cbauthis quite flexible. In your
IUserServiceimplementation you can define how you want to retrieve your
IAuthUserimplementation: from a database, LDAP or any other authentication provider. You can define any properties you want to store, permissions or roles, and additional data for your authenticated user.
requestStorage. The userID will be stored in a configured
requestStoragecan be anything you want, as long as they implement the required methods. A common scenario, for example, is when you don't want to use ColdFusion or Lucee sessions for API applications, but instead use a distributed cache.