Package com.atlassian.confluence.security.websudo

Class WebSudoIPAllowListManager

java.lang.Object
com.atlassian.confluence.security.websudo.WebSudoIPAllowListManager
public class WebSudoIPAllowListManager extends Object
This class allows to check if the client's IP address is in the IP allowlist for websudo action
Since:
8.9

  • Field Details

    • WEBSUDO_ALLOWLIST_ENABLED_PROPERTY

      public static final String WEBSUDO_ALLOWLIST_ENABLED_PROPERTY
      Name of system property which is used to enabled or disable IP allowlist for websudo action
      See Also:

    • WEBSUDO_ALLOWLIST_IP_PROPERTY

      public static final String WEBSUDO_ALLOWLIST_IP_PROPERTY
      Name of system property which is used to provide list of allowed IPs for websudo action
      See Also:

    • WEBSUDO_ALLOWLIST_CIDR_PROPERTY

      public static final String WEBSUDO_ALLOWLIST_CIDR_PROPERTY
      Name of system property which is used to provide list of allowed CIDRs for websudo action
      See Also:

    • REMOTE_IP_HEADER_PROPERTY

      public static final String REMOTE_IP_HEADER_PROPERTY
      Name of system property which is used to provide name of the request header which is used as source of client's IP address
      See Also:

  • Constructor Details

    • WebSudoIPAllowListManager

      public WebSudoIPAllowListManager(com.atlassian.config.ApplicationConfiguration applicationConfiguration)

  • Method Details

    • isAllowed

      public IPAllowListValidationResult isAllowed(javax.servlet.http.HttpServletRequest request)
      Check if the user's IP address is in the allowlist.
      Parameters:
      request - the request
      Returns:
      instance of IPAllowListValidationResult as validation result which returns true in IPAllowListValidationResult.isAllowed() if the user's IP address is in the allowlist, false otherwise along with the IP address for validation and the header from which the IP address is read