<cfapplication>

Defines a CFML application and various properties of that application: name, datasource, timeouts, client variable settings, session settings and more.

By default, client variables are disabled, and session and application variables are stored in memory.

These settings can also be set in an Application.cfc as this properties. i.e.

this.name = "myApplication";
this.ormsettings.autogenmap = false;

This tag cannot have a body.

This tag is also supported within <cfscript>

<cfapplication name=string datasource=object defaultdatasource=object datasources=struct logs=struct mails=array caches=struct action=create|update loginstorage=cookie|session clientmanagement=boolean clientstorage=string sessiontype=cfml|j2ee sessionstorage=string clientcluster=boolean sessioncluster=boolean setclientcookies=boolean cgireadonly=boolean bufferoutput=boolean sessionmanagement=boolean sessiontimeout=timespan clienttimeout=timespan applicationtimeout=timespan requesttimeout=timespan setdomaincookies=boolean scriptprotect=string functionpaths=any proxy=struct mappings=struct customtagpaths=any componentpaths=any securejson=boolean wstype=string typechecking=boolean compression=boolean suppressremotecomponentcontent=boolean securejsonprefix=string localmode=string maillistener=any querylistener=any serializationsettings=struct tag=struct ormenabled=boolean ormsettings=struct s3=struct ftp=struct triggerdatamember=boolean invokeimplicitaccessor=boolean cacheobject=string cachefunction=string cachequery=string cachetemplate=string cacheresource=string cacheinclude=string cachehttp=string cachefile=string cachewebservice=string onmissingtemplate=object locale=locale timezone=timezone webcharset=String resourcecharset=String scopecascading=String searchimplicitscopes=boolean authcookie=struct sessioncookie=struct enablenullsupport=boolean nullsupport=boolean psq=boolean variableusage=string cachedafter=timespan blockedextforfileupload=string javasettings=struct xmlfeatures=struct >
Attribute Description Default
name
string, optional

The name of your application. This name can be up to 64 characters long.

Required for application and session variables, optional for client variables.

By using a different name, i.e. based off cgi.http_host, you can run multiple, separate instances of an application using the same directory / code base.

datasource
object, optional

alias for default datasource

defaultdatasource
object, optional

the default datasource for this environment

datasources
struct, optional

A structure that contains datasources definitions.

logs
struct, optional

A structure that contains log definitions.

Alias: log

mails
array, optional

mail servers.

Alias: mail

caches
struct, optional

A structure that contains cache definitions.

Alias: cache

action
string, optional

The action to perform on the CFML application.

  • create: creates a new CFML application context and overwrites any existing application
  • update: updates the existing CFML application context if one exists, otherwise creates a new one

The default value is: create.

create

loginstorage
string, optional

storage for the login data: - cookie: store login information in the Cookie scope - session: store login information in the Session scope

clientmanagement
boolean, optional

Yes or No. Enables client variables. Default is No.

clientstorage
string, optional

Specifies how Lucee stores client variables: - memory: the session is only kept in memory - cookie: the session is stored in the client cookie - file (default): the session is stored in a local file - "datasource-name"|"cache-name": when you select a name of an available datasource or cache, the client scope will be stored in there

sessiontype
string, optional

Lucee provide 2 kind of sessions: - cfml: session handled by Lucee - j2ee: session handled by the Servlet Engine used Default value is defined in the Lucee Web Administrator. "j2ee" can not use a session storage.

sessionstorage
string, optional

Specifies how Lucee stores session variables: - memory (default): the session is only kept in memory - cookie: the session is stored in the client cookie - file: the session is stored in a local file - "datasource-name"|"cache-name": when you select a name of an available datasource or cache, the session scope will be stored in there

clientcluster
boolean, optional

if set to true, lucee uses the storage backend for the client scope as master and Lucee checks for changes in the storage backend with every request, if set to false (default), the storage is only used as slave, lucee only initially gets the data from the storage. Ignored for storage type "memory".

sessioncluster
boolean, optional

if set to true, lucee uses the storage backend for the session scope as master and Lucee checks for changes in the storage backend with every request, if set to false (default), the storage is only used as slave, lucee only initially gets the data from the storage. Ignored for storage type "memory".

setclientcookies
boolean, optional

Yes or No. Yes enables client cookies. Default is Yes. If you set this attribute to "No", Lucee does not automatically send the CFID and CFTOKEN cookies to the client browser; you must manually code CFID and CFTOKEN on the URL for every page that uses Session or Client variables.

cgireadonly
boolean, optional

if set to true, the CGI Scope is readonly.

true

bufferoutput
boolean, optional

if set to true (default) the output written to the body of the tag is buffered and in case of an exception also outputted. if set to false the content to body is ignored and not disabled when a failure in the body of the tag occur.

sessionmanagement
boolean, optional

Yes or No. Yes enables session variables. Default is No.

sessiontimeout
timespan, optional

Enter the CreateTimeSpan function and values in days, hours, minutes, and seconds, separated by commas, to specify the lifespan of session variables. The default value is specified in the Variables page of the Lucee Administrator.

clienttimeout
timespan, optional

Enter the CreateTimeSpan function and values in days, hours, minutes, and seconds, separated by commas, to specify the lifespan of client variables. The default value is specified in the Variables page of the Lucee Administrator.

applicationtimeout
timespan, optional

Enter the CreateTimeSpan function and values in days, hours, minutes, and seconds, separated by commas, to specify the lifespan of application variables. The default value is specified in the Variables page of the Lucee Administrator.

requesttimeout
timespan, optional

Sets the amount of time Lucee will wait for a request to finish before a request timeout will be raised. This means that the execution of the request will be stopped.

Alias: timeout

setdomaincookies
boolean, optional

Yes or No. Sets the CFID and CFTOKEN cookies for a domain, not just a single host. Applications that are running on clusters must set this value to Yes. The default is No.

scriptprotect
string, optional

Specifies whether to protect variables from cross-site scripting attacks

functionpaths
any, optional

Array or String list of paths where you have your functions.

proxy
struct, optional

general proxy that should be used for all connections with the following format:

{server:"localhost", port:12345, username:"susi", password: "sorglos"}

mappings
struct, optional

A structure that contains mappings. Each element in the structure consists of a key and a value.

The logical path is the key and the absolute path is the value.

Define a mapping

customtagpaths
any, optional

Contains custom tag paths.

componentpaths
any, optional

Contains component paths.

securejson
boolean, optional

A Boolean value that specifies whether to add a security prefix in front of the value that a function returns in JSON-format in response to a remote call.

wstype
string, optional

webservice type used, this can be one of the following values

  • Axis1 (default): The Apache Axis 1 implementation is used
  • CXF: The CXF implementation is used
typechecking
boolean, optional

If disabled, Lucee ignores type definitions with function arguments and return values

true

compression
boolean, optional

Enable compression (GZip) for the Lucee Response stream for text-based responses when supported by the client (Web Browser).

suppressremotecomponentcontent
boolean, optional

Suppress content written to response stream when a Component is invoked remotely. Only works if the content was not flushed before.

securejsonprefix
string, optional

The security prefix to put in front of the value that a function returns in JSON-format in response to a remote call if the secureJSON setting is true.

localmode
string, optional

Defines how the local scope of a function is invoked when a variable with no scope definition is used (default value set in the lucee administrator).

  • modern: (alias true) new unscoped variables will be set to the Local Scope
  • classic (CFML standard): (alias false) new unscoped variables will be set to the Variables Scope
maillistener
any, optional
querylistener
any, optional
* hidden *
serializationsettings
struct, optional

Alias: serializationsetting

tag
struct, optional

tags/attributes default value in the following structure:

{location:{addtoken=false}}
ormenabled
boolean, optional

Specifies whether ORM should be enabled for the current application context.The default is false.

ormsettings
struct, optional

A struct that defines all the ORM settings, the following keys are supported:

  • autogenmap(default:true; autogenmap=false is not supported yet): Specifies whether Lucee should automatically generate mapping for the persistent CFCs. If autogenmap=false, mapping should be provided in the form of "{cfc-name}.cfc.hbm.xml" files.
  • automanageSession(default:true; not supported yet): Lets you specify if Lucee must manage Hibernate session automatically. If enabled: Lucee manages the session completely. That is, it decides when to flush the session, when to clear the session, and when to close the session. If disabled: The application is responsible for managing flushing, clearing, or closing of the session. The only exception is (in the case of transaction), when the transaction commits, the application flushes the session. Lucee closes the ORM session at the end of request irrespective of this flag being enabled or disabled.
  • cacheconfig: Specifies the location of the configuration file that should be used by the secondary cache provider.This setting is used only when secondarycacheenabled=true.
  • cacheprovider: Specifies the cache provider that should be used by ORM as secondary cache.
  • catalog: Specifies the default Catalog that should be used by ORM.
  • cfclocation: Specifies the directory (or array of directories) that should be used by Lucee to search for persistent CFCs to generate the mapping. If cfclocation is set, Lucee looks at only the paths specified in it. If it is not set, Lucee looks at the application directory, its sub-directories, and its mapped directories to search for persistent CFCs.
  • datasource: Specifies the data source that should be used by ORM. If it is not specified here, then the data source specified for the application is picked up.
  • dbcreate(default:none): Hibernate can automatically create the tables for your application in the database. dbCreate takes the following values: -- update: Setting this value creates the table if it does not exist or update the table if it exists. -- dropcreate: Setting this value drops the table if it exists and then creates it. -- none: Setting this value does not change anything in the database schema.
  • dialect: Specifies the dialect.Lucee supports the following dialects: [Cache 2007.1, Cache71, Cache 2007.1, DB2, DB2/390, DB2/400, DB2390, DB2400, DB2AS400, DB2OS390, DataDirectOracle9, Derby, Firebird, FrontBase, H2, H2DB, HSQL, HSQLDB, Informix, Ingres, Interbase, JDataStore, MSSQL, Mckoi, MckoiSQL, MicrosoftSQLServer, Mimer, MimerSQL, MySQL, MySQL/InnoDB, MySQL/MyISAM, MySQL5, MySQL5/InnoDB, MySQL5InnoDB, MySQLInnoDB, MySQLMyISAM, MySQLwithInnoDB, MySQLwithMyISAM, Oracle, Oracle10g, Oracle8i, Oracle9, Oracle9i, Pointbase, PostgreSQL, PostgresPlus, Progress, SAPDB, SQLServer, Sybase, Sybase11, SybaseASE15, SybaseAnywhere, com.ddtek.jdbc.db2.DB2Driver, com.microsoft.jdbc.sqlserver.SQLServerDriver, oracle.jdbc.driver.OracleDriver, org.firebirdsql.jdbc.FBDriver, org.gjt.mm.mysql.Driver, org.h2.Driver, org.hsqldb.jdbcDriver, org.postgresql.Driver]
  • eventHandling(default:false): Specifies whether ORM Event callbacks should be given.
  • flushatrequestend(default:true): Specifies whether ormflush should be called automatically at request end. If flushatrequestend is false, ormflush is not called automatically at request end.
  • logSQL(default:false): Specifies whether the SQL queries that are executed by ORM will be logged. If LogSQL=true, the SQL queries are logged to the console.
  • ormconfig: The Hibernate configuration file. This file contains various configuration parameters like, dialect, cache settings, and mapping files that are required for the application. For more details, see http://www.hibernate.org/hib_docs/reference/en/html/session-configuration.html. The settings defined in the ormsettings override the settings defined in the Hibernate Configuration XML file.The connection information in the Hibernate Configuration XML file is however ignored because Lucee uses its own connection pool. You will need to use this only when you need to use a hibernate setting that is not available using ormsetting.
  • savemapping(default:false): Specifies whether the generated Hibernate mapping file has to be saved to disc. If you set the value to true, the Hibernate mapping XML file is saved with the filename "CFC name".hbm.xml in the same directory as the CFC. If any value of savemapping is specified in CFC, it will override the value specified in the ormsetting.
  • schema: Specifies the default Schema that should be used by ORM.
  • secondarycacheenabled(default:false): Specifies whether secondary caching should be enabled
  • skipCFCWithError(default:false;not implemented yet): Lets you specify if Lucee must skip the CFCs that have errors. If set to true, Lucee ignores the CFCs that have errors.
  • sqlscript: Path to the SQL script file that gets executed after ORM is initialized. This applies if dbcreate is set to dropcreate. This must be the absolute file path or the path relative to the application.The SQL script file lets you populate the tables before the application is accessed.
  • useDBForMapping(default:true): Specifies whether the database has to be inspected to identify the missing information required to generate the Hibernate mapping. The database is inspected to get the column data type, primary key and foreign key information.
s3
struct, optional

A struct that defines default S3 settings, this settings can be overwritten as part of the S3 file path, the following keys are supported:

  • accessKeyId: S3 access key id
  • awsSecretKey: AWS (Amazon Web Service) Secret Key
  • defaultLocation(default:us): region for the bucket, possible values are [eu,us,us-west]
  • host(default:"s3.amazonaws.com"): hostname of the service
ftp
struct, optional

A struct that defines default ftp settings, this settings can be overwritten as part of the ftp file path, the following keys are supported:

  • username: username to access the ftp server
  • password: password to access the ftp server
  • port: port of the FTP server
  • host: hostname of the FTP server (lucee.org)
triggerdatamember
boolean, optional

If there is no accessible data member (property, element of the this scope) inside a component, Lucee searches for available matching "getters" or "setters" for the requested property. The following example should clarify this behaviour. "somevar = myComponent.propertyName". If "myComponent" has no accessible data member named "propertyName", Lucee searches for a function member (method) named "getPropertyName".

invokeimplicitaccessor
boolean, optional

alias for triggerDataMember

cacheobject
string, optional

name of the cache used for object caching in this context

cachefunction
string, optional

name of the cache used for function caching in this context

cachequery
string, optional

name of the cache used for query caching in this context

cachetemplate
string, optional

name of the cache used for template caching in this context

cacheresource
string, optional

name of the cache used to store data from ram resource in this context

cacheinclude
string, optional

name of the cache used to store data from an include

cachehttp
string, optional

name of the cache used to store data from a http tag

cachefile
string, optional

name of the cache used to store data from file operations

cachewebservice
string, optional

name of the cache used to store data from webservice calls

onmissingtemplate
object, optional

closure/udf executed when the requested template does not exist

locale
locale, optional

Sets the country/language locale for CFML processing.

The locale value determines the default format of date, time, number, and currency values, according to language and regional conventions.

timezone
timezone, optional

change the timezone definition for the current application context.

webcharset
String, optional

character set used for output streams, form-, url-, and cgi scope variables and reading/writing the header

resourcecharset
String, optional

character set used for reading from/writing to various resources

scopecascading
String, optional

Depending on this setting Lucee scans certain scopes to find a variable called from the CFML source. This will only happen, when the variable is called without a scope. (Example: #myVar# instead of #variables.myVar#), the following values are supported:

  • strict: scans only the variables scope
  • small: scans the scopes variables,url,form
  • standard: scans the scopes variables,cgi,url,form,cookie
searchimplicitscopes
boolean, optional

alias to the attribute "scopecascading", takes a boolean value where true is equal to "standard" and false is equal to "struct" scope cascading mode.

For details see the description for the attribute "scopecascading".

authcookie
struct, optional

cfauthorization cookie behaviour

sessioncookie
struct, optional

A struct which defines session cookie behaviour; the following keys are supported:

  • httpOnly (boolean) Specifies if the session cookies (CFID/CFTOKEN) should have the HTTPOnly cookie flag set. This prevents the cookie value from being read from JavaScript.
  • secure (boolean) Specifies if the session cookies (CFID/CFTOKEN) should have the secure cookie flag set. When true the cookies are only sent over a secure transport (eg HTTPS).
  • domain (string) Specifies the cookie domain used in the session cookies (CFID/CFTOKEN).
  • timeout (string) Specifies the expires value of the session cookies (CFID/CFTOKEN), in days. Set to -1 for browser session cookies.
enablenullsupport
boolean, optional
* hidden *
nullsupport
boolean, optional

enable or disable full null support

psq
boolean, optional

preserve single quote in injected variables into cfquery.

variableusage
string, optional

how to handle variable usage within cfquery,

possible values are

  • ignore
  • warn
  • error
cachedafter
timespan, optional

set the timespan for the attribute "cachedAfter" from tag "query".

blockedextforfileupload
string, optional

A comma separated list of file extensions that will be blocked for File Upload operation

javasettings
struct, optional

A struct that enables loading of application-specific Java libraries from a custom path. The following keys are supported:

  • LoadPaths: An array of paths to jar files, or directories containing jar files. This key is required.
  • loadCFMLClassPath (default:false): Indicates whether underlying Lucee classes should be loaded.
  • reloadOnChange (default:false): Indicates if loaded Java libraries should be watched and reloaded if they change, without needing to restart the server.
  • watchInterval (default:60): The interval, in seconds, for checking the loaded Java libraries for changes. Only applicable if reloadOnChange is true.
  • watchExtensions (default:"class,jar"): A list of the file extensions to monitor for changes.
xmlfeatures
struct, optional

Allows to set XML Features to prevent XXE attacks

  • disallowDoctypeDecl (true / false)
  • externalGeneralEntities (true/false)
  • secure (true/false)

Examples

There are currently no examples for this tag.

See also