Blog

CBSecurity 3.1 Released

Luis Majano February 20, 2023

Spread the word

Luis Majano

February 20, 2023

Spread the word


Share your thoughts

We are happy to announce our first minor release for CBSecurity v3.1.0, with some nice updates and a new password generator.

What is CBSecurity

The ColdBox CBSecurity module is a collection of modules to help secure your ColdBox applications. The significant areas of concern are:

  • A security authentication/authorization firewall which can secure your application based on the following:
    • Security rules and a rule engine for validation of incoming events or URL patterns
    • Handler and method annotations
  • A security service can be used to provide user authentication and authorization contexts via a fluent language approach.
  • A JWT generator, decoder, and authentication services
  • Cross-Site Request Forgery (CSRF) Protection
  • An authentication manager which can be plug-and-play with your authentication service or third-party services
  • HTTP Basic-Authentication services that provide basic user credential storage and browser challenges
  • A graphical user interface for visualizing the firewall and operational settings we lovingly call the CBSecurity Visualizer
  • Industry-standard response headers to protect against XSS, clickjacking, frame busting, and much more

Getting Started

You can easily add security to your ColdBox applications by installing the module via CommandBox. Out of the box, it will secure your application using several industry standards headers and approaches. However, you will have to configure which authentication and authorization system it will use. Check out our new security overview guide: https://coldbox-security.ortusbooks.com/getting-started/overview

# Install
install cbsecurity

# Update
update cbsecurity

What's New

This release includes a major upgrade of our cbcsrf library, but more importantly a way to generate secure and random passwords using our new createPassword() method in our CBSecurity object. Check out our release notes: https://coldbox-security.ortusbooks.com/intro/release-history/whats-new-with-3.1.0

Generating Passwords

Generate secure and random passwords with our createPassword() method.

You can use the createPassword( length:32, letters:true, numbers:true, symbols:true ) 
// Generate a random password 32 characters in length
cbsecure().createPassword()

// Generate with no symbols and 16 characters
cbsecure().createPassword( length: 16, symbols: false )

// Generate with no numbers and 12 characters
cbsecure().createPassword( length: 12, numbers: false )

Add Your Comment

Recent Entries

Ortus Solutions Returns to CFCamp as Platinum Sponsor – Join Us to Redefine the Future with BoxLang!

Ortus Solutions Returns to CFCamp as Platinum Sponsor – Join Us to Redefine the Future with BoxLang!

We’re thrilled to announce that Ortus Solutions and BoxLang will once again join CFCamp as Platinum Sponsors for the 2025 edition. As passionate advocates of innovation in the CFML and modern JVM space, we’re proud to keep pushing boundaries—and this year is shaping up to be our biggest presence yet.

Day 1 Keynote by Luis Majano

CFCamp 2025 will kick off with a keynote delivered by none other than our CEO and BoxLang creator, Luis Majano. Join...

Cristobal Escobar
Cristobal Escobar
April 25, 2025
Must-See Into the Box 2025 Sessions for CommandBox Users!

Must-See Into the Box 2025 Sessions for CommandBox Users!

Power Up your CommandBox experience and practices at Into the Box 2025

Want to get hands-on with the new CommandBox features or learn how others are pushing it to the next level? These are the must-see sessions at ITB 2025 if you're a CommandBox user:

Maria Jose Herrera
Maria Jose Herrera
April 21, 2025
Must-See ITB 2025 Sessions for TestBox Users!

Must-See ITB 2025 Sessions for TestBox Users!

Are you a fan of TestBox or looking to level up your testing game in 2025? Whether you're just getting started with unit testing or you're already building advanced specs for ColdBox and BoxLang apps, Into the Box 2025 has an exciting lineup tailored just for you. Into the Box 2025 has an exciting lineup tailored just for you. With the recent launch of TestBox 6.3.0 we have amazing new tools, features and tips and tricks to get your testing experience to the next level, review our sessions and test like a pro efficiently and easy!

From hands-on testing strategies to BoxLang innovations, here are the sessions you won’t want to miss this May — and why they matter to you as a TestBox user.

Maria Jose Herrera
Maria Jose Herrera
April 17, 2025