Package org.apache.ofbiz.security

Class SecurityUtil

java.lang.Object

org.apache.ofbiz.security.SecurityUtil

public final class SecurityUtil
extends java.lang.Object

A Security util.

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	module

Constructor Summary

Constructors

Constructor	Description
SecurityUtil()

Method Summary

Modifier and Type	Method	Description
static boolean	authenticateUserLoginByJWT(Delegator delegator, java.lang.String userLoginId, java.lang.String jwtToken)	For a jwtToken and userLoginId check the coherence between them
static boolean	containsFreemarkerInterpolation(HttpServletRequest req, HttpServletResponse resp, java.lang.String uri)
static boolean	containsFreemarkerInterpolation(HttpServletResponse resp, java.lang.String stringToCheck)
static java.lang.String	generateJwtToAuthenticateUserLogin(Delegator delegator, java.lang.String userLoginId)	Return a JWToken for authenticate a userLogin with salt the token by userLoginId and currentPassword
static boolean	hasUserLoginAdminPermission(Delegator delegator, java.lang.String userLoginId)	Return true if given userLogin possess at least one of the adminPermission
static java.util.List<java.lang.String>	hasUserLoginMorePermissionThan(Delegator delegator, java.lang.String userLoginId, java.lang.String toUserLoginId)	Return the list of missing permission, if toUserLoginId has more permission thant userLoginId, emptyList either.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

module

public static final java.lang.String module

Constructor Detail

SecurityUtil

public SecurityUtil()

Method Detail

hasUserLoginAdminPermission

public static boolean hasUserLoginAdminPermission(Delegator delegator,
                                                  java.lang.String userLoginId)

Return true if given userLogin possess at least one of the adminPermission

Parameters:

delegator -

userLoginId -

Returns:

boolean

hasUserLoginMorePermissionThan

public static java.util.List<java.lang.String> hasUserLoginMorePermissionThan(Delegator delegator,
                                                                              java.lang.String userLoginId,
                                                                              java.lang.String toUserLoginId)

Return the list of missing permission, if toUserLoginId has more permission thant userLoginId, emptyList either.

Parameters:

delegator -

userLoginId -

toUserLoginId -

Returns:

List

generateJwtToAuthenticateUserLogin

public static java.lang.String generateJwtToAuthenticateUserLogin(Delegator delegator,
                                                                  java.lang.String userLoginId)
                                                           throws GenericEntityException

Return a JWToken for authenticate a userLogin with salt the token by userLoginId and currentPassword

Throws:

GenericEntityException

authenticateUserLoginByJWT

public static boolean authenticateUserLoginByJWT(Delegator delegator,
                                                 java.lang.String userLoginId,
                                                 java.lang.String jwtToken)

For a jwtToken and userLoginId check the coherence between them

containsFreemarkerInterpolation

public static boolean containsFreemarkerInterpolation(HttpServletRequest req,
                                                      HttpServletResponse resp,
                                                      java.lang.String uri)
                                               throws java.io.IOException

Throws:

java.io.IOException

containsFreemarkerInterpolation

public static boolean containsFreemarkerInterpolation(HttpServletResponse resp,
                                                      java.lang.String stringToCheck)
                                               throws java.io.IOException

Parameters:

resp -

stringToCheck -

Throws:

java.io.IOException