public class

IndependentXsrfTokenValidator

extends Object
implements XsrfTokenValidator
java.lang.Object
   ↳ com.atlassian.sal.core.xsrf.IndependentXsrfTokenValidator

Class Overview

XSRF token validator that manages its own tokens, not using the underlying applications XSRF tokens

Summary

Constants
String XSRF_PARAM_NAME
Public Constructors
IndependentXsrfTokenValidator(XsrfTokenAccessor accessor)
Public Methods
String getXsrfParameterName()
Returns the name of the http parameter name that is used to store the xsrf token in the form.
boolean validateFormEncodedToken(HttpServletRequest request)
Validate a form encoded token.
[Expand]
Inherited Methods
From class java.lang.Object
From interface com.atlassian.sal.api.xsrf.XsrfTokenValidator

Constants

public static final String XSRF_PARAM_NAME

Constant Value: "atl_token"

Public Constructors

public IndependentXsrfTokenValidator (XsrfTokenAccessor accessor)

Public Methods

public String getXsrfParameterName ()

Returns the name of the http parameter name that is used to store the xsrf token in the form.

Returns
  • the name of the http parameter name

public boolean validateFormEncodedToken (HttpServletRequest request)

Validate a form encoded token. Will first read the token from the cookie and then validate

Parameters
request the request that contains the token.
Returns
  • true if the token in the request matches the one in the cookie