com.atlassian.confluence.security.websudo
Interface WebSudoManager

All Known Implementing Classes:
DefaultWebSudoManager

public interface WebSudoManager

Manages the WebSudo related access to Request, Response and Session objects and provides a method to determine if an XWork action should be treated as a WebSudo resource (matches(String, Class, java.lang.reflect.Method).


Method Summary
 boolean hasValidSession(javax.servlet.http.HttpSession session)
          Check if this is a valid WebSudo session.
 void invalidateSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Invalidate the current WebSudo session.
 boolean isEnabled()
           
 boolean isWebSudoRequest(javax.servlet.http.HttpServletRequest request)
          Checks if the request is a WebSudo request.
 void markWebSudoRequest(javax.servlet.http.HttpServletRequest request)
          Marks the request as a request for a WebSudo resource.
 boolean matches(String requestURI, Class<? extends com.opensymphony.xwork.Action> actionClass, Method method)
          Check if the action method should be WebSudo protected for the given requestURI.
 void startSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Start a new WebSudo session.
 

Method Detail

isEnabled

boolean isEnabled()
Returns:
true if WebSudo is enabled, false otherwise.

matches

boolean matches(String requestURI,
                Class<? extends com.opensymphony.xwork.Action> actionClass,
                Method method)
Check if the action method should be WebSudo protected for the given requestURI.

Parameters:
requestURI - - the requestURI for this action method
actionClass - - the current action class
method - - the action method that is executed
Returns:
true if the action method should be WebSudo protected, false otherwise.

hasValidSession

boolean hasValidSession(@Nullable
                        javax.servlet.http.HttpSession session)
Check if this is a valid WebSudo session.

Parameters:
session - the current HttpSession. Can be null
Returns:
true if the HttpSession is a WebSudo session.

isWebSudoRequest

boolean isWebSudoRequest(@Nullable
                         javax.servlet.http.HttpServletRequest request)
Checks if the request is a WebSudo request.

Parameters:
request - the current HttpServletRequest
Returns:
true if the current request is requesting a WebSudo protected web resource, false otherwise.
Since:
3.4

startSession

void startSession(javax.servlet.http.HttpServletRequest request,
                  javax.servlet.http.HttpServletResponse response)
Start a new WebSudo session. Creates a new HttpSession if necessary.

Parameters:
request - the current HttpServletRequest
response - the current HttpServletResponse
Since:
3.4

markWebSudoRequest

void markWebSudoRequest(@Nullable
                        javax.servlet.http.HttpServletRequest request)
Marks the request as a request for a WebSudo resource.

Parameters:
request - the current HttpServletRequest
Since:
3.4

invalidateSession

void invalidateSession(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response)
Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.

Parameters:
request - the current HttpServletRequest
response - the current HttpServletResponse
Since:
3.4


Copyright © 2003-2011 Atlassian. All Rights Reserved.