com.atlassian.confluence.security.seraph
Class ConfluenceElevatedSecurityGuard
java.lang.Object
com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard
- All Implemented Interfaces:
- com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard, com.atlassian.seraph.Initable
public class ConfluenceElevatedSecurityGuard
- extends java.lang.Object
- implements com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
Confluence specific implementation of the Seraph ElevatedSecurityGuard
.
NOTE : This class is instantiated by Seraph at servlet context initialisation time hence it cannot have its
dependencies injected.
Method Summary |
void |
init(java.util.Map<java.lang.String,java.lang.String> params,
com.atlassian.seraph.config.SecurityConfig config)
|
void |
onFailedLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
|
void |
onSuccessfulLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
|
boolean |
performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
This will be called to perform an elevated security check for a given user name. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ELEVATED_SECURITY_FAILURE
public static final java.lang.String ELEVATED_SECURITY_FAILURE
- See Also:
- Constant Field Values
ConfluenceElevatedSecurityGuard
public ConfluenceElevatedSecurityGuard()
- Seraph needs the default constructor
performElevatedSecurityCheck
public boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
- This will be called to perform an elevated security check for a given user name. Its up to the implementor to
decide what if any tests needs to be done. It should return true if the authentication can proceed.
- Specified by:
performElevatedSecurityCheck
in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
- Parameters:
httpServletRequest
- the HTTP request in playuserName
- the name of the user to get login information about
- Returns:
- true if the user passed the elevated security check or false if not. If you dont want any elevated security
checks done then always return true.
onFailedLoginAttempt
public void onFailedLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
- Specified by:
onFailedLoginAttempt
in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
onSuccessfulLoginAttempt
public void onSuccessfulLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
java.lang.String userName)
- Specified by:
onSuccessfulLoginAttempt
in interface com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard
init
public void init(java.util.Map<java.lang.String,java.lang.String> params,
com.atlassian.seraph.config.SecurityConfig config)
- Specified by:
init
in interface com.atlassian.seraph.Initable
Copyright © 2003-2014 Atlassian. All Rights Reserved.