Downloads

Download a Sample Application.cfc Template for ColdFusion

by Aaron Longnion
9 min read
Contents show

Introduction

The downloadable resource is a production-ready, commented Sample Application.cfc template for ColdFusion (CFML) that jump-starts new projects and standardizes application Configuration, Lifecycle events, Error handling, Session management, and environment-specific settings. By dropping this file into your webroot or a sub-application, you gain a reliable application bootstrap that reduces boilerplate, enforces consistent behavior across requests, and improves maintainability for Adobe ColdFusion and Lucee Server deployments.

What You’ll Get

  • A fully commented Application.cfc template (CFScript) that:
    • Defines core this-scope settings (application name, timeouts, mappings, session/cookie behavior)
    • Implements Lifecycle events: onApplicationStart, onSessionStart, onRequestStart, onRequest, onRequestEnd, onError, onMissingTemplate
    • Supports environment-based Configuration (development, staging, production)
    • Demonstrates declarative datasource configuration (single DSN and multi-DSN pattern where supported)
    • Provides structured logging, request context setup, and safe app reinitialization
  • Example folder layout recommendations (/errors, /views, /lib) and includes
  • Quick-start instructions and best-practices guidance for Adobe ColdFusion and Lucee
  • Notes on compatibility and feature differences to help you adapt the template to your stack

Supported environments:

  • Adobe ColdFusion 2018/2021/2023
  • Lucee 5.x/6.x

Overview

The Application.cfc component is the central place to configure a ColdFusion web application. It defines application-wide settings and lifecycle callbacks that ColdFusion executes during startup, each new session, and every request.

H3: Key Lifecycle Methods Covered

  • onApplicationStart: Initializes global resources, configuration, caches
  • onSessionStart: Prepares per-user/session values
  • onRequestStart: Sets request timeouts, toggles Debugging, and controls reinit
  • onRequest: Wraps and renders the requested .cfm page (or a layout)
  • onRequestEnd: Cleans up per-request resources
  • onError: Global exception handler for centralized logging and user-friendly errors
  • onMissingTemplate: Graceful 404 handling for missing .cfm templates

H3: Core Configuration in the this-scope

  • Application identification: this.name, this.applicationTimeout
  • Session control: this.sessionManagement, this.sessionTimeout, this.setClientCookies
  • Datasources: this.datasource and this.datasources (multi-DSN where supported)
  • Mappings: this.mappings for reusable, absolute paths to /lib, /views, etc.

H3: Why This Template Matters

  • Centralizes configuration and Security defaults
  • Provides a sane, consistent request pipeline
  • Speeds up new project bootstrapping
  • Aligns team conventions across Adobe ColdFusion and Lucee
See also  Download Security Header Templates for ColdFusion (CSP HSTS)

Quick Start

Follow these steps to install and use the template:

  1. Prerequisites
  • ColdFusion server (Adobe CF 2018+ or Lucee 5+/6+)
  • A configured datasource in your CF Administrator if using DSNs
  • File-system access to your webroot or sub-application folder
  1. Add the file
  • Place Application.cfc at the root of your app (next to index.cfm)
  • Create optional folders referenced by the template: /errors, /views, /lib
  1. Configure settings
  • Update this.name to a stable, unique name (e.g., “Company.AppName”)
  • Set timeouts appropriate to your app and Infrastructure
  • Set this.datasource or this.datasources to match your configured DSNs
  • Adjust mappings to match your folder structure
  1. Create views and error pages
  • /errors/404.cfm and /errors/500.cfm for missing-template and Error handling
  • Your content pages (e.g., index.cfm) in the webroot or /views
  1. Start the app
  • Hit your app URL; onApplicationStart runs automatically
  • Confirm logs and verify that development/production toggles behave as expected
  1. Optional: CommandBox
  • Start locally with CommandBox (box server start) and test environment toggles

The Sample Application.cfc template (Copy/Paste)

Note: Edit the name, datasources, and mappings to fit your project.

/ Application.cfc (CFScript) /
component output=false hint=”Base ColdFusion application.” {

// Core identity and timeouts
this.name = “Company.SampleApp”; // Make unique per app
this.applicationTimeout = createTimeSpan(2, 0, 0, 0); // 2 days
this.sessionManagement = true;
this.sessionTimeout = createTimeSpan(0, 1, 0, 0); // 1 hour
this.setClientCookies = true; // Consider false if you handle cookies yourself
this.clientManagement = false;

// Datasources
// Default DSN (works on Adobe CF & Lucee)
this.datasource = “PrimaryDSN”;
// Multi-DSN structure (Adobe CF 2018+ and Lucee)
// Adjust or remove if not supported on your server version
this.datasources = {
default = { name = “PrimaryDSN” },
reporting = { name = “ReportingDSN” }
};

// Mappings (update paths as needed)
this.mappings = {
“/lib” = expandPath(“./lib”),
“/views” = expandPath(“./views”)
};

// Basic environment detection (customize as needed)
variables.env = { name = “production” };
try {
// Use a system environment variable or hostname heuristic
if (structKeyExists(server, “system”) and structKeyExists(server.system, “environment”)) {
if (structKeyExists(server.system.environment, “APP_ENV”)) {
variables.env.name = server.system.environment.APP_ENV;
}
}
} catch(any e) { / fallback to production / }

function onApplicationStart(){
application.config = loadConfig( variables.env.name );
application.started = now();
return true;
}

private struct function loadConfig( required string env ){
var cfg = {
logLevel = “INFO”,
reinitSecret = “change-this-secret”,
debug = false
};
switch( lcase(arguments.env) ){
case “local”:
case “development”:
cfg.debug = true;
cfg.logLevel = “DEBUG”;
break;
case “staging”:
cfg.debug = false;
cfg.logLevel = “INFO”;
break;
default:
cfg.debug = false;
cfg.logLevel = “WARN”;
}
return cfg;
}

function onSessionStart(){
session.started = now();
// Initialize user/session context as needed
return true;
}

function onRequestStart( string targetPage ){
// Toggle Debugging and request timeout per environment
setting requesttimeout = 60;
setting showdebugoutput = (application.config.debug);

// Safe reinit: /?reinit=your-secret
if ( structKeyExists(url, "reinit") AND url.reinit EQ application.config.reinitSecret ){
  lock scope="application" type="exclusive" timeout="5" {
    onApplicationStart(); // rebuild config safely
  }
}

// Per-request context
request.context = { startTime = getTickCount() };
return true;

}

function onRequest( string targetPage ){
try{
// Minimal request pipeline: include target page or route through a layout
include arguments.targetPage;
} catch ( any e ){
onError( e, “onRequest:” & arguments.targetPage );
}
}

See also  Download ColdFusion Spreadsheet Export Templates (XLSX)

function onRequestEnd(){
// Example: basic timing log
var elapsed = getTickCount() – request.context.startTime;
if ( elapsed GT 1000 ){
cflog( file=”application”, type=”info”, text=”Slow request: #elapsed# ms” );
}
return true;
}

function onMissingTemplate( required string targetPage ){
cfheader( statuscode=404, statustext=”Not Found” );
if ( fileExists( expandPath(“./errors/404.cfm”) ) ){
include “./errors/404.cfm”;
} else {
writeOutput( “404 Not Found: ” & targetPage );
}
return true;
}

function onError( required any exception, required string eventName ){
// Log the error
var msg = “Error in #eventName#: #exception.message# | Detail: #exception.detail#”;
cflog( file=”application”, type=”error”, text=msg );

// Render friendly error
cfheader( statuscode=500, statustext="Server Error" );
request.exception = exception;
if ( fileExists( expandPath("./errors/500.cfm") ) ){
  include "./errors/500.cfm";
} else {
  writeOutput( "An error occurred. Please try again later." );
}
return true;

}
}

How to Use the Template

H3: Configure Application Identity

  • Set a stable, unique this.name. Avoid dynamically generating names during Deployment to prevent session loss across restarts.
  • Adjust applicationTimeout and sessionTimeout to your SLA and Infrastructure.

H3: Datasource Configuration

  • If you only need one DSN, keep this.datasource set to your primary DSN name.
  • If your engine supports it (Adobe CF 2018+ or Lucee), define this.datasources with multiple named DSNs.
  • Keep DSN credentials in the CF Administrator or environment-level secrets rather than hard-coding.

H3: Environment-Specific Behavior

  • Use APP_ENV or your preferred mechanism (server name, config file, or system variable) to determine env values such as development, staging, production.
  • Toggle showdebugoutput, logging verbosity, caching, and other Features via application.config.

H3: Error Pages and Logging

  • Provide friendly /errors/404.cfm and /errors/500.cfm pages.
  • Use cflog to record error, warn, and info events; integrate with external log aggregators where possible.

H3: Optional Reinitialization

  • Keep reinit protected by a secret or role check.
  • For extra safety, limit reinit to non-production or IP-restricted origins.

Best practices

  • Use a predictable this.name and avoid accidental changes that invalidate sessions.
  • Keep showdebugoutput disabled in production; rely on logs and monitoring.
  • Lock shared state updates (Application scope) to ensure Thread safety during reinit.
  • Prefer request-local state (request scope) over broader scopes to minimize side effects.
  • Centralize response headers (Security, cache-control) in onRequestStart or a shared include.
  • Maintain minimal logic in onRequest; route complex logic to handlers or frameworks.
  • Consider this.setClientCookies=false only if you understand and manage CFID/CFTOKEN securely yourself, or use SSO/proxy-based session solutions.
  • Document any environment detection logic and ensure it’s deterministic in containers and Serverless-like setups.
See also  Download the ColdFusion Upgrade Pre-Flight Checklist (PDF)

Benefits and Use Cases

  • Faster project setup: Start every CFML project with a known-good Application.cfc baseline.
  • Fewer regressions: Standardized lifecycle handlers reduce “it works here but not there” issues.
  • Easier production hardening: Central control of timeouts, debugging, and errors via environment-aware config.
  • Smoother collaboration: A common bootstrap pattern improves Onboarding and code reviews.
  • Compatibility across engines: The template runs on both Adobe ColdFusion and Lucee with notes to adapt multi-DSN Features.

Common use cases:

  • Greenfield apps needing a robust ColdFusion application framework skeleton
  • Migrating legacy Application.cfm apps to Application.cfc and modern CFScript
  • Creating micro-sites or sub-applications under a larger webroot with distinct lifecycles
  • Teaching new team members how Application.cfc events work

Pros and cons

Pros

  • Centralized configuration and error handling
  • Reduced boilerplate and consistent conventions
  • Environment-aware toggles for safer production operations

Cons

  • Some features vary by engine/version (e.g., multi-DSN property details)
  • Requires careful handling of reinit in production to avoid Race conditions
  • Over-customization can make the template harder to reuse; keep it lean and layered

Key Takeaways

  • Application.cfc is the backbone of a ColdFusion app; a solid template saves time and prevents bugs.
  • The provided sample supports Adobe ColdFusion and Lucee and includes lifecycle events, error handling, and environment-aware config.
  • Keep production settings strict (no debug output) and protect reinitialization with a secret and locks.
  • Treat the template as a starter: customize mappings, datasources, and error pages to your needs.

FAQ

H4: Does this template work on both Adobe ColdFusion and Lucee?

Yes. Core features (this.name, timeouts, Session management, lifecycle events) work on both. The multi-DSN this.datasources struct is supported on Lucee and Adobe ColdFusion 2018+; if you target older versions, rely on this.datasource only.

H4: How do I safely reinitialize the application?

Only allow reinit with a secret token (e.g., /?reinit=secret) or an admin-only role check. Use application-scope locks around onApplicationStart to avoid Race conditions. Consider disabling reinit in production.

H4: Where should I put my database credentials?

In the ColdFusion Administrator or an environment-level secret store. Reference DSN names in Application.cfc rather than embedding credentials in code.

H4: Can I use a layout with onRequest?

Yes. Replace the simple include arguments.targetPage with a layout strategy that includes the target page inside a wrapper, or route through a controller framework. Keep the core onRequest lean and delegate complex logic.

H4: How do I handle 404 and 500 errors?

Provide /errors/404.cfm and /errors/500.cfm. The template sets appropriate status codes via cfheader and includes these pages. You can also integrate with your logging and monitoring tools for alerts.

About the author

Aaron Longnion

Aaron Longnion

Hey there! I'm Aaron Longnion — an Internet technologist, web software engineer, and ColdFusion expert with more than 24 years of experience. Over the years, I've had the privilege of working with some of the most exciting and fast-growing companies out there, including lynda.com, HomeAway, landsofamerica.com (CoStar Group), and Adobe.com.

I'm a full-stack developer at heart, but what really drives me is designing and building internet architectures that are highly scalable, cost-effective, and fault-tolerant — solutions built to handle rapid growth and stay ahead of the curve.

View all posts

You may also like