Package com.emc.documentum.rest.security.csrf

Class CSRFHandler

java.lang.Object
com.emc.documentum.rest.security.csrf.CSRFHandler
public class CSRFHandler extends Object
The CSRF token handler as a Spring bean

  • Constructor Details

    • CSRFHandler

      public CSRFHandler()

  • Method Details

    • getCSRFHeaderName

      public String getCSRFHeaderName()
      Get CSRF header name setting from runtime properties.
      Returns:
      CSRF header name

    • getCSRFQueryName

      public String getCSRFQueryName()
      Get CSRF query name setting from runtime properties.
      Returns:
      CSRF query name

    • isCSRFProtectionEnabled

      public Boolean isCSRFProtectionEnabled()
      Check whether CSRF is enabled.
      Returns:
      true if CSRF is enabled; false for otherwise

    • setCSRFResponse

      public void setCSRFResponse(ClientToken ct, jakarta.servlet.http.HttpServletResponse response)
      Set CSRF response headers from the client token.
      Parameters:
      ct - client token
      response - servlet response

    • validateCSRFRequest

      public void validateCSRFRequest(ClientToken ct, jakarta.servlet.http.HttpServletRequest request)
      Validate CSRF token for the request by comparing to the client token.
      Parameters:
      ct - client token
      request - servlet request

    • delaySetCSRFToken

      public void delaySetCSRFToken(ClientToken ct, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Delay set CSRF token and parameter names to the client token.
      Parameters:
      ct - client token
      request - servlet request
      response - servlet response

    • handleCSRFException

      public void handleCSRFException(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Exception e)
      Handle CSRF exceptions.
      Parameters:
      request - servlet request
      response - servlet response
      e - CSRF exception