Package com.atlassian.confluence.security.websudo

Class DefaultWebSudoManager

java.lang.Object
com.atlassian.confluence.security.websudo.DefaultWebSudoManager
All Implemented Interfaces:
WebSudoManager
public class DefaultWebSudoManager extends Object implements WebSudoManager
See WebSudoManager for further documentation.

  • Constructor Details

  • Method Details

    • isEnabled

      public boolean isEnabled()
      Specified by:
      isEnabled in interface WebSudoManager
      Returns:
      true if WebSudo is enabled, false otherwise.

    • isElevatedDefaultPath

      public static boolean isElevatedDefaultPath(String servletPath)

    • matches

      public boolean matches(String requestServletPath, Class<?> actionClass, Method method)
      Description copied from interface: WebSudoManager
      Check if a Class method should be WebSudo protected for a given request servlet path
      Specified by:
      matches in interface WebSudoManager
      Parameters:
      requestServletPath - the request servlet path
      actionClass - Action or Servlet class
      method - Name of method on class being executed
      Returns:
      true if the Class method should be WebSudo protected, false otherwise.

    • hasValidSession

      public boolean hasValidSession(jakarta.servlet.http.HttpSession session)
      Description copied from interface: WebSudoManager
      Check if this is a valid WebSudo session.
      Specified by:
      hasValidSession in interface WebSudoManager
      Parameters:
      session - the current HttpSession. Can be null
      Returns:
      true if the HttpSession is a WebSudo session.

    • startSession

      public void startSession(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: WebSudoManager
      Start a new WebSudo session. Creates a new HttpSession if necessary.
      Specified by:
      startSession in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      response - the current HttpServletResponse

    • markWebSudoRequest

      public void markWebSudoRequest(jakarta.servlet.http.HttpServletRequest request)
      Description copied from interface: WebSudoManager
      Marks the request as a request for a WebSudo resource.
      Specified by:
      markWebSudoRequest in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest

    • isWebSudoRequest

      public boolean isWebSudoRequest(jakarta.servlet.http.HttpServletRequest request)
      Description copied from interface: WebSudoManager
      Checks if the request is a WebSudo request.
      Specified by:
      isWebSudoRequest in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      Returns:
      true if the current request is requesting a WebSudo protected web resource, false otherwise.

    • invalidateSession

      public void invalidateSession(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: WebSudoManager
      Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.
      Specified by:
      invalidateSession in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      response - the current HttpServletResponse

    • buildAuthenticationRedirectUri

      public URI buildAuthenticationRedirectUri(jakarta.servlet.http.HttpServletRequest request)
      Specified by:
      buildAuthenticationRedirectUri in interface WebSudoManager

    • canExecuteRequest

      public boolean canExecuteRequest(jakarta.servlet.http.HttpServletRequest httpServletRequest)
      Specified by:
      canExecuteRequest in interface WebSudoManager
      See Also:
      • WebSudoManager.canExecuteRequest(HttpServletRequest)

    • enforceWebSudoProtection

      public void enforceWebSudoProtection(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException
      Specified by:
      enforceWebSudoProtection in interface WebSudoManager
      Throws:
      IOException
      See Also:
      • WebSudoManager.enforceWebSudoProtection(HttpServletRequest, HttpServletResponse)