Class HttpSessionCsrfTokenRepository

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      CsrfToken generateToken​(javax.servlet.http.HttpServletRequest request)
      Generates a CsrfToken
      CsrfToken loadToken​(javax.servlet.http.HttpServletRequest request)
      Loads the expected CsrfToken from the HttpServletRequest
      void saveToken​(CsrfToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Saves the CsrfToken using the HttpServletRequest and HttpServletResponse.
      void setHeaderName​(java.lang.String headerName)
      Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
      void setParameterName​(java.lang.String parameterName)
      Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
      void setSessionAttributeName​(java.lang.String sessionAttributeName)
      Sets the HttpSession attribute name that the CsrfToken is stored in
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • HttpSessionCsrfTokenRepository

        public HttpSessionCsrfTokenRepository()
    • Method Detail

      • saveToken

        public void saveToken​(CsrfToken token,
                              javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
        Description copied from interface: CsrfTokenRepository
        Saves the CsrfToken using the HttpServletRequest and HttpServletResponse. If the CsrfToken is null, it is the same as deleting it.
        Specified by:
        saveToken in interface CsrfTokenRepository
        Parameters:
        token - the CsrfToken to save or null to delete
        request - the HttpServletRequest to use
        response - the HttpServletResponse to use
      • setParameterName

        public void setParameterName​(java.lang.String parameterName)
        Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
        Parameters:
        parameterName - the new parameter name to use
      • setHeaderName

        public void setHeaderName​(java.lang.String headerName)
        Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
        Parameters:
        headerName - the new header name to use
      • setSessionAttributeName

        public void setSessionAttributeName​(java.lang.String sessionAttributeName)
        Sets the HttpSession attribute name that the CsrfToken is stored in
        Parameters:
        sessionAttributeName - the new attribute name to use