Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.confluence.security.seraph
Class ConfluenceElevatedSecurityGuard

java.lang.Object
  extended by com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard
All Implemented Interfaces:
com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard, com.atlassian.seraph.Initable
public class ConfluenceElevatedSecurityGuard
extends Object
implements com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard

Confluence specific implementation of the Seraph ElevatedSecurityGuard.

X NOTE : This class is instatiated by Seraph at servlet context initialisation time hence it cannot have its dependencies injected.

Field Summary
static String ELEVATED_SECURITY_FAILURE
           
 
Constructor Summary
ConfluenceElevatedSecurityGuard()
          Seraph needs the default constructor
 
Method Summary
 void init(Map<String,String> params, com.atlassian.seraph.config.SecurityConfig config)
           
 void onFailedLoginAttempt(HttpServletRequest httpServletRequest, String userName)
           
 void onSuccessfulLoginAttempt(HttpServletRequest httpServletRequest, String userName)
           
 boolean performElevatedSecurityCheck(HttpServletRequest httpServletRequest, String userName)
          This will be called to perform an elevated security check for a given user name.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ELEVATED_SECURITY_FAILURE

public static final String ELEVATED_SECURITY_FAILURE
See Also:
Constant Field Values
Constructor Detail

ConfluenceElevatedSecurityGuard

public ConfluenceElevatedSecurityGuard()
Seraph needs the default constructor

Method Detail

performElevatedSecurityCheck

public boolean performElevatedSecurityCheck(HttpServletRequest httpServletRequest,
                                            String userName)
This will be called to perform an elevated security check for a given user name. Its up to the implementor to decide what if any tests needs to be done. It should return true if the authentication can proceed.

Specified by:
performElevatedSecurityCheck in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
Parameters:
httpServletRequest - the HTTP request in play
userName - the name of the user to get login information about
Returns:
true if the user passed the elevated security check or false if not. If you dont want any elevated security checks done then always return true.

onFailedLoginAttempt

public void onFailedLoginAttempt(HttpServletRequest httpServletRequest,
                                 String userName)
Specified by:
onFailedLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard

onSuccessfulLoginAttempt

public void onSuccessfulLoginAttempt(HttpServletRequest httpServletRequest,
                                     String userName)
Specified by:
onSuccessfulLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard

init

public void init(Map<String,String> params,
                 com.atlassian.seraph.config.SecurityConfig config)
Specified by:
init in interface com.atlassian.seraph.Initable
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Confluence is developed by Atlassian.