WebSudoManager (Confluence Core 5.1.3 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.confluence.security.websudo
Interface WebSudoManager

All Known Implementing Classes:: DefaultWebSudoManager

public interface WebSudoManager

Manages the WebSudo related access to Request, Response and Session objects and provides a method to determine if an XWork action should be treated as a WebSudo resource (matches(String, Class, java.lang.reflect.Method).

Method Summary
`boolean`	`hasValidSession(HttpSession session)` Check if this is a valid WebSudo session.
`void`	`invalidateSession(HttpServletRequest request, HttpServletResponse response)` Invalidate the current WebSudo session.
`boolean`	`isEnabled()`
`boolean`	`isWebSudoRequest(HttpServletRequest request)` Checks if the `request` is a WebSudo request.
`void`	`markWebSudoRequest(HttpServletRequest request)` Marks the `request` as a request for a WebSudo resource.
`boolean`	`matches(String requestURI, Class<? extends com.opensymphony.xwork.Action> actionClass, Method method)` Check if the action method should be WebSudo protected for the given requestURI.
`void`	`startSession(HttpServletRequest request, HttpServletResponse response)` Start a new WebSudo session.

Method Detail

isEnabled

boolean isEnabled()

Returns:: true if WebSudo is enabled, false otherwise.

matches

boolean matches(String requestURI,
                Class<? extends com.opensymphony.xwork.Action> actionClass,
                Method method)

Check if the action method should be WebSudo protected for the given requestURI.

Parameters:: requestURI - - the requestURI for this action method; actionClass - - the current action class; method - - the action method that is executed
Returns:: true if the action method should be WebSudo protected, false otherwise.

hasValidSession

boolean hasValidSession(@Nullable
                        HttpSession session)

Check if this is a valid WebSudo session.

Parameters:: session - the current HttpSession. Can be null
Returns:: true if the HttpSession is a WebSudo session.

isWebSudoRequest

boolean isWebSudoRequest(@Nullable
                         HttpServletRequest request)

Checks if the request is a WebSudo request.

Parameters:: request - the current HttpServletRequest
Returns:: true if the current request is requesting a WebSudo protected web resource, false otherwise.
Since:: 3.4

startSession

void startSession(HttpServletRequest request,
                  HttpServletResponse response)

Start a new WebSudo session. Creates a new HttpSession if necessary.

Parameters:: request - the current HttpServletRequest; response - the current HttpServletResponse
Since:: 3.4

markWebSudoRequest

void markWebSudoRequest(@Nullable
                        HttpServletRequest request)

Marks the request as a request for a WebSudo resource.

Parameters:: request - the current HttpServletRequest
Since:: 3.4

invalidateSession

void invalidateSession(HttpServletRequest request,
                       HttpServletResponse response)

Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.

Parameters:: request - the current HttpServletRequest; response - the current HttpServletResponse
Since:: 3.4