Giters

bllivingston / cbsecurity-docs

The official docs for the CB Security module

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Introduction

The ColdBox cbsecurity module will enhance your ColdBox applications by providing out of the box security in the form of:

  • A security rule engine for validating incoming requests
  • Annotation driven security for validating incoming events to handlers and actions
  • JWT (Json Web Tokens) generator, decoder and authentication services
  • A security service to provide you with functional approaches to security context authorization

Features

  • Ability to have global security rules
  • Ability for modules to add their own security rules and action overrides
  • Ability to distinguish between authentication and authorization issues
  • Annotation driven cascading security for handlers and actions
  • A functional security service that can be injected anywhere to provide you with authorizations
  • Security rules can exist in:
    • XML File
    • JSON File
    • Database
    • Models
  • The rules can be configured to use regular expressions or simple snippets
  • Can use ColdFusion authentication security
  • Can leverage any custom authentication provider
  • Plug any Authentication service or can leverage cbauth by default
  • Capability to distinguish between invalid authentication and invalid authorization and determine an outcome of the process.
  • Ability to load/unload security rules from contributing modules.
  • Ability for each module to define it's own validator

Versioning

The ColdBox Security Module is maintained under the Semantic Versioning guidelines as much as possible. Releases will be numbered with the following format:

<major>.<minor>.<patch>

And constructed with the following guidelines:

  • Breaking backward compatibility bumps the major (and resets the minor and patch)
  • New additions without breaking backward compatibility bumps the minor (and resets the patch)
  • Bug fixes and misc changes bumps the patch

License

Apache 2 License: http://www.apache.org/licenses/LICENSE-2.0

Important Links

Professional Open Source

Ortus Solutions, Corp

The ColdBox ORM Module is a professional open source software backed by Ortus Solutions, Corp offering services like:

  • Custom Development
  • Professional Support & Mentoring
  • Training
  • Server Tuning
  • Security Hardening
  • Code Reviews
  • Much More

HONOR GOES TO GOD ABOVE ALL

Because of His grace, this project exists. If you don't like this, then don't read it, it's not for you.

"Therefore being justified by faith, we have peace with God through our Lord Jesus Christ: By whom also we have access by faith into this grace wherein we stand, and rejoice in hope of the glory of God." Romans 5:5

About

The official docs for the CB Security module