Basic Authentication

CommandBox's web server supports enabling Basic Auth on your sites.

server set
server set"My Realm"
server set
server set

That will create the following data in your server.json, which will be picked up the next time you start your server.

        "security" : {
            "realm" : "My Realm",
            "authPredicate" : "regex( pattern='^/lucee/admin/.*', case-sensitive=false )",

If there is no authPredicate set, basic auth with secure ALL PAGES on the site. Once you set an authPredicate, only the pages matching the predicate will require authentication.

The old setting location for Basic Auth (web.basicAuth) will STILL WORK until the next major version of CommandBox, but should be considered deprecated. If both the settings exist (Ex: web.basicAuth.enable and, the new location will be given precedence.

For Multi-Site, any basic auth settings can be configured on a per-site basis in the sites object of the server.json or in a .site.json file.

Last updated