Blog

Did you miss the News? Introducing the SocketBox STOMP Broker (Demo)

Maria Jose Herrera November 25, 2024

Spread the word

Maria Jose Herrera

November 25, 2024

Spread the word

Share your thoughts

Ortus Solutions

Introducing the SocketBox STOMP Broker (Demo), for ColdFusion (CFML) and BoxLang Developers!

You may have seen our recent announcement about SocketBox, a new WebSocket functionality built into CommandBox’s latest 6.1-rc builds and the latest snapshots of the BoxLang MiniServer. We recommend reading that post first if you haven’t heard about SocketBox yet.

We’ve been working on a fun new library to make WebSockets easier for CFML (and BoxLang) developers. WebSockets are incredibly powerful for real-time applications, but CF developers have historically lagged behind other languages in adopting this technology. With SocketBox, we’re addressing this gap by providing a solution that is easy to implement, much like Socket.io for Node.js apps.

Get Started


Overcoming Challenges in WebSocket Integration

Traditionally, CF’s deployment to a servlet makes it challenging for libraries to modify the behavior of HTTP listeners. SocketBox overcomes this limitation by offering basic WebSocket connection management and low-level messaging capabilities to build upon.


Introducing STOMP Protocol Support

As of today, we’ve taken SocketBox a step further by adding support for the STOMP (Simple Text Oriented Messaging Protocol) broker. This addition brings several powerful features on top of basic WebSocket functionality:

  • Message format/serialization
  • Authentication/authorization
  • Topics and message routing
  • Subscriptions to a topic
  • Sending messages to a destination
  • Automatic client reconnect
  • Heartbeat messages to detect dead connections

Implementing STOMP in Your Application

To use STOMP WebSocket support, you’ll extend the modules.socketbox.models.WebSocketSTOMP class in your WebSocket.cfc. This class builds on the functionality of the WebSocketCore class and adds methods you can override for custom behavior:

Key Methods

  • configure(): Configure the STOMP broker via a struct returned by this method.
  • authenticate(required string login, required string passcode, string host, required channel): Custom authentication logic for accepting or denying STOMP connect requests.
  • authorize(required string login, required string exchange, required string destination, required string access, required channel): Custom authorization logic for managing subscriptions and publishing to destinations.

Sending and Receiving Messages

Messages can be sent from a WebSocket connection using a Stomp.js library or directly from the server-side, like this:

new WebSocket().send('my-destination', "my message");

Client-side JavaScript or server-side CF code can receive messages. For example:

function configure() {
    return {
        "subscriptions": {
            "ping": (message) => {
                send("pong-destination", "Ping Pong!");
            },
            "generate-new-sales-data": (message) => {
                salesService.generate();
                send("sales-data-updated", "New sales data available as of #now()#");
            }
        }
    };
}

Leveraging STOMP Routing with Exchanges

STOMP introduces a robust routing system using exchanges. Messages are sent to an exchange, which determines their routing. This flexibility allows for messages to be sent to multiple destinations or none at all.


Exchange Types

  1. Direct: Routes messages directly to the destination matching their header.
  2. Topic: Supports wildcard subscriptions (e.g., foo.bar.baz).
  3. Fanout: Sends messages to all bindings simultaneously.
  4. Distribution: Routes messages to a single destination using algorithms like random or roundrobin.

Security Features

STOMP supports:

  • Authentication: Validates connection requests using user credentials, session variables, or JWTs.
  • Authorization: Ensures users have the proper permissions to subscribe or publish to exchanges and destinations.

Try It Yourself

We’ve published a full demo of STOMP functionality deployed on Render.com and running on the BoxLang MiniServer Docker container. This demo also works on Lucee and Adobe CF when deployed on CommandBox 6.1-rc builds with WebSockets enabled.

Get Started


Source Code

Explore the fully documented source code here: GitHub - SocketBox STOMP Demo


Conclusion

SocketBox with STOMP protocol support brings robust WebSocket capabilities to CFML and BoxLang developers, empowering them to build secure, real-time applications with ease Dive into the documentation on ForgeBox and start experimenting with these powerful new tools!

Add Your Comment

Recent Entries

Discover the tools, tricks, and techniques every modern CFML and BoxLang developer needs!

Discover the tools, tricks, and techniques every modern CFML and BoxLang developer needs!

Into the Box 2026 is officially on the horizon, and it’s shaping up to be our most impactful conference yet.

Our mission this year is simple: **Make modernization approachable for everyone.** Whether you’re a seasoned ColdFusion veteran or a developer just starting your BoxLang journey, we’ve priced this event to ensure the entire community can join us in person.

Victor Campos
Victor Campos
March 05, 2026
From Lucee to Modern JVM Architectures for German Enterprises

From Lucee to Modern JVM Architectures for German Enterprises

How German companies running Lucee and CFML can evolve toward cloud-native JVM platforms

Across Germany, many enterprises rely on Lucee and CFML-based applications to run critical internal systems, customer portals, and business workflows.

Germany has one of the most active Lucee communities in Europe, supported by long-standing adoption of CFML across industries such as:

  • Manufacturing
  • Logistics
    • <...

Cristobal Escobar
Cristobal Escobar
March 04, 2026
BoxLang 1.11.0 Release

BoxLang 1.11.0 Release

We're proud to announce BoxLang 1.11.0, a highly focused performance and stability release that delivers measurable speed improvements across every BoxLang application, with zero code changes required. The team invested deeply in bytecode generation, class loading, lock management, and type casting to produce one of the most impactful runtime optimization releases to date. Alongside the performance wave, this release resolves critical concurrency bugs, hardens DateTime handling, and ships powerful new developer tooling.

Luis Majano
Luis Majano
March 04, 2026