CBSecurity 3.1 Released

Luis Majano February 20, 2023

Spread the word

Luis Majano

February 20, 2023

Spread the word

Share your thoughts

We are happy to announce our first minor release for CBSecurity v3.1.0, with some nice updates and a new password generator.

What is CBSecurity

The ColdBox CBSecurity module is a collection of modules to help secure your ColdBox applications. The significant areas of concern are:

  • A security authentication/authorization firewall which can secure your application based on the following:
    • Security rules and a rule engine for validation of incoming events or URL patterns
    • Handler and method annotations
  • A security service can be used to provide user authentication and authorization contexts via a fluent language approach.
  • A JWT generator, decoder, and authentication services
  • Cross-Site Request Forgery (CSRF) Protection
  • An authentication manager which can be plug-and-play with your authentication service or third-party services
  • HTTP Basic-Authentication services that provide basic user credential storage and browser challenges
  • A graphical user interface for visualizing the firewall and operational settings we lovingly call the CBSecurity Visualizer
  • Industry-standard response headers to protect against XSS, clickjacking, frame busting, and much more

Getting Started

You can easily add security to your ColdBox applications by installing the module via CommandBox. Out of the box, it will secure your application using several industry standards headers and approaches. However, you will have to configure which authentication and authorization system it will use. Check out our new security overview guide:

# Install
install cbsecurity

# Update
update cbsecurity

What's New

This release includes a major upgrade of our cbcsrf library, but more importantly a way to generate secure and random passwords using our new createPassword() method in our CBSecurity object. Check out our release notes:

Generating Passwords

Generate secure and random passwords with our createPassword() method.

You can use the createPassword( length:32, letters:true, numbers:true, symbols:true ) 
// Generate a random password 32 characters in length

// Generate with no symbols and 16 characters
cbsecure().createPassword( length: 16, symbols: false )

// Generate with no numbers and 12 characters
cbsecure().createPassword( length: 12, numbers: false )

Add Your Comment

Recent Entries

Hackers demand a ransom to restore data from my ColdFusion web applications!

Hackers demand a ransom to restore data from my ColdFusion web applications!

Hackers demand a ransom to restore data from my ColdFusion web applications!

Unfortunately, we often hear this message from clients who thought it would never happen to them... until it did. Some believed they could delay the expense of Implementing ColdFusion security best practices for one year, while others were tempted to put it off for just a few months. However, in today's rapidly evolving digital landscape, the security of web applications, including ColdFusio...

Cristobal Escobar
Cristobal Escobar
April 16, 2024
Ortus March Newsletter

Ortus March Newsletter

Welcome to Ortus Solutions’ monthly roundup, where we're thrilled to showcase cutting-edge advancements, product updates, and exciting events! Join us as we delve into the latest innovations shaping the future of technology.

Maria Jose Herrera
Maria Jose Herrera
April 01, 2024
Into the Box 2024 Last Early Bird Days!

Into the Box 2024 Last Early Bird Days!

Time is ticking, with less than 60 days remaining until the excitement of Into the Box 2024 unfolds! Don't let this golden opportunity slip away; our exclusive Early Bird Pricing is here for a limited time only, available until March 31st. Why wait? Secure your seat now and take advantage of this steal!

Maria Jose Herrera
Maria Jose Herrera
March 20, 2024