Class DefaultCrumbIssuer

    • Field Detail


        public static boolean EXCLUDE_SESSION_ID
    • Constructor Detail

      • DefaultCrumbIssuer

        public DefaultCrumbIssuer​(boolean excludeClientIPFromCrumb)
    • Method Detail

      • isExcludeClientIPFromCrumb

        public boolean isExcludeClientIPFromCrumb()
      • issueCrumb

        protected String issueCrumb​(javax.servlet.ServletRequest request,
                                    String salt)
        Description copied from class: CrumbIssuer
        Create a crumb value based on user specific information in the request. The crumb should be generated by building a cryptographic hash of:
        • relevant information in the request that can uniquely identify the client
        • the salt value
        • an implementation specific guarded secret.
        Specified by:
        issueCrumb in class CrumbIssuer
      • validateCrumb

        public boolean validateCrumb​(javax.servlet.ServletRequest request,
                                     String salt,
                                     String crumb)
        Description copied from class: CrumbIssuer
        Validate a previously created crumb against information in the current request.
        Specified by:
        validateCrumb in class CrumbIssuer
        crumb - The previously generated crumb to validate against information in the current request