Blog

cbSecurity 2.2 Released

Luis Majano February 13, 2020

Spread the word

Luis Majano

February 13, 2020

Spread the word


Share your thoughts

Today we bring you a minor release for cbSecurity packed with features! Version 2.2 brings a complete overhaul of our jwt library and we have now switched over to the jwtcfml (https://forgebox.io/view/jwt-cfml) library which has given us a huge boost in capabilities especially supporting RS and ES algorithms. Check out their ForgeBox entry page to see all the features we inherit by using it.

We have also focused on improving our JWT and API security on this release, so check out the release notes for all the goodness!

# Install
install cbsecurity

# Update
update cbsecurity

Release Notes

  • Feature : Migrated from the jwt to the jwtcfml (https://forgebox.io/view/jwt-cfml) library to expand encoding/decoding capabilities to support RS and ES algorithms:
    • HS256
    • HS384
    • HS512
    • RS256
    • RS384
    • RS512
    • ES256
    • ES384
    • ES512
  • Feature : Added a new convenience method on the JWT Service: isTokenInStorage( token ) to verify if a token still exists in the token storage
  • Feature : If no jwt secret is given in the settings, we will dynamically generate one that will last for the duration of the application scope.
  • Feature : New setting for jwt struct: issuer, you can now set the issuer of tokens string or if not set, then cbSecurity will use the home page URI as the issuer of authority string.
  • Feature : All tokens will be validated that the same iss (Issuer) has granted the token
  • Improve : Ability to have defaults for all JWT settings instead of always typing them in the configs
  • Improve : More cfformating goodness!
  • Bug : Invalidation of tokens was not happening due to not using the actual key for the storage

Add Your Comment

Recent Entries

ColdBox Mail Services 2.0 - Fluent Mail For All

ColdBox Mail Services 2.0 - Fluent Mail For All

We are so excited to bring you a major release of our cbmailservices module. This module has been around since our initial versions of ColdBox and it has now matured into a modern and fluent library for sending mail.

Luis Majano
Luis Majano
November 08, 2021
FORGEBOX 6 has landed!

FORGEBOX 6 has landed!

After several months of work, we are proud to announce the release of FORGEBOX 6. This has been a major undertaking spawning several months worth of work, a complete UI revamp for registered users, many bug fixes, multi-key API, and much more. We have also introduced our new Business Accounts with the ability for organizations to have a simple and human way of managing their final package releases and their teams.

Javier Quintero
Javier Quintero
October 26, 2021
CommandBox 5.4.2 Released!

CommandBox 5.4.2 Released!

There is a new update for CommandBox CLI available.  Version 5.4.2 is a patch update that contains a few bug fixes including two important ones. 

  • There is a fix for a regression introduced in 5.4.0 where updating the version of a CF engine doesn't work without forgetting the server first. 
  • There is also an important security impro...

Brad Wood
Brad Wood
October 07, 2021