com.agapsys.security.web

Class SessionCsrfSecurityManager

java.lang.Object

com.agapsys.security.SecurityManager

com.agapsys.security.web.WebSecurityManager

com.agapsys.security.web.SessionSecurityManager

com.agapsys.security.web.SessionCsrfSecurityManager

public class SessionCsrfSecurityManager
extends SessionSecurityManager

Author:

Leandro Oliveira (leandro@agapsys.com)

Field Summary

Fields

Modifier and Type	Field and Description
static String	CSRF_HEADER Name of the header used to send/retrieve a CSRF token.

Constructor Summary

Constructors

Constructor and Description
SessionCsrfSecurityManager()

Method Summary

Modifier and Type	Method and Description
protected boolean	isAllowed(javax.servlet.http.HttpServletRequest request)
void	setCurrentUser(User user)
void	unregisterCurrentUser()

Methods inherited from class com.agapsys.security.web.SessionSecurityManager

getCurrentUser

Methods inherited from class com.agapsys.security.web.WebSecurityManager

getRequest, getResponse, isAllowed, onNotAllowed

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CSRF_HEADER

public static final String CSRF_HEADER

Name of the header used to send/retrieve a CSRF token.

See Also:

Constant Field Values

Constructor Detail

SessionCsrfSecurityManager

public SessionCsrfSecurityManager()

Method Detail

isAllowed

protected boolean isAllowed(javax.servlet.http.HttpServletRequest request)

Overrides:

isAllowed in class WebSecurityManager

setCurrentUser

public void setCurrentUser(User user)

Overrides:

setCurrentUser in class SessionSecurityManager

unregisterCurrentUser

public void unregisterCurrentUser()

Overrides:

unregisterCurrentUser in class SessionSecurityManager