In my previous post I explained cbauth based authentication combined with annotation based security. Annotations are easy to understand, so good as a starting point, but if you need something more flexible you need security rules. So when would you need security rules?
I’v been a long time user of
cbsecurity v1.x, a security rule engine for. validation incoming request. I think most people have written code for authenticating users and validation their request in some ways, and probably many of you have written and modified this code over and over again. Cbsecurity v1 has been around for a long time, but some people complained it was hard to understand and/or too complex. in the mean time other security modules such as
cbguard were released which were a bit more limited but easier to use. In februari Ortus released
cbsecurity version 2 and in subsequent months more and more features were added, resulting in a product which covers a lot of your security needs.
In my opinion the usability of
cbsecurity has increased a lot, but there are many options to choose from. In a series of blog posts I will try to show you what different possibilities you’ll have to use
cbsecurity to your advantage.