Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml
Class ESAPISecurityConfig

java.lang.Object
  extended by org.opensaml.ESAPISecurityConfig
All Implemented Interfaces:
org.owasp.esapi.SecurityConfiguration
public class ESAPISecurityConfig
extends Object
implements org.owasp.esapi.SecurityConfiguration

Minimal implementation of OWASP ESAPI SecurityConfiguration, providing the support used within OpenSAML.

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.owasp.esapi.SecurityConfiguration
org.owasp.esapi.SecurityConfiguration.Threshold
 
Field Summary
private static org.owasp.esapi.SecurityConfiguration instance
          The singleton instance of this class.
 
Constructor Summary
ESAPISecurityConfig()
          Constructor.
 
Method Summary
 String getAccessControlImplementation()
          
 List getAdditionalAllowedCipherModes()
          
 List getAllowedExecutables()
          
 List getAllowedFileExtensions()
          
 int getAllowedFileUploadSize()
          
 int getAllowedLoginAttempts()
          
 boolean getAllowMixedEncoding()
          
 boolean getAllowMultipleEncoding()
          
 String getApplicationName()
          
 String getAuthenticationImplementation()
          
 String getCharacterEncoding()
          
 String getCipherTransformation()
          
 List getCombinedCipherModes()
          
 List getDefaultCanonicalizationCodecs()
          
 String getDigitalSignatureAlgorithm()
          
 int getDigitalSignatureKeyLength()
          
 boolean getDisableIntrusionDetection()
          
 String getEncoderImplementation()
          
 String getEncryptionAlgorithm()
          
 String getEncryptionImplementation()
          
 int getEncryptionKeyLength()
          
 String getExecutorImplementation()
          
 String getFixedIV()
          
 boolean getForceHttpOnlyCookies()
          
 boolean getForceHttpOnlySession()
          
 boolean getForceSecureCookies()
          
 boolean getForceSecureSession()
          
 String getHashAlgorithm()
          
 int getHashIterations()
          
 String getHttpSessionIdName()
          
 String getHTTPUtilitiesImplementation()
          
static org.owasp.esapi.SecurityConfiguration getInstance()
          Factory method which implements the singleton pattern per the ESAPI reference impl.
 String getIntrusionDetectionImplementation()
          
 String getIVType()
          
 String getKDFPseudoRandomFunction()
          
 boolean getLenientDatesAccepted()
          
 boolean getLogApplicationName()
          
 boolean getLogEncodingRequired()
          
 String getLogFileName()
          
 String getLogImplementation()
          
 int getLogLevel()
          
 boolean getLogServerIP()
          
 byte[] getMasterKey()
          
 byte[] getMasterSalt()
          
 int getMaxHttpHeaderSize()
          
 int getMaxLogFileSize()
          
 int getMaxOldPasswordHashes()
          
 String getPasswordParameterName()
          
 String getPreferredJCEProvider()
          
 org.owasp.esapi.SecurityConfiguration.Threshold getQuota(String eventName)
          
 String getRandomAlgorithm()
          
 String getRandomizerImplementation()
          
 long getRememberTokenDuration()
          
 File getResourceFile(String filename)
          
 InputStream getResourceStream(String filename)
          
 String getResponseContentType()
          
 int getSessionAbsoluteTimeoutLength()
          
 int getSessionIdleTimeoutLength()
          
 File getUploadDirectory()
          
 File getUploadTempDirectory()
          
 String getUsernameParameterName()
          
 String getValidationImplementation()
          
 Pattern getValidationPattern(String typeName)
          
 File getWorkingDirectory()
          
 boolean overwritePlainText()
          
 String setCipherTransformation(String cipherXform)
          
 void setResourceDirectory(String dir)
          
 boolean useMACforCipherText()
          
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

instance

private static volatile org.owasp.esapi.SecurityConfiguration instance
The singleton instance of this class.

Constructor Detail

ESAPISecurityConfig

public ESAPISecurityConfig()
Constructor.

Method Detail

getInstance

public static org.owasp.esapi.SecurityConfiguration getInstance()
Factory method which implements the singleton pattern per the ESAPI reference impl.

Returns:
the singleton instance of this class

getAccessControlImplementation

public String getAccessControlImplementation()

Specified by:
getAccessControlImplementation in interface org.owasp.esapi.SecurityConfiguration

getAdditionalAllowedCipherModes

public List getAdditionalAllowedCipherModes()

Specified by:
getAdditionalAllowedCipherModes in interface org.owasp.esapi.SecurityConfiguration

getAllowedExecutables

public List getAllowedExecutables()

Specified by:
getAllowedExecutables in interface org.owasp.esapi.SecurityConfiguration

getAllowedFileExtensions

public List getAllowedFileExtensions()

Specified by:
getAllowedFileExtensions in interface org.owasp.esapi.SecurityConfiguration

getAllowedFileUploadSize

public int getAllowedFileUploadSize()

Specified by:
getAllowedFileUploadSize in interface org.owasp.esapi.SecurityConfiguration

getAllowedLoginAttempts

public int getAllowedLoginAttempts()

Specified by:
getAllowedLoginAttempts in interface org.owasp.esapi.SecurityConfiguration

getAllowMixedEncoding

public boolean getAllowMixedEncoding()

Specified by:
getAllowMixedEncoding in interface org.owasp.esapi.SecurityConfiguration

getAllowMultipleEncoding

public boolean getAllowMultipleEncoding()

Specified by:
getAllowMultipleEncoding in interface org.owasp.esapi.SecurityConfiguration

getApplicationName

public String getApplicationName()

Specified by:
getApplicationName in interface org.owasp.esapi.SecurityConfiguration

getAuthenticationImplementation

public String getAuthenticationImplementation()

Specified by:
getAuthenticationImplementation in interface org.owasp.esapi.SecurityConfiguration

getCharacterEncoding

public String getCharacterEncoding()

Specified by:
getCharacterEncoding in interface org.owasp.esapi.SecurityConfiguration

getCipherTransformation

public String getCipherTransformation()

Specified by:
getCipherTransformation in interface org.owasp.esapi.SecurityConfiguration

getCombinedCipherModes

public List getCombinedCipherModes()

Specified by:
getCombinedCipherModes in interface org.owasp.esapi.SecurityConfiguration

getDefaultCanonicalizationCodecs

public List getDefaultCanonicalizationCodecs()

Specified by:
getDefaultCanonicalizationCodecs in interface org.owasp.esapi.SecurityConfiguration

getDigitalSignatureAlgorithm

public String getDigitalSignatureAlgorithm()

Specified by:
getDigitalSignatureAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getDigitalSignatureKeyLength

public int getDigitalSignatureKeyLength()

Specified by:
getDigitalSignatureKeyLength in interface org.owasp.esapi.SecurityConfiguration

getDisableIntrusionDetection

public boolean getDisableIntrusionDetection()

Specified by:
getDisableIntrusionDetection in interface org.owasp.esapi.SecurityConfiguration

getEncoderImplementation

public String getEncoderImplementation()

Specified by:
getEncoderImplementation in interface org.owasp.esapi.SecurityConfiguration

getEncryptionAlgorithm

public String getEncryptionAlgorithm()

Specified by:
getEncryptionAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getEncryptionImplementation

public String getEncryptionImplementation()

Specified by:
getEncryptionImplementation in interface org.owasp.esapi.SecurityConfiguration

getEncryptionKeyLength

public int getEncryptionKeyLength()

Specified by:
getEncryptionKeyLength in interface org.owasp.esapi.SecurityConfiguration

getExecutorImplementation

public String getExecutorImplementation()

Specified by:
getExecutorImplementation in interface org.owasp.esapi.SecurityConfiguration

getFixedIV

public String getFixedIV()

Specified by:
getFixedIV in interface org.owasp.esapi.SecurityConfiguration

getForceHttpOnlyCookies

public boolean getForceHttpOnlyCookies()

Specified by:
getForceHttpOnlyCookies in interface org.owasp.esapi.SecurityConfiguration

getForceHttpOnlySession

public boolean getForceHttpOnlySession()

Specified by:
getForceHttpOnlySession in interface org.owasp.esapi.SecurityConfiguration

getForceSecureCookies

public boolean getForceSecureCookies()

Specified by:
getForceSecureCookies in interface org.owasp.esapi.SecurityConfiguration

getForceSecureSession

public boolean getForceSecureSession()

Specified by:
getForceSecureSession in interface org.owasp.esapi.SecurityConfiguration

getHashAlgorithm

public String getHashAlgorithm()

Specified by:
getHashAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getHashIterations

public int getHashIterations()

Specified by:
getHashIterations in interface org.owasp.esapi.SecurityConfiguration

getHttpSessionIdName

public String getHttpSessionIdName()

Specified by:
getHttpSessionIdName in interface org.owasp.esapi.SecurityConfiguration

getHTTPUtilitiesImplementation

public String getHTTPUtilitiesImplementation()

Specified by:
getHTTPUtilitiesImplementation in interface org.owasp.esapi.SecurityConfiguration

getIntrusionDetectionImplementation

public String getIntrusionDetectionImplementation()

Specified by:
getIntrusionDetectionImplementation in interface org.owasp.esapi.SecurityConfiguration

getIVType

public String getIVType()

Specified by:
getIVType in interface org.owasp.esapi.SecurityConfiguration

getKDFPseudoRandomFunction

public String getKDFPseudoRandomFunction()

Specified by:
getKDFPseudoRandomFunction in interface org.owasp.esapi.SecurityConfiguration

getLenientDatesAccepted

public boolean getLenientDatesAccepted()

Specified by:
getLenientDatesAccepted in interface org.owasp.esapi.SecurityConfiguration

getLogApplicationName

public boolean getLogApplicationName()

Specified by:
getLogApplicationName in interface org.owasp.esapi.SecurityConfiguration

getLogEncodingRequired

public boolean getLogEncodingRequired()

Specified by:
getLogEncodingRequired in interface org.owasp.esapi.SecurityConfiguration

getLogFileName

public String getLogFileName()

Specified by:
getLogFileName in interface org.owasp.esapi.SecurityConfiguration

getLogImplementation

public String getLogImplementation()

Specified by:
getLogImplementation in interface org.owasp.esapi.SecurityConfiguration

getLogLevel

public int getLogLevel()

Specified by:
getLogLevel in interface org.owasp.esapi.SecurityConfiguration

getLogServerIP

public boolean getLogServerIP()

Specified by:
getLogServerIP in interface org.owasp.esapi.SecurityConfiguration

getMasterKey

public byte[] getMasterKey()

Specified by:
getMasterKey in interface org.owasp.esapi.SecurityConfiguration

getMasterSalt

public byte[] getMasterSalt()

Specified by:
getMasterSalt in interface org.owasp.esapi.SecurityConfiguration

getMaxHttpHeaderSize

public int getMaxHttpHeaderSize()

Specified by:
getMaxHttpHeaderSize in interface org.owasp.esapi.SecurityConfiguration

getMaxLogFileSize

public int getMaxLogFileSize()

Specified by:
getMaxLogFileSize in interface org.owasp.esapi.SecurityConfiguration

getMaxOldPasswordHashes

public int getMaxOldPasswordHashes()

Specified by:
getMaxOldPasswordHashes in interface org.owasp.esapi.SecurityConfiguration

getPasswordParameterName

public String getPasswordParameterName()

Specified by:
getPasswordParameterName in interface org.owasp.esapi.SecurityConfiguration

getPreferredJCEProvider

public String getPreferredJCEProvider()

Specified by:
getPreferredJCEProvider in interface org.owasp.esapi.SecurityConfiguration

getQuota

public org.owasp.esapi.SecurityConfiguration.Threshold getQuota(String eventName)

Specified by:
getQuota in interface org.owasp.esapi.SecurityConfiguration

getRandomAlgorithm

public String getRandomAlgorithm()

Specified by:
getRandomAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getRandomizerImplementation

public String getRandomizerImplementation()

Specified by:
getRandomizerImplementation in interface org.owasp.esapi.SecurityConfiguration

getRememberTokenDuration

public long getRememberTokenDuration()

Specified by:
getRememberTokenDuration in interface org.owasp.esapi.SecurityConfiguration

getResourceFile

public File getResourceFile(String filename)

Specified by:
getResourceFile in interface org.owasp.esapi.SecurityConfiguration

getResourceStream

public InputStream getResourceStream(String filename)
                              throws IOException

Specified by:
getResourceStream in interface org.owasp.esapi.SecurityConfiguration
Throws:
IOException

getResponseContentType

public String getResponseContentType()

Specified by:
getResponseContentType in interface org.owasp.esapi.SecurityConfiguration

getSessionAbsoluteTimeoutLength

public int getSessionAbsoluteTimeoutLength()

Specified by:
getSessionAbsoluteTimeoutLength in interface org.owasp.esapi.SecurityConfiguration

getSessionIdleTimeoutLength

public int getSessionIdleTimeoutLength()

Specified by:
getSessionIdleTimeoutLength in interface org.owasp.esapi.SecurityConfiguration

getUploadDirectory

public File getUploadDirectory()

Specified by:
getUploadDirectory in interface org.owasp.esapi.SecurityConfiguration

getUploadTempDirectory

public File getUploadTempDirectory()

Specified by:
getUploadTempDirectory in interface org.owasp.esapi.SecurityConfiguration

getUsernameParameterName

public String getUsernameParameterName()

Specified by:
getUsernameParameterName in interface org.owasp.esapi.SecurityConfiguration

getValidationImplementation

public String getValidationImplementation()

Specified by:
getValidationImplementation in interface org.owasp.esapi.SecurityConfiguration

getValidationPattern

public Pattern getValidationPattern(String typeName)

Specified by:
getValidationPattern in interface org.owasp.esapi.SecurityConfiguration

getWorkingDirectory

public File getWorkingDirectory()

Specified by:
getWorkingDirectory in interface org.owasp.esapi.SecurityConfiguration

overwritePlainText

public boolean overwritePlainText()

Specified by:
overwritePlainText in interface org.owasp.esapi.SecurityConfiguration

setCipherTransformation

public String setCipherTransformation(String cipherXform)

Specified by:
setCipherTransformation in interface org.owasp.esapi.SecurityConfiguration

setResourceDirectory

public void setResourceDirectory(String dir)

Specified by:
setResourceDirectory in interface org.owasp.esapi.SecurityConfiguration

useMACforCipherText

public boolean useMACforCipherText()

Specified by:
useMACforCipherText in interface org.owasp.esapi.SecurityConfiguration
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2013. All Rights Reserved.