Index (Broadleaf Security Resource Common 2.0.2-GA API)

A B C D E F G H I L M N P R S T U V X
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form

A

AccessTokenClaims - Class in com.broadleafcommerce.resource.security.utils.service: These claims are also used in access tokens.
ACCOUNT_ID - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: ID of the account the user is currently active in (this is typically for B2B).
ADMIN - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim for whether this authentication belongs to an admin user.
ADMIN_SCOPED_SERVICE_CLIENT - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim if the current token is for an admin-scoped service client.
AUTH_DETAILS_ADMIN_USER_ID_KEY - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The ID of the admin user.
authenticationUtils() - Method in class com.broadleafcommerce.resource.security.utils.autoconfigure.SecurityUtilsAutoConfiguration
AuthenticationUtils - Interface in com.broadleafcommerce.resource.security.utils.service: The common utility that contains some useful methods around Authentication.
AUTHORITIES - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim storing the authorities of the user.

B

BASIC - Static variable in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated.
buildAndThrowError(Object, List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for building and throwing an error message containing the list of fields with XSS violations.
buildErrorMessage(List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for building the error message string
buildServletInputStream(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for wrapping the processed input stream in a new ServletInputStream.

C

canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
canEqual(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse
com.broadleafcommerce.resource.security - package com.broadleafcommerce.resource.security
com.broadleafcommerce.resource.security.utils - package com.broadleafcommerce.resource.security.utils
com.broadleafcommerce.resource.security.utils.autoconfigure - package com.broadleafcommerce.resource.security.utils.autoconfigure
com.broadleafcommerce.resource.security.utils.compatibility - package com.broadleafcommerce.resource.security.utils.compatibility
com.broadleafcommerce.resource.security.utils.service - package com.broadleafcommerce.resource.security.utils.service
com.broadleafcommerce.resource.security.xss.autoconfigure - package com.broadleafcommerce.resource.security.xss.autoconfigure
com.broadleafcommerce.resource.security.xss.filter - package com.broadleafcommerce.resource.security.xss.filter
com.broadleafcommerce.resource.security.xss.service - package com.broadleafcommerce.resource.security.xss.service
com.broadleafcommerce.resource.security.xss.service.dto - package com.broadleafcommerce.resource.security.xss.service.dto
com.broadleafcommerce.resource.security.xss.service.exception - package com.broadleafcommerce.resource.security.xss.service.exception
CommonSecurityEnvironmentPostProcessor - Class in com.broadleafcommerce.resource.security.utils.autoconfigure
CommonSecurityEnvironmentPostProcessor() - Constructor for class com.broadleafcommerce.resource.security.utils.autoconfigure.CommonSecurityEnvironmentPostProcessor
configure(HttpSecurity) - Method in interface com.broadleafcommerce.resource.security.SecurityEnhancer
ConstantUtils - Class in com.broadleafcommerce.resource.security.utils.compatibility: Deprecated, for removal: This API element is subject to removal in a future version.
Temporary compatibility measure. Use equality check against org.springframework.security.oauth2.core.ClientAuthenticationMethod.CLIENT_SECRET_BASIC and org.springframework.security.oauth2.core.ClientAuthenticationMethod.CLIENT_SECRET_POST
convertMessageBodyToList(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Converts the provided string to a List.
convertMessageBodyToMap(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Converts the provided string to a Map.
CSR_ANONYMOUS - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim indicating that the CSR is impersonating an anonymous user.
CSR_ANONYMOUS_SUB_VALUE - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The value of the SessionTokenClaimKeys#SUBJECT when anonymously impersonated as a CSR.
CSR_CLIENT_ID - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim storing the CSR's client ID.
CSR_INHERITED_AUTHORITIES - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim storing the authorities inherited from the CSR.
CSR_SUBJECT - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim storing the CSR's subject.
CSR_USER_ID - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim storing the CSR's user ID.
CSR_USERNAME - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: Alias for AccessTokenClaims.CSR_SUBJECT.
CUSTOMER_ID - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: ID of the customer user if applicable.
CUSTOMER_SEGMENT_IDS - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: Claim containing the ids of the customer segments the active user is in.

D

DefaultAuthenticationUtils - Class in com.broadleafcommerce.resource.security.utils.service
DefaultAuthenticationUtils() - Constructor for class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
DefaultXSSProcessingOperationTypes - Enum Class in com.broadleafcommerce.resource.security.xss.service.dto: The default types of operations supported in XSSRequestProcessingService.
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
doSanitize(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Perform the XSS sanitization of a value
doSanitize(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Similar to XSSRequestProcessingService.doSanitize(String) but for an array of values.
doValidate(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Perform the validation by comparing a sanitized version of the value to a baseline sanitized version.
doValidate(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Similar to XSSRequestProcessingService.doValidate(String) but for an array of values.

E

equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
equals(Object) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

F

FULL_NAME - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The user's full name.

G

getAuthenticatedAccountId() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the account id found on the authentication of the current security context.
getAuthenticatedAccountId() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCsrUserId() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the id of the CSR user, if any.
getAuthenticatedCsrUserId() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCsrUsername() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the username of the CSR user, if any.
getAuthenticatedCsrUsername() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCustomerId() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the id of the authenticated customer, if any.
getAuthenticatedCustomerId() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedCustomerSegmentIds() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the customer segment ids found on the authentication of the current security context.
getAuthenticatedCustomerSegmentIds() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedFullName() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the full name of the authenticated user, if any.
getAuthenticatedFullName() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedParentAccountIds() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves a list of all parent account ids of the AuthenticationUtils.getAuthenticatedAccountId().
getAuthenticatedParentAccountIds() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthenticatedUsername() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the username of the authenticated user, if any.
getAuthenticatedUsername() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getAuthentication() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieve the current Spring Authentication instance associated with the current flow, if any.
getAuthenticationAttributes() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Retrieves the attributes on the current Authentication.
getAuthenticationAttributes() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
getClientSecretBasic() - Static method in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated, for removal: This API element is subject to removal in a future version.
getClientSecretPost() - Static method in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated, for removal: This API element is subject to removal in a future version.
getInputStream() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Responsible for processing the submitted data and performing any XSS validation before returning the stream in a new ServletInputStream.
getMessageBodyAsString(InputStream) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for converting a provided InputStream to a string
getParameter(String) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameter(java.lang.String).
getParameterMap() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getParameterNames() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameterNames().
getParameterValues(String) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Adapted from org.apache.catalina.core.ApplicationHttpRequest#getParameterValues(java.lang.String).
getPerformedOperationType() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: Reports the type of operation that was performed on the input.
getPolicy() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
getProcessedName() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field name.
getProcessedRequestParameterMap() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getProcessedValue() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field value.
getProcessingService() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
getProperties() - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
getRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper
getRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
getSanitizedParameterName() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter name after sanitization.
getSanitizedParameterValues() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter value(s) after sanitization.
getXssRequestService() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSFilter

H

handleRequestParameterValidationFailure(List<String>) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: The default behavior of this method is to throw an XSSRequestParameterValidationException with an error message that lists the parameters which failed validation.
handleXSSRequestParameterValidationException(XSSRequestParameterValidationException, WebRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
hashCode() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

I

IMPERSONATING_SELF - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The claim indicating whether the CSR is impersonated themselves rather than a customer user.
initialize() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
isAdminScopedServiceClient(Map<String, Object>) - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
isClientSecretBasic(String) - Static method in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated, for removal: This API element is subject to removal in a future version.
isClientSecretPost(String) - Static method in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated, for removal: This API element is subject to removal in a future version.
isError() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: Whether an XSS violation was detected.
isError() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: If validation was performed, this reports if an XSS violation was detected.
isFinished() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
isPerformValidation() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties: Indicates that requests should be validated for XSS violations.
isReady() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream

L

logDebug(Exception, WebRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor

M

MatcherUtil - Class in com.broadleafcommerce.resource.security.utils: Utility for creating new MvcRequestMatcher instances.
mvcMatcher(String, HttpSecurity) - Static method in class com.broadleafcommerce.resource.security.utils.MatcherUtil: Create a new MvcRequestMatcher instance.
mvcMatcher(String, HttpSecurity, String) - Static method in class com.broadleafcommerce.resource.security.utils.MatcherUtil: Create a new MvcRequestMatcher instance.

N

NONE - Enum constant in enum class com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates nothing was performed.
normalize(String) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Normalized the input value by removing spaces and semi-colons as the baseline sanitize does not perform formatting

P

PARENT_ACCOUNTS - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: Claim containing the ids of the parent accounts if the user is active in an account context.
POST - Static variable in class com.broadleafcommerce.resource.security.utils.compatibility.ConstantUtils: Deprecated.
postProcessEnvironment(ConfigurableEnvironment, SpringApplication) - Method in class com.broadleafcommerce.resource.security.utils.autoconfigure.CommonSecurityEnvironmentPostProcessor
processDeserializedBody(Object, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Processes the deserialized body.
ProcessedRequestParameterMapInitializer(XSSRequestService, HttpServletRequest) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper.ProcessedRequestParameterMapInitializer
processField(String, String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given field and value against XSS sanitization.
processInputStream(ServletInputStream, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for processing the provided input stream to check for any XSS violations.
processRequestParameter(String, String[], HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given request parameter and its values.
processRequestParameters(HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for processing the provided request's parameters/values to check for any XSS violations.
processValue(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Process a given value against XSS sanitization.

R

read() - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
recurseAndProcessFields(String, Object, List<String>, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestService: Responsible for recursively processing the passed in field information.

S

SANITIZATION - Enum constant in enum class com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates sanitization was performed.
SecurityEnhancer - Interface in com.broadleafcommerce.resource.security: Impact the HttpSecurity setup before a ResourceServerConfigurerAdapter is invoked for final endpoint security configuration.
SecurityUtilsAutoConfiguration - Class in com.broadleafcommerce.resource.security.utils.autoconfigure
SecurityUtilsAutoConfiguration() - Constructor for class com.broadleafcommerce.resource.security.utils.autoconfigure.SecurityUtilsAutoConfiguration
setAttributesConverter(Converter<Authentication, Map<String, Object>>) - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
setError(boolean) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: Whether an XSS violation was detected.
setError(boolean) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: If validation was performed, this reports if an XSS violation was detected.
setPerformedOperationType(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: Reports the type of operation that was performed on the input.
setPerformValidation(boolean) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties: Indicates that requests should be validated for XSS violations.
setProcessedName(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field name.
setProcessedValue(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse: The processed field value.
setReadListener(ReadListener) - Method in class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream
setSanitizedParameterName(String) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter name after sanitization.
setSanitizedParameterValues(String[]) - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse: The request parameter value(s) after sanitization.
shouldSanitize(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the value for the provide field should be sanitized.
shouldSanitizeParameter(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the name/value for the provided request parameter should be sanitized for XSS.
shouldValidate(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the value for the provided field should be validated against XSS
shouldValidateParameter(String, HttpServletRequest) - Method in class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService: Whether the name/value for the provided request parameter should be validated against XSS

T

toString() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
toString() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
toString() - Method in class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse

U

USER_NAME - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: Deprecated, for removal: This API element is subject to removal in a future version.
USER_TYPE_ATTR - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The user type claim to distinguish the type of services the user interacts with.
userIsAnonymous() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is anonymous.
userIsAnonymous() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsCSR() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is CSR.
userIsCSR() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsCSRActingAsSelf() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is CSR acting as neither an impersonated customer nor an anonymous customer but as themselves.
userIsCSRActingAsSelf() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsCSRAnonymous() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Checks if the authenticated user is CSR anonymous.
userIsCSRAnonymous() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
userIsInAdminContext() - Method in interface com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils: Whether or not the current user is in an admin context.
userIsInAdminContext() - Method in class com.broadleafcommerce.resource.security.utils.service.DefaultAuthenticationUtils
USERNAME - Static variable in class com.broadleafcommerce.resource.security.utils.service.AccessTokenClaims: The user's username.

V

VALIDATION - Enum constant in enum class com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Indicates validation was performed.
valueOf(String) - Static method in enum class com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Returns the enum constant of this class with the specified name.
values() - Static method in enum class com.broadleafcommerce.resource.security.xss.service.dto.DefaultXSSProcessingOperationTypes: Returns an array containing the constants of this enum class, in the order they are declared.

X

XSSAutoConfiguration - Class in com.broadleafcommerce.resource.security.xss.autoconfigure
XSSAutoConfiguration() - Constructor for class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSConfigurationProperties - Class in com.broadleafcommerce.resource.security.xss.autoconfigure
XSSConfigurationProperties() - Constructor for class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSConfigurationProperties
xssExceptionAdvisor() - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSExceptionAdvisor - Class in com.broadleafcommerce.resource.security.xss.service.exception: General exception handler registry for certain XSS-related exceptions.
XSSExceptionAdvisor() - Constructor for class com.broadleafcommerce.resource.security.xss.service.exception.XSSExceptionAdvisor
xssFilter(XSSConfigurationProperties, XSSRequestService) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSFilter - Class in com.broadleafcommerce.resource.security.xss.filter: Responsible for wrapping incoming HttpServletRequests with XSSRequestWrapper to ensure request bodies and parameters are free from XSS violations.
XSSFilter(XSSConfigurationProperties, XSSRequestService) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSFilter
XSSProcessingResponse - Class in com.broadleafcommerce.resource.security.xss.service.dto: A response object returned from the XSSRequestService after processing a request body.
XSSProcessingResponse() - Constructor for class com.broadleafcommerce.resource.security.xss.service.dto.XSSProcessingResponse
XSSRequestParameterProcessingResponse - Class in com.broadleafcommerce.resource.security.xss.service.dto: A response object returned from the XSSRequestProcessingService after processing a request parameter and its value(s).
XSSRequestParameterProcessingResponse() - Constructor for class com.broadleafcommerce.resource.security.xss.service.dto.XSSRequestParameterProcessingResponse
XSSRequestParameterValidationException - Exception in com.broadleafcommerce.resource.security.xss.service.exception: An exception thrown when request parameters fail XSS validation.
XSSRequestParameterValidationException(String) - Constructor for exception com.broadleafcommerce.resource.security.xss.service.exception.XSSRequestParameterValidationException
xssRequestProcessingService(XSSConfigurationProperties) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSRequestProcessingService - Class in com.broadleafcommerce.resource.security.xss.service: Responsible for performing validation and sanitization on provided values.
XSSRequestProcessingService(PolicyFactory, XSSConfigurationProperties) - Constructor for class com.broadleafcommerce.resource.security.xss.service.XSSRequestProcessingService
xssRequestService(XSSRequestProcessingService, XSSConfigurationProperties) - Method in class com.broadleafcommerce.resource.security.xss.autoconfigure.XSSAutoConfiguration
XSSRequestService - Class in com.broadleafcommerce.resource.security.xss.service: Responsible for handling input streams from XSSRequestWrappers and passing them through XSS validation / sanitization
XSSRequestService(XSSRequestProcessingService, XSSConfigurationProperties) - Constructor for class com.broadleafcommerce.resource.security.xss.service.XSSRequestService
XSSRequestWrapper - Class in com.broadleafcommerce.resource.security.xss.filter: A wrapper class for HttpServletRequestWrapper that provides XSS validation and sanitization.
XSSRequestWrapper(HttpServletRequest, XSSConfigurationProperties, XSSRequestService) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSRequestWrapper: Constructs a request object wrapping the given request.
XSSRequestWrapper.ProcessedRequestParameterMapInitializer - Class in com.broadleafcommerce.resource.security.xss.filter: This mechanism allows for thread-safe, lazy, one-time processing of all request parameters and their values rather than repeatedly within each parameter-related method.
XSSServletInputStream - Class in com.broadleafcommerce.resource.security.xss.filter: An extension of ServletInputStream used in conjunction with XSSRequestWrapper.
XSSServletInputStream(byte[]) - Constructor for class com.broadleafcommerce.resource.security.xss.filter.XSSServletInputStream

A B C D E F G H I L M N P R S T U V X
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form