AdobeStock_455007340

Defending ColdFusion Against ASP

Home » Defending ColdFusion Against ASP

Microsoft ASP has been an important player in web application scripting since, well, since a year or so after the introduction of ColdFusion. From an application development process viewpoint, ColdFusion and ASP are not that different. Both are script based, both are very page centric, both embed server-side processing and client-side presentation code in source files, and both are implemented as HTTP server add-on’s (ASP via ISAPI, ColdFusion via ISAPI, and more). ASP and ColdFusion can coexist, and indeed, as most ColdFusion deployments are on Windows, the likelihood of ASP and ColdFusion coexisting (even if ASP is not used) is very high.
The ASP versus ColdFusion discussion used to come up regularly. But not anymore. Now that Microsoft has essentially abandoned any future development on classic ASP, replacing it with ASP.NET, few organizations are embarking on brand new ASP deployments. But having said that, if you do need to defend ColdFusion against ASP, here is what you need to know.
For starters, ASP capabilities are a subset of those of ColdFusion. Or put differently, ColdFusion can do anything that ASP can do, and a whole lot more too. The reverse is not true. Sure, ASP can be extended (using COM objects) to do just about anything that ColdFusion can do, but that is just it, you need to extend ASP, it is your responsibility to do so. Simple things that ColdFusion developers take for granted, like being able to generate an e-mail message, or process an uploaded file, or generate a business chart, none of those are native ASP functionality.
And this is not mere boasting, this is important, because it is the way to head off the “but ASP is free” argument. Sure, ASP is free for starters, but buy all the add-on bits you need to make it functionally equivalent to ColdFusion (even ColdFusion Standard, and even ColdFusion 3 or 4!) and you’ll end up paying far more than ColdFusion costs. Sure, ASP is cheaper initially, but you get way you pay for. Or rather, you don’t get what you don’t pay for. And when you do pay for it, you’ll end up paying a whole lot more.
And that is just looking at initial costs. ASP development is also far more time consuming that ColdFusion development. Even if you are comfortable in the languages used, you’ll still have to write lots more code to get the job done. Even the execution of simple SQL statements is far more complex in ASP, one tag versus lots of lines of ugly code. More code = longer development time = costs more. Plus, more code = more complex ongoing maintenance = costs even more.
At the risk of sounding like an MBA, when you look at the total cost of ownership, ASP is not the cheaper option at all.
Oh, and on top of all that, ASP is proprietary, a single vendor solution, and you’re married to Windows boxes (no Linux, no Unix, no portability).
Maybe this is why, as already stated, most ColdFusion servers run on Windows, Windows boxes that likely already have ASP installed. Why? Because hundreds of thousands of developers have figured out that free can be far too expensive.

3 responses to “Defending ColdFusion Against ASP”

  1. Greg Ostravich Avatar
    Greg Ostravich

    I’m willing to be corrected if this argument is no longer valid but the argument of security and the Web Server that is serving up content (from either ASP.NET, ASP, or ColdFusion) should be an issue.
    It’s my understanding that IIS isn’t the most secure server in the world and that with ASP you get some security holes in the IIS server. I’m assuming default settings – if the administrator is knowledgeable enough maybe all holes can be plugged. ColdFusion doesn’t have to deploy on IIS so I think this is an advantage that’s been left out.

  2. Ben Forta Avatar
    Ben Forta

    Greg, there is validity to your point, but that argument is a slippery slope, so be careful. Apache has had its share of security holes, as has everything from SQL Server to sendmail to … you get the idea.
    Plus, I don’t buy in to the argument that because it is Microsoft it is automatically less secure.
    But hey, if it helps you make the case … 🙂

  3. Steve Powell Avatar
    Steve Powell

    Its also worth pointing out ASP isn’t quite as proprietary as Ben makes out. Chillisoft ASP runs on Linux boxes under Apache and runs far faster than the same ASP code on an IIS platform though that may be the OS and web server rather than the ASP doodlebug thingy. It isn’t however free though its probably cheaper than ASP on Windows 2000 because the Linux OS costs peanuts by comparison.
    Anyway my point is ASP isn’t quite the closed loop spelt out in the article. It still stinks of course and finding clean ASP code is a bit like searching for the Holy Grail but I’m in a pedantic frame of mind this morning.

Leave a Reply