Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.seraph.service.rememberme
Class DefaultRememberMeConfiguration

java.lang.Object
  extended by com.atlassian.seraph.service.rememberme.DefaultRememberMeConfiguration
All Implemented Interfaces:
RememberMeConfiguration
public class DefaultRememberMeConfiguration
extends Object
implements RememberMeConfiguration

This default implementation of RememberMeConfiguration

Field Summary
static int TWO_WEEKS
           
 
Constructor Summary
DefaultRememberMeConfiguration()
           
DefaultRememberMeConfiguration(SecurityConfig config)
           
 
Method Summary
 String getCookieDomain(javax.servlet.http.HttpServletRequest httpServletRequest)
           
 int getCookieMaxAgeInSeconds()
           
 String getCookieName()
           
 String getCookiePath(javax.servlet.http.HttpServletRequest httpServletRequest)
           
 boolean isCookieHttpOnly(javax.servlet.http.HttpServletRequest httpServletRequest)
          By default we take the conservative route and not use HttpOnly cookies.
 boolean isInsecureCookieAlwaysUsed()
          This app may needs to determine this.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

TWO_WEEKS

public static final int TWO_WEEKS
See Also:
Constant Field Values
Constructor Detail

DefaultRememberMeConfiguration

public DefaultRememberMeConfiguration()

DefaultRememberMeConfiguration

public DefaultRememberMeConfiguration(SecurityConfig config)
Method Detail

isInsecureCookieAlwaysUsed

public boolean isInsecureCookieAlwaysUsed()
This app may needs to determine this. See JRA-10508. By default we load it from the same place that Serpah uses for backwards compatibility.

Specified by:
isInsecureCookieAlwaysUsed in interface RememberMeConfiguration
Returns:
true if Cookie.setSecure(boolean) should be called with true

isCookieHttpOnly

public boolean isCookieHttpOnly(javax.servlet.http.HttpServletRequest httpServletRequest)
By default we take the conservative route and not use HttpOnly cookies. However an application can decide to make it more secure and return true. We had initial troubles in JIRA and hence we took the conservative route. Eventually we want to get around these problems

Specified by:
isCookieHttpOnly in interface RememberMeConfiguration
Parameters:
httpServletRequest - the request in play
Returns:

getCookieName

public String getCookieName()
Specified by:
getCookieName in interface RememberMeConfiguration
Returns:
the name of the cookie to look into for remember me information

getCookieMaxAgeInSeconds

public int getCookieMaxAgeInSeconds()
Specified by:
getCookieMaxAgeInSeconds in interface RememberMeConfiguration
Returns:
the age in seconds for the remember me cookie

getCookieDomain

public String getCookieDomain(javax.servlet.http.HttpServletRequest httpServletRequest)
Specified by:
getCookieDomain in interface RememberMeConfiguration
Parameters:
httpServletRequest - the request in play
Returns:
the domain that should be used when writing the remember me cookie

getCookiePath

public String getCookiePath(javax.servlet.http.HttpServletRequest httpServletRequest)
Specified by:
getCookiePath in interface RememberMeConfiguration
Parameters:
httpServletRequest - the request in play
Returns:
the path that should be used when writing the remember me cookie
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013 Atlassian. All Rights Reserved.