java.lang.Object

com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard

All Implemented Interfaces:: com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard, com.atlassian.seraph.Initable

public class ConfluenceElevatedSecurityGuard extends Object implements com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard

Confluence specific implementation of the Seraph ElevatedSecurityGuard.

NOTE : This class is instantiated by Seraph at servlet context initialisation time hence it cannot have its dependencies injected.

Field Summary

Fields

Modifier and Type

Field

Description

static final String

ELEVATED_SECURITY_FAILURE
Constructor Summary

Constructors

Constructor

Description

ConfluenceElevatedSecurityGuard()
Method Summary

Modifier and Type

Method

Description

void

init(Map<String,String> params, com.atlassian.seraph.config.SecurityConfig config)

void

onFailedLoginAttempt(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)

void

onSuccessfulLoginAttempt(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)

boolean

performElevatedSecurityCheck(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)

This will be called to perform an elevated security check for a given user name.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- ELEVATED_SECURITY_FAILURE
  
  public static final String ELEVATED_SECURITY_FAILURE
  See Also:
  
  Constant Field Values
Constructor Details
- ConfluenceElevatedSecurityGuard
  
  public ConfluenceElevatedSecurityGuard()
Method Details
- performElevatedSecurityCheck
  
  public boolean performElevatedSecurityCheck(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)
  
  This will be called to perform an elevated security check for a given user name. Its up to the implementor to decide what if any tests needs to be done. It should return true if the authentication can proceed.
  
  Specified by:
  
  performElevatedSecurityCheck in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
  
  Parameters:
  
  httpServletRequest - the HTTP request in play
  
  userName - the name of the user to get login information about
  
  Returns:
  
  true if the user passed the elevated security check or false if not. If you dont want any elevated security checks done then always return true.
- onFailedLoginAttempt
  
  public void onFailedLoginAttempt(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)
  
  Specified by:
  
  onFailedLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
- onSuccessfulLoginAttempt
  
  public void onSuccessfulLoginAttempt(jakarta.servlet.http.HttpServletRequest httpServletRequest, String userName)
  
  Specified by:
  
  onSuccessfulLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
- init
  
  public void init(Map<String,String> params, com.atlassian.seraph.config.SecurityConfig config)
  
  Specified by:
  
  init in interface com.atlassian.seraph.Initable

Class ConfluenceElevatedSecurityGuard

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

ELEVATED_SECURITY_FAILURE

Constructor Details

ConfluenceElevatedSecurityGuard

Method Details

performElevatedSecurityCheck

onFailedLoginAttempt

onSuccessfulLoginAttempt

init