[coldbox 3.5] Security Interceptor

Hey coldboxers!

I’m developing a support ticketing system, and am currently using the security interceptor – which is fine.

However, what I’d like to do is email users with a link to their support ticket, with a key as an url param; if the key exists in the URL then allow them to see their ticket without needing to login (but no-one else’s tickets).

What approach for this would you guys recommend for this?



Hi Tom,

You can define whitelist urls in security interceptor config … then in handler method verify-key.


Wow, yeah, that was pretty obvious!

That’s what happens when you work at the weekend – brain drain !!!

Thanks Sana,