The ColdBox cbsecurity module is a collection of modules to help secure your applications. You can find the documentation here: https://coldbox-security.ortusbooks.com/
The major areas of concern are:
-
A security authentication/authorization firewall (
cbsecurity) which can secure your application based on:-
Security rules and a rule engine for validation incoming events or URL’s
-
Handler annotations
-
-
A security service for explicit authorizations (
cbsecurity) to provide you with functional approaches to security context authorization in any layer of your application. -
A JWT generator, decoder and authentication services (
jwtcfml) -
Cross Site Request Forgery (CSRF) Protection (
cbcsrf) -
An authentication manager (
cbauth)
