[CB 3.8.1] Best practices for nightly script

I wanted to ask what is the best suggestion for a script that will run nightly to perform some maintenance tasks?

I have a CB application that requires a login to access.

My first thoughts are:
I want this to run with cfschduler nightly
Should this run outside the CB framework?
How would I have this login ? or is there a way this code could bypass the login requirement(standard session stuff)?

Thanks for any input.


If you’re using Coldbox and the security interceptor, you can always add your task endpoint URL to the whitelist, though I would strongly recommend against it.

Here is my personal preference, in order for scheduled task workers, including those which require authentication:

  1. If the database is capable of performing those tasks, as is the case much of the time, use scheduled jobs. It’s much more efficient.

  2. Set up an secured endpoint URL and use token auth, instead of user/pass authentication. You’re better off modifying your authentication to accept a token, if at all possible. The security interceptor can be configured for this as well. You can use this with either:

a. The CF or Lucee admin task, which will fire the tokenized URL at the scheduled time. I rarely use this option any more.

b. A third-party service, which will ping your URL at a scheduled time to start the task. Jenkins has a plugin that works well for this - which can also send auth headers, HTTP PUT/POST/PATCH/DELETE, and will send an email notification with the returned body if the status code returned isn’t acceptable. Other examples of these services are pingomatic.com, Iron.io and cronasaservice.com.

c. Use the server OS cron jobs to ping the URL using cURL on a schedule.


Thanks Jon,

I’ll look into this.