Index (Broadleaf Security Resource Common 1.4.0-GA API)

A B C D E G H I L N P R S T U V X
All Classes All Packages

A

authenticationUtils() - Method in class com.broadleafcommerce.resource.security.utils.autoconfigure.SecurityUtilsAutoConfiguration
AuthenticationUtils - Interface in com.broadleafcommerce.resource.security.utils.service: The common utility that contains some useful methods around Authentication.

B

buildAndThrowError(Object, List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for building and throwing an error message containing the list of fields with XSS violations.
buildErrorMessage(List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for building the error message string
buildServletInputStream(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for wrapping the processed input stream in a new ServletInputStream.

C

canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse
com.broadleafcommerce.resource.security - package com.broadleafcommerce.resource.security
com.broadleafcommerce.resource.security.utils.autoconfigure - package com.broadleafcommerce.resource.security.utils.autoconfigure
com.broadleafcommerce.resource.security.utils.service - package com.broadleafcommerce.resource.security.utils.service
com.broadleafcommerce.resource.security.xss.autoconfigure - package com.broadleafcommerce.resource.security.xss.autoconfigure
com.broadleafcommerce.resource.security.xss.filter - package com.broadleafcommerce.resource.security.xss.filter
com.broadleafcommerce.resource.security.xss.service - package com.broadleafcommerce.resource.security.xss.service
com.broadleafcommerce.resource.security.xss.service.dto - package com.broadleafcommerce.resource.security.xss.service.dto
com.broadleafcommerce.resource.security.xss.service.exception - package com.broadleafcommerce.resource.security.xss.service.exception
configure(HttpSecurity) - Method in interface com.broadleafcommerce.resource.security.SecurityEnhancer
convertMessageBodyToList(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Converts the provided string to a List.
convertMessageBodyToMap(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Converts the provided string to a Map.

D

DefaultAuthenticationUtils - Class in com.broadleafcommerce.resource.security.utils.service
DefaultAuthenticationUtils() - Constructor for class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
DefaultXSSProcessingOperationTypes - Enum in com.broadleafcommerce.resource.security.xss.service.dto: The default types of operations supported in XSSRequestProcessingService.
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
doSanitize(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Perform the XSS sanitization of a value
doSanitize(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Similar to XSSRequestProcessingService.doSanitize(String) but for an array of values.
doValidate(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Perform the validation by comparing a sanitized version of the value to a baseline sanitized version.
doValidate(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Similar to XSSRequestProcessingService.doValidate(String) but for an array of values.

E

equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

G

getAuthenticatedCsrUserId() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the id of the CSR user, if any.
getAuthenticatedCsrUserId() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCsrUsername() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the username of the CSR user, if any.
getAuthenticatedCsrUsername() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCustomerId() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the id of the authenticated customer, if any.
getAuthenticatedCustomerId() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCustomerSegmentIds() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the customer segment ids found on the authentication of the current security context.
getAuthenticatedCustomerSegmentIds() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedFullName() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the full name of the authenticated user, if any.
getAuthenticatedFullName() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedUsername() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the username of the authenticated user, if any.
getAuthenticatedUsername() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthentication() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieve the current Spring Authentication instance associated with the current flow, if any.
getAuthenticationAttributes() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the attributes on the current Authentication.
getAuthenticationAttributes() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getInputStream() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Responsible for processing the submitted data and performing any XSS validation before returning the stream in a new ServletInputStream.
getMessageBodyAsString(InputStream) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for converting a provided InputStream to a string
getParameter(String) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameter(java.lang.String).
getParameterMap() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getParameterNames() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameterNames().
getParameterValues(String) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameterValues(java.lang.String).
getPerformedOperationType() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: Reports the type of operation that was performed on the input.
getPolicy() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
getProcessedName() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field name.
getProcessedRequestParameterMap() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getProcessedValue() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field value.
getProcessingService() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
getRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
getSanitizedParameterName() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter name after sanitization.
getSanitizedParameterValues() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter value(s) after sanitization.
getXssRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter

H

handleRequestParameterValidationFailure(List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: The default behavior of this method is to throw an XSSRequestParameterValidationException with an error message that lists the parameters which failed validation.
handleXSSRequestParameterValidationException(XSSRequestParameterValidationException, WebRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

I

initialize() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
isError() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: Whether an XSS violation was detected.
isError() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: If validation was performed, this reports if an XSS violation was detected.
isFinished() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
isPerformValidation() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties: Indicates that requests should be validated for XSS violations.
isReady() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream

L

logDebug(Exception, WebRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor

N

NONE - com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates nothing was performed.
normalize(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Normalized the input value by removing spaces and semi-colons as the baseline sanitize does not perform formatting

P

processDeserializedBody(Object, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Processes the deserialized body.
ProcessedRequestParameterMapInitializer(XSSRequestService, HttpServletRequest) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
processField(String, String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given field and value against XSS sanitization.
processInputStream(ServletInputStream, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for processing the provided input stream to check for any XSS violations.
processRequestParameter(String, String[], HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given request parameter and its values.
processRequestParameters(HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for processing the provided request's parameters/values to check for any XSS violations.
processValue(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given value against XSS sanitization.

R

read() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
recurseAndProcessFields(String, Object, List<String>, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for recursively processing the passed in field information.

S

SANITIZATION - com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates sanitization was performed.
SecurityEnhancer - Interface in com.broadleafcommerce.resource.security: Impact the HttpSecurity setup before a ResourceServerConfigurerAdapter is invoked for final endpoint security configuration.
SecurityUtilsAutoConfiguration - Class in com.broadleafcommerce.resource.security.utils.autoconfigure
SecurityUtilsAutoConfiguration() - Constructor for class com.broadleafcommerce.resource.security.utils.autoconfigure.SecurityUtilsAutoConfiguration
setAttributesConverter(Converter<Authentication, Map<String, Object>>) - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
setError(boolean) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: Whether an XSS violation was detected.
setError(boolean) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: If validation was performed, this reports if an XSS violation was detected.
setPerformedOperationType(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: Reports the type of operation that was performed on the input.
setPerformValidation(boolean) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties: Indicates that requests should be validated for XSS violations.
setProcessedName(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field name.
setProcessedValue(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field value.
setReadListener(ReadListener) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
setSanitizedParameterName(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter name after sanitization.
setSanitizedParameterValues(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter value(s) after sanitization.
shouldSanitize(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the value for the provide field should be sanitized.
shouldSanitizeParameter(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the name/value for the provided request parameter should be sanitized for XSS.
shouldValidate(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the value for the provided field should be validated against XSS
shouldValidateParameter(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the name/value for the provided request parameter should be validated against XSS

T

toString() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
toString() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
toString() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

U

userIsAnonymous() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is anonymous.
userIsAnonymous() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsCSR() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is CSR.
userIsCSR() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsCSRAnonymous() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is CSR anonymous.
userIsCSRAnonymous() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils

V

VALIDATION - com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates validation was performed.
valueOf(String) - Static method in enum com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Returns the enum constant of this type with the specified name.
values() - Static method in enum com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Returns an array containing the constants of this enum type, in the order they are declared.

X

XSSAutoConfiguration - Class in com.broadleafcommerce.resource.security.xss.autoconfigure
XSSAutoConfiguration() - Constructor for class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSConfigurationProperties - Class in com.broadleafcommerce.resource.security.xss.autoconfigure
XSSConfigurationProperties() - Constructor for class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
xssExceptionAdvisor() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSExceptionAdvisor - Class in com.broadleafcommerce.resource.security.xss.service.exception: General exception handler registry for certain XSS-related exceptions.
XSSExceptionAdvisor() - Constructor for class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor
xssFilter(XSSConfigurationProperties, XSSRequestService) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSFilter - Class in com.broadleafcommerce.resource.security.xss.filter: Responsible for wrapping incoming HttpServletRequests with XSSRequestWrapper to ensure request bodies and parameters are free from XSS violations.
XSSFilter(XSSConfigurationProperties, XSSRequestService) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
XSSProcessingResponse - Class in com.broadleafcommerce.resource.security.xss.service.dto: A response object returned from the XSSRequestService after processing a request body.
XSSProcessingResponse() - Constructor for class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
XSSRequestParameterProcessingResponse - Class in com.broadleafcommerce.resource.security.xss.service.dto: A response object returned from the XSSRequestProcessingService after processing a request parameter and its value(s).
XSSRequestParameterProcessingResponse() - Constructor for class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse
XSSRequestParameterValidationException - Exception in com.broadleafcommerce.resource.security.xss.service.exception: An exception thrown when request parameters fail XSS validation.
XSSRequestParameterValidationException(String) - Constructor for exception com.broadleafcommerce.resource.security.xss.service.exception.XSSRequestParameterValidationException
xssRequestProcessingService(XSSConfigurationProperties) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSRequestProcessingService - Class in com.broadleafcommerce.resource.security.xss.service: Responsible for performing validation and sanitization on provided values.
XSSRequestProcessingService(PolicyFactory, XSSConfigurationProperties) - Constructor for class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
xssRequestService(XSSRequestProcessingService, XSSConfigurationProperties) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSRequestService - Class in com.broadleafcommerce.resource.security.xss.service: Responsible for handling input streams from XSSRequestWrappers and passing them through XSS validation / sanitization
XSSRequestService(XSSRequestProcessingService, XSSConfigurationProperties) - Constructor for class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
XSSRequestWrapper - Class in com.broadleafcommerce.resource.security.xss.filter: A wrapper class for HttpServletRequestWrapper that provides XSS validation and sanitization.
XSSRequestWrapper(HttpServletRequest, XSSConfigurationProperties, XSSRequestService) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Constructs a request object wrapping the given request.
XSSRequestWrapper.ProcessedRequestParameterMapInitializer - Class in com.broadleafcommerce.resource.security.xss.filter: This mechanism allows for thread-safe, lazy, one-time processing of all request parameters and their values rather than repeatedly within each parameter-related method.
XSSServletInputStream - Class in com.broadleafcommerce.resource.security.xss.filter: An extension of ServletInputStream used in conjunction with XSSRequestWrapper.
XSSServletInputStream(byte[]) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream

A B C D E G H I L N P R S T U V X
All Classes All Packages