Class ConfluenceElevatedSecurityGuard

  extended by
All Implemented Interfaces:
com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard, com.atlassian.seraph.Initable

public class ConfluenceElevatedSecurityGuard
extends Object
implements com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard

Confluence specific implementation of the Seraph ElevatedSecurityGuard.

NOTE : This class is instantiated by Seraph at servlet context initialisation time hence it cannot have its dependencies injected.

Field Summary
Constructor Summary
          Seraph needs the default constructor
Method Summary
 void init(Map<String,String> params, com.atlassian.seraph.config.SecurityConfig config)
 void onFailedLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)
 void onSuccessfulLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)
 boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)
          This will be called to perform an elevated security check for a given user name.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail


public static final String ELEVATED_SECURITY_FAILURE
See Also:
Constant Field Values
Constructor Detail


public ConfluenceElevatedSecurityGuard()
Seraph needs the default constructor

Method Detail


public boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
                                            String userName)
This will be called to perform an elevated security check for a given user name. Its up to the implementor to decide what if any tests needs to be done. It should return true if the authentication can proceed.

Specified by:
performElevatedSecurityCheck in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
httpServletRequest - the HTTP request in play
userName - the name of the user to get login information about
true if the user passed the elevated security check or false if not. If you dont want any elevated security checks done then always return true.


public void onFailedLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
                                 String userName)
Specified by:
onFailedLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard


public void onSuccessfulLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
                                     String userName)
Specified by:
onSuccessfulLoginAttempt in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard


public void init(Map<String,String> params,
                 com.atlassian.seraph.config.SecurityConfig config)
Specified by:
init in interface com.atlassian.seraph.Initable

Copyright © 2003-2012 Atlassian. All Rights Reserved.