm Alert and Prompt dialog boxes
      3m 48s
  10. 9m 8s
    1. Accessing IMAP accounts
      6m 31s
    2. Working with the new array functions
      2m 37s
  11. 15s
    1. Goodbye
      15s

please wait ...
Watch the Online Video Course ColdFusion 9 New Features
2h 40m Intermediate Oct 05, 2009

Viewers: in countries Watching now:

In ColdFusion 9 New Features, author and developer Dan Short has gathered together the important updates and improvements in this dynamic web application. Dan showcases the new ColdFusion Builder application throughout the course, using it to work through the new language and CFScript enhancements in this release. He shows how to use the new Server Manager to compare servers and create server groups, as well as monitor server health through notifications. He also explains the new integration with Office applications, building Excel, Word, and even PowerPoint files on the fly from ColdFusion. Finally, he covers the important new Object Relational Mapping feature and how to use the built-in Flash Player. Exercise files accompany this course.

Topics include:
  • Using new implicit Getters and Setters in ColdFusion Builder
  • Utilizing RAM disks using VFS
  • Managing the system cache to boost site/application performance
  • Learning the new ternary and chained operations
  • Loading detailed Google maps with markers and notations onto a web page
Subjects:
Developer Web
Software:
ColdFusion
Author:
Daniel Short

Reviewing the new onCFCRequest method

In ColdFusion 8 you had to jump through a couple of hoops to remove the onRequest method from the Applications .cfc in order to allow AJAX and SOAP requests to work correctly with remote access CFCs. In ColdFusion 9 Adobe has added an onCFCrequest method that will run on any remote CFC method call, allowing you to find or control over who and how your CFCs are accessed. So first let's take a look at the workaround we've all been using to actually get past some of the issues with onRequest method breaking remote CFC calls.

If you open up Application.cfc and in our onRequestStart method, we check and see if a CFC has been requested or if this is a SOAP request, and then simply delete the onRequest method from the Application.cfc. Now this works, but it's a hack and nobody likes to use a hack in order to get critical applications working correctly. So in ColdFusion 9 we can add an onCFCrequest function to our file. So let's go ahead and do that now. We'll do cffunction name = onCFCrequest.

Now any time onCFCrequest is called it's going to pass three arguments. The first one is the name of the component that's actually being called. So this will pass in a string. The second one is going to be the method name that the user wants to invoke, and that will also be a string. The last will be the arguments that are supposed to be passed for this particular method. So we'll call that methodArguments and that's going to be a struct.

So let's go ahead and see how this works. I am just going to dump out the arguments, and in our CFC's directory, I have a remoteArtistService. Now this file has two methods in it. The first is getArtists, which has an access of remote, and it simply runs a query where we can filter by the artist id and it returns that query. I also have one called getArtPieces, which is a public method, but not remote. So we shouldn't be able to call it through our remote web service.

So let's go ahead and try and call our getArtists method. So let's go ahead and switch over to the browser and we'll invoke our remote method. We will do local host:8500/Chapter2/cfcs/ remoteArtistsService.cfc, and we'll call the method getArtists. You'll see nothing has actually been returned from that method. I've never even called this method.

If you looked down at our debugging information, you can see there's no call to that method anywhere in here. There's no query that's been run or anything. The entire request has been intercepted by onCFCrequest. So now we need to do a little extra work to actually get this method invoked. So back to CF Builder. We'll go back Application.cfc and we'll invoke the CFC that's been called. So we will use the cfinvoke tag. We'll call the proper component, we'll call the method, and then we'll pass it at all of the arguments.

Now the last thing we need to do is set a return variable. Then we will dump out that return variable. So if we go about to our browser and reload, you'll see it runs my query and dumps out all the values. Now let's take a look at what happens when I pass additional query string arguments. If I do id equals 2 for example, we can see in the Arguments dump it separates out all my URL variables into nicely formatted structures and here it's passed in the proper id to filter out my query. So what are the uses can you make of this this? The onCFCrequest, because you can intercept every single request, you could add security around particular components.

For example, restricting access to specific component by IP address or whether a user is logged in or not. You could also standardize how you return all of your results by potentially wrapping every single return in let's say a serialized JSON function. Now if I go back here and reload, I get a nice JSON formatted return string. Just to make sure the security hasn't been compromised by having our new onCFCrequest. Let's try running the getArtPiece method.

Now we have a problem. Because our onCFCrequest is running these method calls directly from inside the application, it has access to all the public methods available. Only our remote method should be exposed. So what you are going to need to do is make sure that you properly lock down these public methods by adding some additional logic inside onCFCrequest to control who can and cannot call remote methods. So using the new onCFCrequest method in Application.cfc should allow you have better control over how your CFCs are accessed.

It's pretty simple to wrap security and common formatting options around your objects and methods, but you're going to have to do some additional work to properly protect those remote methods, if you do want to make use of the onCFCrequest.

There are currently no FAQs about ColdFusion 9 New Features.

 
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Join now Already a member? Log in

* Estimated file size

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed ColdFusion 9 New Features.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Learn more, save more. Upgrade today!

Get our Annual Premium Membership at our best savings yet.

Upgrade to our Annual Premium Membership today and get even more value from your lynda.com subscription:

“In a way, I feel like you are rooting for me. Like you are really invested in my experience, and want me to get as much out of these courses as possible this is the best place to start on your journey to learning new material.”— Nadine H.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.