You guys are all just awesome. With your responses and the ones from my CFUG, I'm much more at ease with this issue (or at least I will be after I do my homework on the concepts you guys have given me!)
@Jochem: I really wish I was going to MAX, and maybe if my boss sees all this he'll find it of value and send me ;o) Some day I'll make it out to one of these blasted events and put faces to some of the names I see so often on the lists! Cheers everyone! And I'll keep you posted as to what happens with this client and the "evil" Java Developers (j/k ;o) Chris On 9/24/07, Rick Root <[EMAIL PROTECTED]> wrote: > > On 9/24/07, Ian Skinner <[EMAIL PROTECTED]> wrote: > > > > My assumption is that the thinking is that one can expose only a static > site with no dynamic capability to the whole wide world. Then your > application server is c > > That's not really what a "three tiered security" model is though.... I > thought it referred to having the web server and coldfusion engine on > separate hosts, so that the web server passes requests for coldfusion > processing to the server running coldfusion... which processes the > CFML and hands the result back to the web server. > > I've always thought this was more for load distribution though than > security. > > It's something that my boss has asked about in the past and I've > convinced him we don't need to do it. > > -- > Rick Root > Check out CFMBB, BlogCFM, ImageCFC, ImapCFC, CFFM, and more at > www.opensourcecf.com > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:289353 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4