Ernst has just posted his code for an ssl interceptor he just created. It looks awesome so take a look for yourself.
Blog
Recent Entries
Discover the tools, tricks, and techniques every modern CFML and BoxLang developer needs!
Into the Box 2026 is officially on the horizon, and it’s shaping up to be our most impactful conference yet.
Our mission this year is simple: **Make modernization approachable for everyone.** Whether you’re a seasoned ColdFusion veteran or a developer just starting your BoxLang journey, we’ve priced this event to ensure the entire community can join us in person.
Victor Campos
Victor Campos
March
05,
2026
From Lucee to Modern JVM Architectures for German Enterprises
How German companies running Lucee and CFML can evolve toward cloud-native JVM platforms
Across Germany, many enterprises rely on Lucee and CFML-based applications to run critical internal systems, customer portals, and business workflows.
Germany has one of the most active Lucee communities in Europe, supported by long-standing adoption of CFML across industries such as:
- Manufacturing
- Logistics <...
Cristobal Escobar
Cristobal Escobar
March
04,
2026
BoxLang 1.11.0 Release
We're proud to announce BoxLang 1.11.0, a highly focused performance and stability release that delivers measurable speed improvements across every BoxLang application, with zero code changes required. The team invested deeply in bytecode generation, class loading, lock management, and type casting to produce one of the most impactful runtime optimization releases to date. Alongside the performance wave, this release resolves critical concurrency bugs, hardens DateTime handling, and ships powerful new developer tooling.
Luis Majano
Luis Majano
March
04,
2026
Add Your Comment
(4)
Jan 19, 2008 23:50:35 UTC
by Rob Gonda
It's missing some functionality ... how does it know which event has to be secured? It should secure only specific events, and force unsecured requests for the rest. something like if not isSsl and requireSll then cflocate to https if isSsl and not requireSll then cflocate to http
Jan 19, 2008 23:54:53 UTC
by Luis Majano
That is up to Ernst, but I think its a good start.
Jan 21, 2008 16:01:48 UTC
by Ernst van der Linden
Rob you're right. We could implement that. Just make a list of allowed events without SSL as a property in interceptor xml definition and then check with event.getCurrentEvent() if we need SSL. I will take a look and keep you informed.
Jan 21, 2008 17:47:57 UTC
by Ernst van der Linden
Rob, I made in new blog entry. The SSL interceptor now supports SSL for specific events. Comments are welcome!