Entering License Keys for ColdFusion 2018

ColdFusion 2018 about screen

In case you decide not to enter a license key upon installing CF 2018, or if you entered one at installation, but want to enter a different one to upgrade between versions, there doesn’t seem to be any documentation on where to do that.

The System Information screen can be accessed by clicking the “i” in a circle in the upper right-hand corner of the admin screen.

ColdFusion 2018 admin screen system information link

In the System Information screen, enter your license key into the New License box and click Submit Changes.

CF 2018 New License area

ColdFusion 11 Requires Accuracy When Naming Stored Procedure Parameters

CF 11 database activity log

In the process of finally banishing Adobe ColdFusion 8 from my application servers and completing the transition to CF 11, I came across what is apparently a little-known change in the operation of the CFPROCPARAM tag inside a CFSTOREDPROC tag.

generic error

After moving the website from CF 8 to CF 11, there were no major changes that had to be made. However, one particular action kept causing a dialog box to pop up:

I was able to trace the source of the dialog box to an error handler of sorts, but in this case, the error was quite nebulous. The error code “HANDLEDATABASEERROR” didn’t really tell me much. It appears that it may have come from Java itself.

After tracing back which function call seemed to be causing the problem, I discovered that the call to the SQL stored procedure was not using the correct parameter names – that is, names that matched the ones in the stored proc itself.

To determine if the database activity was actually the source of the error, I turned on Log Activity in the Data Source in the ColdFusion Administrator: Data Sources –> (specific Data Source Name) –> Show Advanced Settings –> Log Activity checkbox and text box showing where the log file will go. Example:

CF Log Activity info

After reloading the web page and doing the same action, the an error like the one below showed up in the dblogs.txt file:

spy(ajp-bio-8014-exec-6)(2018/09/26 12:42:30.326)>> java.sql.SQLException: [Macromedia][SQLServer JDBC Driver][SQLServer]Procedure or function 'sp_getNameSuggestion' expects parameter '@GoodParamName', which was not supplied. ErrorCode=201 SQLState=HY000
java.sql.SQLException: [Macromedia][SQLServer JDBC Driver][SQLServer]Procedure or function 'sp_storedProcName' expects parameter '@GoodParamName', which was not supplied.
	at macromedia.jdbc.sqlserverbase.ddcw.b(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddcw.a(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddcv.b(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddcv.a(Unknown Source)
	at macromedia.jdbc.sqlserver.tds.ddr.v(Unknown Source)
	at macromedia.jdbc.sqlserver.tds.ddr.a(Unknown Source)
	at macromedia.jdbc.sqlserver.tds.ddq.a(Unknown Source)
	at macromedia.jdbc.sqlserver.tds.ddr.c(Unknown Source)
	at macromedia.jdbc.sqlserver.dda3.m(Unknown Source)
	at macromedia.jdbc.sqlserverbase.dde7.e(Unknown Source)
	at macromedia.jdbc.sqlserverbase.dde7.a(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddd2.a(Unknown Source)
	at macromedia.jdbc.sqlserverbase.dde7.x(Unknown Source)
	at macromedia.jdbc.sqlserverbase.dde7.t(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddd2.execute(Unknown Source)
	at macromedia.jdbc.sqlserverbase.ddd6.execute(Unknown Source)
	at macromedia.jdbcspysqlserver.SpyPreparedStatement.execute(Unknown Source)
	at com.intergral.fusionreactor.jdbc.jdbc42.PreparedStatementSurrogate2.execute(PreparedStatementSurrogate2.java:200)
	at coldfusion.server.j2ee.sql.JRunPreparedStatement.execute(JRunPreparedStatement.java:101)
	at coldfusion.sql.Executive.executeCall(Executive.java:1087)
	at coldfusion.sql.Executive.executeCall(Executive.java:960)
	at coldfusion.sql.Executive.executeCall(Executive.java:910)
	at coldfusion.sql.SqlImpl.executeCall(SqlImpl.java:528)
	at coldfusion.tagext.sql.StoredProcTag.executeQuery(StoredProcTag.java:341)
	at coldfusion.tagext.sql.StoredProcTag.doEndTag(StoredProcTag.java:287)
...

The CFML source code calling this stored procedure was revealing:

<cfstoredproc procedure="dbo.sp_storedProcName" datasource="#getDSN()#">
	<cfprocparam cfsqltype="cf_sql_varchar" type="in" dbvarname="@BadParamName" value="#arguments.GoodParamData#" null="no" />
	<cfprocparam cfsqltype="cf_sql_integer" type="in" dbvarname="@OtherParam" value="#arguments.OtherParamData#" null="no" />
	<cfprocresult name="qResultSet" />
</cfstoredproc>

In some older versions of ColdFusion (at least as recently as version 8, perhaps all the way through 10), if the name of the parameter stored in the dbvarname attribute of the cfprocparam tag wasn’t correct, no error was thrown as long as the data types of the parameters matched in the correct order for both the cfstoredproc tag and the database stored procedure. This dbvarname attribute was essentially ignored in those versions. Version 11 changed all that.

By changing the source code to reflect the correct name, the bug was fixed.

<cfstoredproc procedure="dbo.sp_storedProcName" datasource="#getDSN()#">
	<cfprocparam cfsqltype="cf_sql_varchar" type="in" dbvarname="@GoodParamName" value="#arguments.GoodParamData#" null="no" />
	<cfprocparam cfsqltype="cf_sql_integer" type="in" dbvarname="@OtherParam" value="#arguments.OtherParamData#" null="no" />
	<cfprocresult name="qResultSet" />
</cfstoredproc>

Error when Migrating SOAP Web Services from Adobe ColdFusion 8 to CF 11

ColdFusion logo

After moving a CF 8 app to CF 11, I ran into a difficulty in trying to set up the Web Service in the CF 11 Administrator.

CF Administrator error message

Since I couldn’t get the CF 11 server to accept a new entry in the Web Services list, I had to do a little more troubleshooting using what was already there. I changed the HOSTS file on the CF 11 server such that the name old server running the Web Service successfully on CF 8 would temporarily point at the new CF 11 server. This caused an interesting error!

The code that came back is below – slightly edited for readability and also to make if render in a browser correctly:

<pre class="wp-block-syntaxhighlighter-code">
&lt;!-- AxisFault faultCode: {http://xml.apache.org/axis/}HTTP faultSubcode: faultString: (401)Unauthorized faultActor: faultNode: faultDetail: {}:return code: 401 --&gt;
&lt;!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"&gt; &lt;html xmlns="http://www.w3.org/1999/xhtml"&gt; &lt;head&gt; &lt;title&gt;IIS 8.5 Detailed Error - 401.2 - Unauthorized&lt;/title&gt; &lt;style type="text/css"&gt; &lt;!-- body{margin:0;font-size:.7em;font-family:Verdana,Arial,Helvetica,sans-serif;} code{margin:0;color:#006600;font-size:1.1em;font-weight:bold;} .config_source code{font-size:.8em;color:#000000;} pre{margin:0;font-size:1.4em;word-wrap:break-word;} ul,ol{margin:10px 0 10px 5px;} ul.first,ol.first{margin-top:5px;} fieldset{padding:0 15px 10px 15px;word-break:break-all;} .summary-container fieldset{padding-bottom:5px;margin-top:4px;} legend.no-expand-all{padding:2px 15px 4px 10px;margin:0 0 0 -12px;} legend{color:#333333;;margin:4px 0 8px -12px;_margin-top:0px; font-weight:bold;font-size:1em;} a:link,a:visited{color:#007EFF;font-weight:bold;} a:hover{text-decoration:none;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.4em;margin:10px 0 0 0;color:#CC0000;} h4{font-size:1.2em;margin:10px 0 5px 0; }#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS",Verdana,sans-serif; color:#FFF;background-color:#5C87B2; }#content{margin:0 0 0 2%;position:relative;} .summary-container,.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} .content-container p{margin:0 0 10px 0; }#details-left{width:35%;float:left;margin-right:2%; }#details-right{width:63%;float:left;overflow:hidden; }#server_version{width:96%;_height:1px;min-height:1px;margin:0 0 5px 0;padding:11px 2% 8px 2%;color:#FFFFFF; background-color:#5A7FA5;border-bottom:1px solid #C1CFDD;border-top:1px solid #4A6C8E;font-weight:normal; font-size:1em;color:#FFF;text-align:right; }#server_version p{margin:5px 0;} table{margin:4px 0 4px 0;width:100%;border:none;} td,th{vertical-align:top;padding:3px 0;text-align:left;font-weight:normal;border:none;} th{width:30%;text-align:right;padding-right:2%;font-weight:bold;} thead th{background-color:#ebebeb;width:25%; }#details-right th{width:20%;} table tr.alt td,table tr.alt th{} .highlight-code{color:#CC0000;font-weight:bold;font-style:italic;} .clear{clear:both;} .preferred{padding:0 5px 2px 5px;font-weight:normal;background:#006633;color:#FFF;font-size:.8em;} --&gt; &lt;/style&gt; &lt;/head&gt; &lt;body&gt; &lt;div id="content"&gt; &lt;div class="content-container"&gt; &lt;h3&gt;HTTP Error 401.2 - Unauthorized&lt;/h3&gt; &lt;h4&gt;You are not authorized to view this page due to invalid authentication headers.&lt;/h4&gt; &lt;/div&gt; &lt;div class="content-container"&gt; &lt;fieldset&gt;&lt;h4&gt;Most likely causes:&lt;/h4&gt; &lt;ul&gt; &lt;li&gt;No authentication protocol (including anonymous) is selected in IIS.&lt;/li&gt; &lt;li&gt;Only integrated authentication is enabled, and a client browser was used that does not support integrated authentication.&lt;/li&gt; &lt;li&gt;Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.&lt;/li&gt; &lt;li&gt;The Web server is not configured for anonymous access and a required authorization header was not received.&lt;/li&gt; &lt;li&gt;The "configuration/system.webServer/authorization" configuration section may be explicitly denying the user access.&lt;/li&gt; &lt;/ul&gt; &lt;/fieldset&gt; &lt;/div&gt; &lt;div class="content-container"&gt; &lt;fieldset&gt;&lt;h4&gt;Things you can try:&lt;/h4&gt; &lt;ul&gt; &lt;li&gt;Verify the authentication setting for the resource and then try requesting the resource using that authentication method.&lt;/li&gt; &lt;li&gt;Verify that the client browser supports Integrated authentication.&lt;/li&gt; &lt;li&gt;Verify that the request is not going through a proxy when Integrated authentication is used.&lt;/li&gt; &lt;li&gt;Verify that the user is not explicitly denied access in the "configuration/system.webServer/authorization" configuration section.&lt;/li&gt; &lt;li&gt;Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click &lt;a href="http://go.microsoft.com/fwlink/?LinkID=66439"&gt;here&lt;/a&gt;. &lt;/li&gt; &lt;/ul&gt; &lt;/fieldset&gt; &lt;/div&gt; &lt;div class="content-container"&gt; &lt;fieldset&gt;&lt;h4&gt;Detailed Error Information:&lt;/h4&gt; &lt;div id="details-left"&gt; &lt;table border="0" cellpadding="0" cellspacing="0"&gt; &lt;tr class="alt"&gt;&lt;th&gt;Module&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;IIS Web Core&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;th&gt;Notification&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;AuthenticateRequest&lt;/td&gt;&lt;/tr&gt; &lt;tr class="alt"&gt;&lt;th&gt;Handler&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;ISAPI-dll&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;th&gt;Error Code&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;0x80070005&lt;/td&gt;&lt;/tr&gt; &lt;/table&gt; &lt;/div&gt; &lt;div id="details-right"&gt; &lt;table border="0" cellpadding="0" cellspacing="0"&gt; &lt;tr class="alt"&gt;&lt;th&gt;Requested URL&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;http://mywebsite:80/jakarta/isapi_redirect.dll&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;th&gt;Physical Path&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;D:\ColdFusion11\config\wsconfig\1\isapi_redirect.dll&lt;/td&gt;&lt;/tr&gt; &lt;tr class="alt"&gt;&lt;th&gt;Logon Method&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;Not yet determined&lt;/td&gt;&lt;/tr&gt; &lt;tr&gt;&lt;th&gt;Logon User&lt;/th&gt;&lt;td&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;Not yet determined&lt;/td&gt;&lt;/tr&gt; &lt;/table&gt; &lt;div class="clear"&gt;&lt;/div&gt; &lt;/div&gt; &lt;/fieldset&gt; &lt;/div&gt; &lt;div class="content-container"&gt; &lt;fieldset&gt;&lt;h4&gt;More Information:&lt;/h4&gt; This error occurs when the WWW-Authenticate header sent to the Web server is not supported by the server configuration. Check the authentication method for the resource, and verify which authentication method the client used. The error occurs when the authentication methods are different. To determine which type of authentication the client is using, check the authentication settings for the client. &lt;p&gt;&lt;a href="http://go.microsoft.com/fwlink/?LinkID=62293&amp;amp;amp;IIS70Error=401,2,0x80070005,9600"&gt;View more information &amp;amp;raquo;&lt;/a&gt;&lt;/p&gt; &lt;p&gt;Microsoft Knowledge Base Articles:&lt;/p&gt; &lt;ul&gt;&lt;li&gt;907273&lt;/li&gt;&lt;li&gt;253667&lt;/li&gt;&lt;/ul&gt; &lt;/fieldset&gt; &lt;/div&gt; &lt;/div&gt; &lt;/body&gt; &lt;/html&gt; {http://xml.apache.org/axis/}HttpErrorCode:401
</pre>

When rendered, this code would look like this:

HTTP 401.2 error from IIS

This reminded me of a problem I’d had before!

Sure enough, Anonymous Access was not enabled on the jakarta virtual directory. After enabling that and disabling Windows Authentication on that folder, everything worked properly!