Package com.atlassian.confluence.security.websudo

Class DefaultWebSudoManager

    • Constructor Detail

      • DefaultWebSudoManager

        public DefaultWebSudoManager​(SettingsManager settingsManager)

    • Method Detail

      • isEnabled

        public boolean isEnabled()
        Specified by:
        isEnabled in interface WebSudoManager
        Returns:
        true if WebSudo is enabled, false otherwise.

      • isElevatedDefaultPath

        public static boolean isElevatedDefaultPath​(String servletPath)

      • matches

        public boolean matches​(String requestServletPath,
                       Class<?> actionClass,
                       Method method)
        Description copied from interface: WebSudoManager
        Check if the action method should be WebSudo protected for the given requestServletPath.
        Specified by:
        matches in interface WebSudoManager
        Parameters:
        requestServletPath - - the requestServletPath for this action method
        actionClass - - the current action class
        method - - the action method that is executed
        Returns:
        true if the action method should be WebSudo protected, false otherwise.

      • hasValidSession

        public boolean hasValidSession​(javax.servlet.http.HttpSession session)
        Description copied from interface: WebSudoManager
        Check if this is a valid WebSudo session.
        Specified by:
        hasValidSession in interface WebSudoManager
        Parameters:
        session - the current HttpSession. Can be null
        Returns:
        true if the HttpSession is a WebSudo session.

      • startSession

        public void startSession​(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response)
        Description copied from interface: WebSudoManager
        Start a new WebSudo session. Creates a new HttpSession if necessary.
        Specified by:
        startSession in interface WebSudoManager
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse

      • markWebSudoRequest

        public void markWebSudoRequest​(javax.servlet.http.HttpServletRequest request)
        Description copied from interface: WebSudoManager
        Marks the request as a request for a WebSudo resource.
        Specified by:
        markWebSudoRequest in interface WebSudoManager
        Parameters:
        request - the current HttpServletRequest

      • isWebSudoRequest

        public boolean isWebSudoRequest​(javax.servlet.http.HttpServletRequest request)
        Description copied from interface: WebSudoManager
        Checks if the request is a WebSudo request.
        Specified by:
        isWebSudoRequest in interface WebSudoManager
        Parameters:
        request - the current HttpServletRequest
        Returns:
        true if the current request is requesting a WebSudo protected web resource, false otherwise.

      • invalidateSession

        public void invalidateSession​(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
        Description copied from interface: WebSudoManager
        Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.
        Specified by:
        invalidateSession in interface WebSudoManager
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse