Blog

The Security Module

ColdBox MVC, Modules, Tutorials
Curt Gratz February 16, 2015

Spread the word

Curt Gratz

February 16, 2015

Spread the word

Share your thoughts

Ortus Solutions

Looking to secure your ColdBox application?  The Security Module can be your security rules engine for your application.  It provides flexible options to rules based security for you to use.

We have often talked about how a module can be either complex or as simple as an interceptor.  Our Security Module is basically just an interceptor that gets registered in your application to enforce rules you define.  Installing it is easy using CommandBox run the following command

box install cbsecurity

The module will register a security interceptor with empty rules for you.  You can update the security rules included in the `config` folder or comment the interceptor out and just add it to your main application or necessary modules using the mapping it creates for you.

The full documentation for the security interceptor can be found at

http://wiki.coldbox.org/wiki/Security.cfm​ 

Feel free to take advantage of this module to help your secure your application and take care of some of the boiler plate work for you. 

Add Your Comment

Recent Entries

MatchBox and WebAssembly: Running BoxLang in the Browser and at the Edge

MatchBox and WebAssembly: Running BoxLang in the Browser and at the Edge

The MatchBox open beta is live at https://boxlang.ortusbooks.com/boxlang-framework/matchbox, and it brings something genuinely new to the BoxLang ecosystem: a path into WebAssembly.

That means BoxLang code can now move into browser applications, static-site deployments, edge runtimes, and WASI-style containers - without requiring a JVM. The feature is still beta, but the core direction is already useful: write BoxLang, compile it with MatchBox, and ship the generated WASM artifact to wherever a small portable runtime makes sense.

Jacob Beers
Jacob Beers
June 04, 2026