org.craftercms.security.utils

Class SecurityUtils

java.lang.Object

org.craftercms.security.utils.SecurityUtils

public class SecurityUtils
extends Object

Contains security utility methods.

Author:

Alfonso Vásquez

Field Summary

Fields

Modifier and Type	Field and Description
static String	ACCESS_DENIED_EXCEPTION_SESSION_ATTRIBUTE
static String	AUTHENTICATION_EXCEPTION_SESSION_ATTRIBUTE
static String	AUTHENTICATION_REQUEST_ATTRIBUTE_NAME
static String	BAD_CREDENTIALS_EXCEPTION_SESSION_ATTRIBUTE
static String	PROFILE_LAST_MODIFIED_COOKIE_NAME
static String	TENANT_REQUEST_ATTRIBUTE_NAME
static String	TICKET_COOKIE_NAME

Method Summary

Modifier and Type	Method and Description
static Authentication	getAuthentication(javax.servlet.http.HttpServletRequest request) Returns the authentication attribute from the specified request.
static Authentication	getCurrentAuthentication() Returns the authentication attribute from the current request.
static Profile	getCurrentProfile() Returns the profile from authentication attribute from the current request.
static Profile	getProfile(javax.servlet.http.HttpServletRequest request) Returns the profile from authentication attribute from the specified request.
static Long	getProfileLastModifiedCookie(javax.servlet.http.HttpServletRequest request) Returns the last modified timestamp cookie from the request.
static String	getTicketCookie(javax.servlet.http.HttpServletRequest request) Returns the ticket cookie value from the request.
static void	removeAuthentication(javax.servlet.http.HttpServletRequest request) Removes the authentication attribute from the specified request.
static void	removeCurrentAuthentication() Removes the authentication attribute from the current request.
static void	setAuthentication(javax.servlet.http.HttpServletRequest request, Authentication authentication) Sets the authentication attribute in the specified request.
static void	setCurrentAuthentication(Authentication authentication) Sets the authentication attribute in the current request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTHENTICATION_EXCEPTION_SESSION_ATTRIBUTE

public static final String AUTHENTICATION_EXCEPTION_SESSION_ATTRIBUTE

See Also:

Constant Field Values

BAD_CREDENTIALS_EXCEPTION_SESSION_ATTRIBUTE

public static final String BAD_CREDENTIALS_EXCEPTION_SESSION_ATTRIBUTE

See Also:

Constant Field Values

ACCESS_DENIED_EXCEPTION_SESSION_ATTRIBUTE

public static final String ACCESS_DENIED_EXCEPTION_SESSION_ATTRIBUTE

See Also:

Constant Field Values

TICKET_COOKIE_NAME

public static final String TICKET_COOKIE_NAME

See Also:

Constant Field Values

PROFILE_LAST_MODIFIED_COOKIE_NAME

public static final String PROFILE_LAST_MODIFIED_COOKIE_NAME

See Also:

Constant Field Values

TENANT_REQUEST_ATTRIBUTE_NAME

public static final String TENANT_REQUEST_ATTRIBUTE_NAME

See Also:

Constant Field Values

AUTHENTICATION_REQUEST_ATTRIBUTE_NAME

public static final String AUTHENTICATION_REQUEST_ATTRIBUTE_NAME

See Also:

Constant Field Values

Method Detail

getTicketCookie

public static String getTicketCookie(javax.servlet.http.HttpServletRequest request)

Returns the ticket cookie value from the request.

Parameters:

request - the request where to retrieve the ticket from

Returns:

the ticket

getProfileLastModifiedCookie

public static Long getProfileLastModifiedCookie(javax.servlet.http.HttpServletRequest request)

Returns the last modified timestamp cookie from the request.

Parameters:

request - the request where to retrieve the last modified timestamp from

Returns:

the last modified timestamp of the authenticated profile

getCurrentAuthentication

public static Authentication getCurrentAuthentication()

Returns the authentication attribute from the current request.

Returns:

the authentication object

setCurrentAuthentication

public static void setCurrentAuthentication(Authentication authentication)

Sets the authentication attribute in the current request.

Parameters:

authentication - the authentication object to set as request attribute

removeCurrentAuthentication

public static void removeCurrentAuthentication()

Removes the authentication attribute from the current request.

getAuthentication

public static Authentication getAuthentication(javax.servlet.http.HttpServletRequest request)

Returns the authentication attribute from the specified request.

Parameters:

request - the request where to get the attribute from

Returns:

the authentication object

setAuthentication

public static void setAuthentication(javax.servlet.http.HttpServletRequest request,
                                     Authentication authentication)

Sets the authentication attribute in the specified request.

Parameters:

request - the request where to add the attribute to

authentication - the authentication object to set as request attribute

removeAuthentication

public static void removeAuthentication(javax.servlet.http.HttpServletRequest request)

Removes the authentication attribute from the specified request.

Parameters:

request - the request where to remove the attribute from

getCurrentProfile

public static Profile getCurrentProfile()

Returns the profile from authentication attribute from the current request.

Returns:

the profile object, or null if there's no authentication

getProfile

public static Profile getProfile(javax.servlet.http.HttpServletRequest request)

Returns the profile from authentication attribute from the specified request.

Returns:

the profile object, or null if there's no authentication