org.silverpeas.util.security
Class SecuritySettings

java.lang.Object
  extended by org.silverpeas.util.security.SecuritySettings

public class SecuritySettings
extends Object

User: Yohann Chastagnier Date: 05/03/14


Constructor Summary
SecuritySettings()
           
 
Method Summary
static boolean isSessionTokenRenewEnabled()
          Is the renew of the synchronizer tokens used to protect a user session enabled?
static boolean isWebSecurityByTokensEnabled()
          Is the security mechanism based on the synchronizer token pattern enabled?
static boolean isWebSqlInjectionSecurityEnabled()
          Is the SQL injection security mechanism enabled?
static boolean isWebXssInjectionSecurityEnabled()
          Is the XSS injection security mechanism enabled?
static String skippedParametersAboutWebSqlInjectionSecurity()
          Indicates the parameters for which the SQL injection verification must be bypassed.
static String skippedParametersAboutWebXssInjectionSecurity()
          Indicates the parameters for which the XSS injection verification must be bypassed.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecuritySettings

public SecuritySettings()
Method Detail

isWebSqlInjectionSecurityEnabled

public static boolean isWebSqlInjectionSecurityEnabled()
Is the SQL injection security mechanism enabled?

Returns:
true if the security mechanism is enabled for Silverpeas, false otherwise.

skippedParametersAboutWebSqlInjectionSecurity

public static String skippedParametersAboutWebSqlInjectionSecurity()
Indicates the parameters for which the SQL injection verification must be bypassed.

Returns:
a regexp represented by a string.

isWebXssInjectionSecurityEnabled

public static boolean isWebXssInjectionSecurityEnabled()
Is the XSS injection security mechanism enabled?

Returns:
true if the security mechanism is enabled for Silverpeas, false otherwise.

skippedParametersAboutWebXssInjectionSecurity

public static String skippedParametersAboutWebXssInjectionSecurity()
Indicates the parameters for which the XSS injection verification must be bypassed.

Returns:
a regexp represented by a string.

isWebSecurityByTokensEnabled

public static boolean isWebSecurityByTokensEnabled()
Is the security mechanism based on the synchronizer token pattern enabled?

Returns:
true if the security mechanism is enabled for Silverpeas, false otherwise.

isSessionTokenRenewEnabled

public static boolean isSessionTokenRenewEnabled()
Is the renew of the synchronizer tokens used to protect a user session enabled?

Returns:
true if the renew of session tokens is enabled in Silverpeas, false otherwise.


Copyright © 2016 Silverpeas. All Rights Reserved.