cbSecurity
CommunitySlackSupport
v3.x
v3.x
  • 🔏Introduction
    • Release History
      • What's New With 3.4.0
      • What's New With 3.3.0
      • What's New With 3.2.0
      • What's New With 3.1.0
      • What's New With 3.0.0
    • Upgrade to 3.0.0
    • About This Book
      • Author
  • Getting Started
    • Installation
    • Overview
    • Configuration
      • 🔏Authentication
      • 🥸Basic Auth
      • 🙈CSRF
      • 🌐JWT
      • 🧱Firewall
        • DB Rules
        • JSON Rules
        • Model Rules
        • XML Rules
      • ☢️Security Headers
      • 🔬Visualizer
  • Usage
    • Authentication Services
    • Basic Authentication
    • Security Rules
    • Security Annotations
    • cbSecurity Model
      • Authentication Methods
      • Authorization Contexts
      • Blocking Methods
      • Securing Views
      • Utility Methods
      • Verification Methods
    • Secured URL
    • Interceptions
    • Cross Site Request Forgery
    • Delegates
    • Auth User
  • Security Validators
    • Auth Validator
    • BasicAuth Validator
    • CFML Security Validator
    • Custom Validator
  • JWT
    • JWT Services
    • JWT Validator
    • Refresh Tokens
    • Token Storage
    • JWT Interceptions
  • External links
    • Issue Tracker
    • Source code
    • Sponsor Us
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Security Validators

Auth Validator

The auth validator leverages authentication and role-permission-based authorization for you.

ColdBox security ships with this validator that knows how to talk to the authentication service and validate authentication and authorization via permissions and roles. All you need to do is use the WireBox ID of AuthValidator@cbsecurity in your validator setting:

cbsecurity = {

    firewall : {
        validator = "AuthValidator@cbsecurity"
    }

}

AuthValidator is the default validator for ColdBox Security

The configured authentication service must adhere to our IAuthService interface and the User object must adhere to the IAuthUser interface.

Remember that a validator can exist globally and on a per ColdBox Module level.

PreviousAuth UserNextBasicAuth Validator

Last updated 2 years ago

Was this helpful?