So a little while back, I took an interest in the OWASP website. I soon realized they provided API's with a lot of their recommendations already built for any one to use in their projects. My dreams of simple security implementation were soon crushed when I discovered the ColdFusion version of their Enterprise Security API (ESAPI) was never finished.
I got in contact with the project lead who informed me that he no longer had time to work on it and was looking to pass it off. So I set out to finish this API myself. I started off with what was already done, but soon scrapped it in favor of mirroring what the Java version of the API was doing.
I have now been working on this in my spare time for awhile now and I have to say, I am quite happy with myself. I have the authentication and authorization pieces working. I am currently working on the encoding functionality which I recently decided that using some of the Java API's functionality was necessary in order to accomplish string manipulation in a timely manner. Thank you, JavaLoader :)
I have not at this point pursued taking over as lead to the CFESAPI project. I am waiting until I have something a little more solid before entering that realm.