com.atlassian.jira.security.websudo
Interface InternalWebSudoManager

All Known Implementing Classes:
InternalWebSudoManagerImpl

public interface InternalWebSudoManager

Manages the WebSudo related access to Request, Response and Session objects and provides a method to determine if an XWork action should be treated as a WebSudo resource (#matches(Class.


Method Summary
 boolean hasValidSession(javax.servlet.http.HttpSession session)
          Check if this is a valid WebSudo session.
 void invalidateSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Invalidate the current WebSudo session.
 boolean isEnabled()
           
 boolean isWebSudoRequest(javax.servlet.http.HttpServletRequest request)
          Checks if the request is a WebSudo request.
 void markWebSudoRequest(javax.servlet.http.HttpServletRequest request)
          Marks the request as a request for a WebSudo resource.
 boolean matches(Class<? extends webwork.action.Action> actionClass)
          Check if the action method should be WebSudo protected for the given requestURI.
 void startSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Start a new WebSudo session.
 

Method Detail

isEnabled

boolean isEnabled()
Returns:
true if WebSudo is enabled, false otherwise.

matches

boolean matches(Class<? extends webwork.action.Action> actionClass)
Check if the action method should be WebSudo protected for the given requestURI.

Parameters:
actionClass - - the current action class
Returns:
true if the action method should be WebSudo protected, false otherwise.

hasValidSession

boolean hasValidSession(@Nullable
                        javax.servlet.http.HttpSession session)
Check if this is a valid WebSudo session.

Parameters:
session - the current HttpSession. Can be null
Returns:
true if the HttpSession is a WebSudo session.

isWebSudoRequest

boolean isWebSudoRequest(@Nullable
                         javax.servlet.http.HttpServletRequest request)
Checks if the request is a WebSudo request.

Parameters:
request - the current HttpServletRequest
Returns:
true if the current request is requesting a WebSudo protected web resource, false otherwise.
Since:
3.4

startSession

void startSession(javax.servlet.http.HttpServletRequest request,
                  javax.servlet.http.HttpServletResponse response)
Start a new WebSudo session. Creates a new HttpSession if necessary.

Parameters:
request - the current HttpServletRequest
response - the current HttpServletResponse
Since:
3.4

markWebSudoRequest

void markWebSudoRequest(@Nullable
                        javax.servlet.http.HttpServletRequest request)
Marks the request as a request for a WebSudo resource.

Parameters:
request - the current HttpServletRequest
Since:
3.4

invalidateSession

void invalidateSession(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response)
Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.

Parameters:
request - the current HttpServletRequest
response - the current HttpServletResponse
Since:
3.4


Copyright © 2002-2014 Atlassian. All Rights Reserved.