Secure your Cold Fusion application from unauthorized users using tips and code from this article. Learn about the <CFIF> tag and other ways to secure your site. In the login page, the user is required to enter a login and password. This page sends a SQL Query to a database to see if the user is an authorized user. If the user is authenticated, the variable is set, and access is granted.
How to Create a Simple Cold Fusion Login (Page 1 of 2 )
This article covers creating a Cold Fusion Application secured from unauthorized users. Adding a <CFIF> tag to check to see if a variable is defined does it. If the variable is not defined, then the user would be redirected to a login page.
In the login page, the user is required to enter a login and password. This page sends a SQL Query to a database to see if the user is an authorized user. If the user is authenticated, the variable is set, and access is granted.
If the user is not authorized, a message is displayed and a link to the registration page is offered.
Application.cfm
The most common place to put the login checking is in the application.cfm page. This file defines the application-level settings and functions, such as the following:
Application name
Client, application, and session-variable management options
ColdFusion 
Welcome to Coldfusion MX 6.1
