Introduction
The ColdBox cbsecurity module is a collection of modules to help secure your applications.
The major areas of concern are:
A security authentication/authorization firewall ( cbsecurity ) which can secure your application based on:
Security rules and a rule engine for validation incoming events or URL's
A security service for explicit authorizations ( cbsecurity ) to provide you with functional approaches to security context authorization in any layer of your application.
A JWT generator, decoder and authentication services ( jwtcfml )
Cross Site Request Forgery (CSRF) Protection ( cbcsrf )
An authentication manager ( cbauth )
Module composition
Ability to have global security rules
Ability for modules to add their own security rules and action overrides
Ability to distinguish between authentication and authorization issues
The ColdBox Security Module is maintained under the guidelines as much as possible. Releases will be numbered with the following format:
And constructed with the following guidelines:
Breaking backward compatibility bumps the major (and resets the minor and patch)
New additions without breaking backward compatibility bumps the minor (and resets the patch)
Bug fixes and misc changes bumps the patch
Apache 2 License: ​
Important Links
Professional Open Source
The ColdBox Security Module is a professional open source software backed by offering services like:
Professional Support & Mentoring
Discussion & Help
The Box products and modules community for discussion and help can be found here:
HONOR GOES TO GOD ABOVE ALL
Because of His grace, this project exists. If you don't like this, then don't read it, it's not for you.
"Therefore being justified by faith, we have peace with God through our Lord Jesus Christ: By whom also we have access by faith into this grace wherein we stand, and rejoice in hope of the glory of God." Romans 5:5
