Package com.atlassian.confluence.security.websudo

Class DefaultWebSudoManager

java.lang.Object
com.atlassian.confluence.security.websudo.DefaultWebSudoManager
All Implemented Interfaces:
WebSudoManager
public class DefaultWebSudoManager extends Object implements WebSudoManager
See WebSudoManager for further documentation.

  • Constructor Details

    • DefaultWebSudoManager

      public DefaultWebSudoManager(GlobalSettingsManager settingsManager)
      Since:
      9.3

    • DefaultWebSudoManager

      @Deprecated(forRemoval=true, since="9.3") public DefaultWebSudoManager(SettingsManager settingsManager)
      Deprecated, for removal: This API element is subject to removal in a future version.
      since 9.3

  • Method Details

    • isEnabled

      public boolean isEnabled()
      Specified by:
      isEnabled in interface WebSudoManager
      Returns:
      true if WebSudo is enabled, false otherwise.

    • isElevatedDefaultPath

      public static boolean isElevatedDefaultPath(String servletPath)

    • matches

      public boolean matches(String requestServletPath, Class<?> actionClass, Method method)
      Description copied from interface: WebSudoManager
      Check if the action method should be WebSudo protected for the given requestServletPath.
      Specified by:
      matches in interface WebSudoManager
      Parameters:
      requestServletPath - - the requestServletPath for this action method
      actionClass - - the current action class
      method - - the action method that is executed
      Returns:
      true if the action method should be WebSudo protected, false otherwise.

    • hasValidSession

      public boolean hasValidSession(javax.servlet.http.HttpSession session)
      Description copied from interface: WebSudoManager
      Check if this is a valid WebSudo session.
      Specified by:
      hasValidSession in interface WebSudoManager
      Parameters:
      session - the current HttpSession. Can be null
      Returns:
      true if the HttpSession is a WebSudo session.

    • startSession

      public void startSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Description copied from interface: WebSudoManager
      Start a new WebSudo session. Creates a new HttpSession if necessary.
      Specified by:
      startSession in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      response - the current HttpServletResponse

    • markWebSudoRequest

      public void markWebSudoRequest(javax.servlet.http.HttpServletRequest request)
      Description copied from interface: WebSudoManager
      Marks the request as a request for a WebSudo resource.
      Specified by:
      markWebSudoRequest in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest

    • isWebSudoRequest

      public boolean isWebSudoRequest(javax.servlet.http.HttpServletRequest request)
      Description copied from interface: WebSudoManager
      Checks if the request is a WebSudo request.
      Specified by:
      isWebSudoRequest in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      Returns:
      true if the current request is requesting a WebSudo protected web resource, false otherwise.

    • invalidateSession

      public void invalidateSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Description copied from interface: WebSudoManager
      Invalidate the current WebSudo session. This does NOT invalidate the HttpSession.
      Specified by:
      invalidateSession in interface WebSudoManager
      Parameters:
      request - the current HttpServletRequest
      response - the current HttpServletResponse

    • buildAuthenticationRedirectUri

      public URI buildAuthenticationRedirectUri(javax.servlet.http.HttpServletRequest request)
      Specified by:
      buildAuthenticationRedirectUri in interface WebSudoManager

    • canExecuteRequest

      public boolean canExecuteRequest(javax.servlet.http.HttpServletRequest httpServletRequest)
      Specified by:
      canExecuteRequest in interface WebSudoManager
      See Also:
      • WebSudoManager.canExecuteRequest(HttpServletRequest)

    • enforceWebSudoProtection

      public void enforceWebSudoProtection(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
      Specified by:
      enforceWebSudoProtection in interface WebSudoManager
      Throws:
      IOException
      See Also:
      • WebSudoManager.enforceWebSudoProtection(HttpServletRequest, HttpServletResponse)