com.atlassian.seraph.config

Interface SecurityConfig

All Known Implementing Classes:

SecurityConfigImpl

public interface SecurityConfig

Represents the configuration of Seraph.

Field Summary

Fields

Modifier and Type	Field and Description
static String	BASIC_AUTH
static String	STORAGE_KEY

Method Summary

Modifier and Type	Method and Description
void	destroy()
AuthenticationContext	getAuthenticationContext()
Authenticator	getAuthenticator()
String	getAuthType()
int	getAutoLoginCookieAge()
SecurityController	getController()
ElevatedSecurityGuard	getElevatedSecurityGuard()
<T extends Interceptor> List<T>	getInterceptors(Class<T> desiredInterceptorClass)
List<String>	getInvalidateSessionExcludeList() When sessions are invalidated upon login, sometimes there are session attributes that should be excluded from the new session.
List<String>	getInvalidateWebsudoSessionExcludeList() When sessions are invalidated upon websudo, sometimes there are session attributes that should be excluded from the new session.
String	getLinkLoginURL()
String	getLoginCookieKey() The name of the remember me cookie
String	getLoginCookiePath()
String	getLoginForwardPath() Returns the login forward path.
String	getLoginURL()
String	getLoginURL(boolean forUserRole, boolean forPageCaps)
String	getLogoutURL()
String	getOriginalURLKey()
RedirectPolicy	getRedirectPolicy() Returns the configured RedirectPolicy, or the default if none is configured.
RememberMeService	getRememberMeService()
RoleMapper	getRoleMapper()
List<SecurityService>	getServices()
String	getWebsudoRequestKey() The name of the websudo request
boolean	isInsecureCookie() returns true if the remember me cookie should never be set to secure
boolean	isInvalidateSessionOnLogin() Whether the session (and the JSESSIONID) should be thrown away and replaced on successful login to prevent session fixation.
boolean	isInvalidateSessionOnWebsudo() Whether the session (and the JSESSIONID) should be thrown away and replaced on successful websudo to prevent session fixation.

Field Detail

STORAGE_KEY

static final String STORAGE_KEY

See Also:

Constant Field Values

BASIC_AUTH

static final String BASIC_AUTH

See Also:

Constant Field Values

Method Detail

getServices

List<SecurityService> getServices()

getLoginURL

String getLoginURL()

getLoginURL

String getLoginURL(boolean forUserRole,
                   boolean forPageCaps)

getLoginForwardPath

String getLoginForwardPath()

Returns the login forward path. This is the path to forward to when the user tries to POST to a protected resource (rather than clicking on an explicit login link). Note that this is done using a servlet FORWARD, not a redirect. Information about the original request can be gotten from the javax.servlet.forward.* request attributes.

At this point you will probably want to save the user's POST params so he can log in again and retry the POST.

Defaults to null, in which case Seraph will just do a redirect instead of a FORWARD.

Returns:

a String containing the login forward path, or null

getLinkLoginURL

String getLinkLoginURL()

getLogoutURL

String getLogoutURL()

getOriginalURLKey

String getOriginalURLKey()

getAuthenticator

Authenticator getAuthenticator()

Returns:

the Authenticator in play

getAuthenticationContext

AuthenticationContext getAuthenticationContext()

Returns:

the AuthenticationContext in play

getController

SecurityController getController()

Returns:

the SecurityController in play

getRoleMapper

RoleMapper getRoleMapper()

Returns:

the RoleMapper in play

getElevatedSecurityGuard

ElevatedSecurityGuard getElevatedSecurityGuard()

Returns:

the ElevatedSecurityGuard in play

getRememberMeService

RememberMeService getRememberMeService()

Returns:

the RememberMeService in play

getRedirectPolicy

RedirectPolicy getRedirectPolicy()

Returns the configured RedirectPolicy, or the default if none is configured. Will never return null.

Returns:

The configured RedirectPolicy, or the default if none is configured.

getInterceptors

<T extends Interceptor> List<T> getInterceptors(Class<T> desiredInterceptorClass)

destroy

void destroy()

getLoginCookiePath

String getLoginCookiePath()

Returns:

the path that should be applied to the cookie

getLoginCookieKey

String getLoginCookieKey()

The name of the remember me cookie

getWebsudoRequestKey

String getWebsudoRequestKey()

The name of the websudo request

isInsecureCookie

boolean isInsecureCookie()

returns true if the remember me cookie should never be set to secure

getAutoLoginCookieAge

int getAutoLoginCookieAge()

Returns:

the maximum age of the remember me cookie

getAuthType

String getAuthType()

isInvalidateSessionOnLogin

boolean isInvalidateSessionOnLogin()

Whether the session (and the JSESSIONID) should be thrown away and replaced on successful login to prevent session fixation.

Returns:

true only if Seraph has been explicitly configured to turn on session invalidation on login.

isInvalidateSessionOnWebsudo

boolean isInvalidateSessionOnWebsudo()

Whether the session (and the JSESSIONID) should be thrown away and replaced on successful websudo to prevent session fixation.

Returns:

true only if Seraph has been explicitly configured to turn on session invalidation on login.

getInvalidateSessionExcludeList

List<String> getInvalidateSessionExcludeList()

When sessions are invalidated upon login, sometimes there are session attributes that should be excluded from the new session. List any session attribute keys here that should be excluded from the new session after login.

Returns:

a list of session attribute keys to be excluded from the newly invalidated session.

getInvalidateWebsudoSessionExcludeList

List<String> getInvalidateWebsudoSessionExcludeList()

When sessions are invalidated upon websudo, sometimes there are session attributes that should be excluded from the new session. List any session attribute keys here that should be excluded from the new session after websudo.

Returns:

a list of session attribute keys to be excluded from the newly invalidated session.