Package hudson.security.csrf

Class DefaultCrumbIssuer

java.lang.Object

hudson.security.csrf.CrumbIssuer

hudson.security.csrf.DefaultCrumbIssuer

All Implemented Interfaces:

ExtensionPoint, Describable<CrumbIssuer>

public class DefaultCrumbIssuer
extends CrumbIssuer

A crumb issuing algorithm based on the request principal and the remote address.

Author:

dty

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	DefaultCrumbIssuer.DescriptorImpl

Nested classes/interfaces inherited from class hudson.security.csrf.CrumbIssuer

CrumbIssuer.RestrictedApi

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields

Modifier and Type	Field	Description
static boolean	EXCLUDE_SESSION_ID

Fields inherited from class hudson.security.csrf.CrumbIssuer

DEFAULT_CRUMB_NAME

Constructor Summary

Constructors

Constructor	Description
DefaultCrumbIssuer(boolean excludeClientIPFromCrumb)

Method Summary

Modifier and Type	Method	Description
boolean	isExcludeClientIPFromCrumb()
protected String	issueCrumb(javax.servlet.ServletRequest request, String salt)	Create a crumb value based on user specific information in the request.
boolean	validateCrumb(javax.servlet.ServletRequest request, String salt, String crumb)	Validate a previously created crumb against information in the current request.

Methods inherited from class hudson.security.csrf.CrumbIssuer

all, getApi, getCrumb, getCrumb, getCrumbRequestField, getDescriptor, initStaplerCrumbIssuer, validateCrumb, validateCrumb

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

EXCLUDE_SESSION_ID

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static boolean EXCLUDE_SESSION_ID

Constructor Details

DefaultCrumbIssuer

@DataBoundConstructor
public DefaultCrumbIssuer(boolean excludeClientIPFromCrumb)

Method Details

isExcludeClientIPFromCrumb

public boolean isExcludeClientIPFromCrumb()

issueCrumb

protected String issueCrumb(javax.servlet.ServletRequest request,
 String salt)

Description copied from class: CrumbIssuer

Create a crumb value based on user specific information in the request. The crumb should be generated by building a cryptographic hash of:

• relevant information in the request that can uniquely identify the client
• the salt value
• an implementation specific guarded secret.

Specified by:

issueCrumb in class CrumbIssuer

validateCrumb

public boolean validateCrumb(javax.servlet.ServletRequest request,
 String salt,
 String crumb)

Description copied from class: CrumbIssuer

Validate a previously created crumb against information in the current request.

Specified by:

validateCrumb in class CrumbIssuer

crumb - The previously generated crumb to validate against information in the current request