• Railo 4.1 Beta! Check it out now!

    Railo 4.2 Beta! Check it out now!

    Check out the upcoming update. Feature packed and ready to go

    Download it now »

  • Railo newsletter


    You want the latest news? just subscribe to our newsletter.

    Subscribe »

  • Update Notification

    Check for Railo updates

    You want the latest server updates? just subscribe to our update notification service.

    Subscribe »

  • Vote for your favorite Railo enhancement

    Need something implemented?

    Railo a better productthanks to you

    Vote and suggest the next Railo features

    Learn More »

  • Super Support Options!

    Support Packages to suit your business

    Whether you are a big enterprise, or an individual developer, we are here to help and get your project on it's way.

    See which one suits you »

  • Get Up to Speed!

    Training Courses for all your team

    Getting up to speed on using Railo Server effectively is now even easier than ever with our on-site and remote training courses

    Attend a course now »

Railo Book
Finally out on the shelves is the Railo 3: Beginner's Guide book. Written by Mark Drew, with contribution by Gert Franz, Paul Klinkenberg and Jordan Michaels, this is an indispensable guide to getting up and running with Railo Server. You can get it now from Packt Publishing.
Buy it now!
Railo Community

We know it can be frustrating getting going, but with the documentation, help and support from the community you will get going in no time! Why not check out the mailing list? As well as community based support you can call on a professional team of consultants to get you going in a jiffy!

Community Resources
Railo Source Code

Want to check out the latest Railo Source? Railo Server is hosted at Github. This means you can clone the source, build the server and even implement new and exciting features. 

View the Source

Railo Blog

May 16, 2014
Railo 4.2 Final release
Some of you maybe already saw that we releases yesterday Railo 4.2 final (was about time!).
We did this as part of our "Railo 4.2/5.0" presentation at cf.objective as a soft release.
So ATM you can update in the Railo Admin, but there are no downloads available on our website yet,
but this will follow soon.
So what is Railo 4.2 about?
Let me start with the general and language improvements.
Tags in Script

In addition to the already supported script tags in Railo, we add support for the syntax introduced with ACF11, so it's up to you to choose the syntax you like!

Example new Syntax:

cfloop (from=1, to=10, index="i") {

Example existing and still supported syntax:

loop from=1 to=10 index="i" {
Member function with Literals
Railo allows to use member functions on literal structs/arrays


[1,2,3,4].each( function() {

{susi:"Sorglos"}.each( function() { dump(arguments); 
Easy access for single characters in a string
Railo allows to use a string like a array.


String member functions
Railo is supporting all string member function including list member functions


str="Susi Sorglos";
dump(str.len());// equal to stringLen(str);
dump(str.listLast(' ')); // equal to listLast(str,' ');
We also added new member functions not supprted as regular functions 


str="Susi Sorglos";
dump(str.hasPrefix("Su")); // true
dump(str.hasSuffix("los")); // true
CFML based Filesystems
Railo is supporting a lot of virtual filesystems for a long time (ram,s3,ftp,http,zip ...), all this Filesystems are implemented in Java,
Railo now allows to write a virtual filesystem in CFML, so you can for example do a "dropbox" filesystem "simply" by implementing a specific component.
Detailed information about this will follow soon ...
Custom tag search in archives
Railo now can search Railo Archives recursive for custom tags
Extended or new Function/Tags
Railo 4.2 also comes with a basked filled with new and extended Tags and Functions
cachedwithin "request"
the attribute "cachedwithin" you have with the tag cffunction,cfquery,cfinclude allows to define "request" instead of a timespan. 
This way the result is cached for the current request.


<cfquery name="qry" cachedWithin="request">
   select lastname from Person where whatever=#whatever#
"cachedwithin" with tag cfinclude
we added the attribute "cachedwithin" to the tag cfinclude, so now you can cache includes the same way you can queries and functions!
cffunction "cachedwithin" improved
cffunction cachedwithin now also works with complex objects in the argument scope what was not possible before.
We added the function QueryExecute, so now you have a additional way to do queries in script
here you have some examples for it, detailed documentation will follow ...
Iterator/Closure functions

Railo added a lot of new iterator/closure functions, i will not go into detail about the functionality of this functions, here just the list:
structEvery, structMap, structReduce,structSome
listEvery,listMap,listReduce,listSome,ListEach, extend listFilter (https://issues.jboss.org/browse/RAILO-2994)
Of course all this functions are available as member functions as well.
All functions (expect ...reduce) supporting the "parallel" and "maxThreads" arguments, that allows to execute parallel execution!
The response from the tag <cfhttp> now contains a new key "cookie" that contains the cookies passed back as a query, so you no longer have to parse the cookie header yourself.
cfdirectory/cffile createPath
extended the tags cfdirectory/cffile with the attribute "createPath" to have influence on whatis happening when a parent directory not exists
added function getCanonicalPath that cleans a given path
add function "queryRowData" to red a specific row from a query
structFind default
extended the function structFind with a optional default value
CreateObject pathes
3th argument of createObject("java",... can be a array instead of a string list
CallStackGet output type
added optional argument to the function callStackGet to get influence on the output type (text,hrtml,json) 
CfProcessingDirective preserveCase
add attribute "preservecase" to the tag <cfprocessingdirective> to control the behavior with dot notation keys in a template
ToBinary charset
add new optional argument "charset" to function "toBinary"
UCFirst improvement
it's useful to be able to lowecase an input string before calling UCFirst if ALL of the characters in the input string are UPPER case.
many times users input their names as: "SUSI SORGOLIS", in which case UCFirst does not do anything.
the proposed feature will correctly convert such an input string to "Susi Sorgolis", while preserving the case of the D in an input string like "Ronald McDonald"
GetTickCount improvement
Railo added support for shortcut for argument "unit"
QueryNew improvement
Extended QueryNew to allow populate the query directly
SerializeJson charset
Add argument charset to function SerializeJson
GetLocalHostIP improvement
improve function getLocalHostIP
DateTimeFormat improvement
Enhance function DateTimeFormat() to support ISO8601
DeserializeJson improvement
The function DeserializeJson keep order when deserialize a json struct
IsEmpty member function
Add member function isEmpty
We did also some improvements for the Administrator
Disable type checking
You can now disable type checking in the Railo Administrator
Mapping inspect "inherit"
Railo now allows you to define "inherit" for inspect setting of a mapping to inherit the behavior defined for the context.
Session/Client Storage definition
Railo now allows to define session/client storage in the Railo admin.
Application.cfc/CFApplication Tag
Railo 4.2 brings a lot of new possible settings for the Application.cfc, settings only possible in the Railo Administrator in previous versions.
This makes it easier for application developer to provide applications with specific environment needs to everybody.
For every setting in the Railo Admin that is also possible in the Application.cfc as well, you see a the following hint "<?/>" in the admin, that shows you how to use in the Application.cfc.
There is also a new page "Settings/Export" that shows you all settings possible in the Application.cfc that are possible in the Administrator.
All the following settings are also available with the tag <cfapplication>.  
Tag attribute default values
Railo allows you to define default values for attributes of all tags, including tags defined with extension.
this.tag.location.addtoken=false; // core tag library need no "cf" prefix definition

this.tag.cfdump.format="classic"; // but you can use "cf" prefix definition

cfapplication onMissingTemplate
you can define "onMissingTemplate" event listener with the tag <cfapplication> as well.
Railo added support for this.locale and this.timezone to the Application.cfc
Railo added support to set charsets in the Application.cfc
Scope cascading
Allow to define the scope cascading behavior in the Application.cfc as follows:
Request Timeout
Railo added the possibility to set the request timeout in the Application.cfc
(also this.timeout is supported as alias, for compatibility to ACF)
GZip Compression
Railo added support for enable/disable gzip compression in Application.cfc
Railo 4.2 has a completely rewritten logging framework which is now using log4j instead of a custom one previously. In addition, in the Railo admin you now can inspect all logs created by Railo and you can control where log files are written and how the output looks like. Railo 4.2 dramatically improves performance for the existing logging
Log "cfcatch"
Railo added a new attribute "exception" to the tag <cflog>, to make it possible to send exceptions (cfcatch) directly to a log.
	<cfthrow message="shit happens!!!">
		<cflog application="true" type="error" exception="#cfcatch#">
Administrator Frontend
There is now a page in the Railo Administrator to manage all the log files used
Attribute "log" improved
Since you now can define several individual loggers in the Railo Administrator, by giving them a name, you can use every of these loggers defined in the extended attribute "log". So you can not only use "scheduler" and "application" but you can define your custom logger in the Administrator and use it within the attribute. This is similar to the way you use a datasource name.
<cflog  log="myCustomLogger" message="#msg#">
Railo 4.2 improves the information you receive when an exception is raised. For example when you use a non-existing key in your code, Railo checks if there is a similar key available and informs about this key in the error message.
Lock increase Exception message
When a lock severity is getting increased inside an inner lock from read to exclusive, an exception thrown indicating that it was not possible to acquire the lock. In this particular case it is helpful to know why the error occurred. So the exception is informing you that your request already performed read lock and you now try to acquire an exclusive lock.
ORM Exceptions
Improved ORM Exceptions
April 17, 2014
Railo Server and the Heartbleed vulnerability

Recently there has been a lot of buzz around one of the largest vulnerabilities in SSL, the Heartbeat exploit. There have been questions from the CFML community whether or how Railo Server is affected by this security threat.

Railo Server is a servlet that runs on any servlet engine and therefore by itself (except perhaps for the libraries it uses) not potentially affected by the Heartbleed vulnerability.

Railo Server internal libraries

What libraries which deal with SSL does Railo internally use?

  • Railo uses several libraries that are dealing with SSL. Amongst them there is one that makes use of OpenSSL. Some details.
    • This library is called bcprov-jdk14.jar which is already several years old and therefore alone by this fact not affected by the Heartbleed bug.
    • Next to that the library implements only the SSL client which is anyway not affected by the bug, even though there are issues on the client side as well (see links below).
  • All other libraries Railo uses, use a different SSL library. In any event, these libraries provide an SSL client which anyway is not affected by the bug.
  • Here are all libraries in the current Railo distributions that use some form of SSL:
Library name

Servlet containers

  • Tomcat:
    • Our research revealed that the "tcnative" library is the only piece of Tomcat that is potentially affected as it is the only piece of Tomcat that uses an OpenSSL implementation of SSL.
    • Java's implementation of SSL (JSSE) is not vulnerable. The Railo Tomcat installers don’t do anything with tcnative since most users will use Apache, nginx or IIS to serve up SSL
    • Unless you have specifically compiled tcnative for your system, your instances are safe from a Railo/Tomcat point of view.
  • Jetty
    • Jetty uses JSSE as well, so it's not effected either.

So from a Railo perspective you are safe, if you use our official downloads for your system installation. If however you have built your own system ontop of Tomcat and Apache, nginx etc, you need to follow the different procedures in order to protect your system. There are several different tools out there in order to test and update your systems. The main heartbleed site contains a list of them.


April 9, 2014
(Last) Railo beta release (

On the "Development" update provider, you can find the latest Railo Beta release (

That release not only bring a lot of bug fixes, it also has some new features.

Iterator (Callback/Closure) Functions

In the last release we already added a couple of new iterator functions to Railo (arrayEach,arrayEvery,arrayMap,...), in this release we even extended that list with iterator functions for the "query" and  "string lists".
So we have new the following functions:
- QueryEach
- QueryEvery
- QueryFilter
- QueryMap
- QueryReduce
- QuerySome
- ListEach
- ListEvery
- ListFilter
- ListMap
- ListReduce
- ListSome
We had a vivid discussion about how the argument scope of the udf/closure called with the query functions should look like, again thx to everybody for that!
We decided not do add a new "QueryColumn" type to Railo and simply pass the current row as a struct to the closure/udf and the hole query with the 3th argument
(We will do a detailed blog post about this in the near future).
Of Course all the new query functions can also be used "member functions" (Example: myQuery.each(function(struct row,numeric rowNumber,query query){dump(row)});).
The "List" Functions work the same way as the array functions, with the different that you call them with a string list and not a array ;-)
ATM the list functions are not supported as "member functions" (more below).
In the last release we also added iterator functions that are not specific to a type, functions that can handle all kind of "collections", the same way <cfloop collection="..."> can.
problem was that the short names of this functions getting in conflict with existing  UDFs defined by existimg CFML applications, for example the function "map" that is also used as UDF in "wirebox".
So we decided to rename this functions to "collection...", so for example "Map" is now renamed to "collectionMap".
Of course all this new iterator functions (except ...reduce) are supporting parallel execution like the existing ones!
Member Functions
Railo is supporting member functions for some time now, for the types [array,date,struct,query]. In the current beta release ACF has adopted this feature and they added additional support for the type string,"list" and image as well.
In this release we added support for "string" as well (and the next release will support "image"), what we not have is support for "list" functions, because it was not sure at the time of the release how they will look like in ACF (current implementation is not ... very good and they plan to change it for the next beta release).
Until the final release all of this is not curved in stone, so please feel free to eat it alive!
we also added new member function for strings (startsWith,endsWith,isEmpty)
GetBuiltInFunction (experimental)
This new function is returning you any built in function as a object that can be used the same way as a closure/udf.
function test(function finder,string str,string sub){
   return finder(sub,str);
if(custom) func=function (string sub, strig str){...};
else if(caseSensitive) func=getBuiltinFunction("find");
else func =getBuiltinFunction("findNoCase");
Function Reference Documentation in Admin
in the function reference in the Railo Administrator you can now filter functions by keywords, so for example you choose "iterator" to list only the iterator functions.
Unary operators
Thx to Adam Cameron we have uncovered a bug with all unary operators that is fixed with this release.
This is the last beta release for 4.2, so please report any problem you have with it
Have fun

List of Jira Tickets solved
[RAILO-2250] - add member function isEmpty() to String

Feature Request
[RAILO-2986] - add function QueryEach
[RAILO-2987] - add function QueryEvery
[RAILO-2992] - add function QueryMap
[RAILO-2994] - extend function ListFilter
[RAILO-2995] - add function ListMap
[RAILO-2996] - add function ListReduce
[RAILO-2997] - add function ListSome
[RAILO-2998] - add string member functions
[RAILO-3001] - add member methods startsWith() and endsWith() to string objects
[RAILO-2961] - returning a complex object containing an array of complex objects with base components, does not return base components properties
[RAILO-2963] - Providing array of Structs for SOAP function argument as an array of Complex objects
[RAILO-2965] - properties of complex soap arguments are not dynamically typed
[RAILO-2976] - webservice Complex Objects as arguments don't get accessible data.
[RAILO-2978] - Soap webservices Complex type composed of an array of complex types, throws exception
[RAILO-3003] - webservice with component argument breaks
[RAILO-3005] - railo-inst.jar is deleted during upgrade process
[RAILO-3022] - unary operator creating a new variable in a other scope in some situation