org.opensaml
Class ESAPISecurityConfig

java.lang.Object
  extended by org.opensaml.ESAPISecurityConfig
All Implemented Interfaces:
org.owasp.esapi.SecurityConfiguration

public class ESAPISecurityConfig
extends java.lang.Object
implements org.owasp.esapi.SecurityConfiguration

Minimal implementation of OWASP ESAPI SecurityConfiguration, providing the support used within OpenSAML.


Nested Class Summary
 
Nested classes/interfaces inherited from interface org.owasp.esapi.SecurityConfiguration
org.owasp.esapi.SecurityConfiguration.Threshold
 
Constructor Summary
ESAPISecurityConfig()
          Constructor.
 
Method Summary
 java.lang.String getAccessControlImplementation()
          
 java.util.List getAdditionalAllowedCipherModes()
          
 java.util.List getAllowedExecutables()
          
 java.util.List getAllowedFileExtensions()
          
 int getAllowedFileUploadSize()
          
 int getAllowedLoginAttempts()
          
 boolean getAllowMixedEncoding()
          
 boolean getAllowMultipleEncoding()
          
 java.lang.String getApplicationName()
          
 java.lang.String getAuthenticationImplementation()
          
 java.lang.String getCharacterEncoding()
          
 java.lang.String getCipherTransformation()
          
 java.util.List getCombinedCipherModes()
          
 java.util.List getDefaultCanonicalizationCodecs()
          
 java.lang.String getDigitalSignatureAlgorithm()
          
 int getDigitalSignatureKeyLength()
          
 boolean getDisableIntrusionDetection()
          
 java.lang.String getEncoderImplementation()
          
 java.lang.String getEncryptionAlgorithm()
          
 java.lang.String getEncryptionImplementation()
          
 int getEncryptionKeyLength()
          
 java.lang.String getExecutorImplementation()
          
 java.lang.String getFixedIV()
          
 boolean getForceHttpOnlyCookies()
          
 boolean getForceHttpOnlySession()
          
 boolean getForceSecureCookies()
          
 boolean getForceSecureSession()
          
 java.lang.String getHashAlgorithm()
          
 int getHashIterations()
          
 java.lang.String getHttpSessionIdName()
          
 java.lang.String getHTTPUtilitiesImplementation()
          
 java.lang.String getIntrusionDetectionImplementation()
          
 java.lang.String getIVType()
          
 java.lang.String getKDFPseudoRandomFunction()
          
 boolean getLenientDatesAccepted()
          
 boolean getLogApplicationName()
          
 boolean getLogEncodingRequired()
          
 java.lang.String getLogFileName()
          
 java.lang.String getLogImplementation()
          
 int getLogLevel()
          
 boolean getLogServerIP()
          
 byte[] getMasterKey()
          
 byte[] getMasterSalt()
          
 int getMaxHttpHeaderSize()
          
 int getMaxLogFileSize()
          
 int getMaxOldPasswordHashes()
          
 java.lang.String getPasswordParameterName()
          
 java.lang.String getPreferredJCEProvider()
          
 org.owasp.esapi.SecurityConfiguration.Threshold getQuota(java.lang.String eventName)
          
 java.lang.String getRandomAlgorithm()
          
 java.lang.String getRandomizerImplementation()
          
 long getRememberTokenDuration()
          
 java.io.File getResourceFile(java.lang.String filename)
          
 java.io.InputStream getResourceStream(java.lang.String filename)
          
 java.lang.String getResponseContentType()
          
 int getSessionAbsoluteTimeoutLength()
          
 int getSessionIdleTimeoutLength()
          
 java.io.File getUploadDirectory()
          
 java.io.File getUploadTempDirectory()
          
 java.lang.String getUsernameParameterName()
          
 java.lang.String getValidationImplementation()
          
 java.util.regex.Pattern getValidationPattern(java.lang.String typeName)
          
 java.io.File getWorkingDirectory()
          
 boolean overwritePlainText()
          
 java.lang.String setCipherTransformation(java.lang.String cipherXform)
          
 void setResourceDirectory(java.lang.String dir)
          
 boolean useMACforCipherText()
          
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ESAPISecurityConfig

public ESAPISecurityConfig()
Constructor.

Method Detail

getAccessControlImplementation

public java.lang.String getAccessControlImplementation()

Specified by:
getAccessControlImplementation in interface org.owasp.esapi.SecurityConfiguration

getAdditionalAllowedCipherModes

public java.util.List getAdditionalAllowedCipherModes()

Specified by:
getAdditionalAllowedCipherModes in interface org.owasp.esapi.SecurityConfiguration

getAllowedExecutables

public java.util.List getAllowedExecutables()

Specified by:
getAllowedExecutables in interface org.owasp.esapi.SecurityConfiguration

getAllowedFileExtensions

public java.util.List getAllowedFileExtensions()

Specified by:
getAllowedFileExtensions in interface org.owasp.esapi.SecurityConfiguration

getAllowedFileUploadSize

public int getAllowedFileUploadSize()

Specified by:
getAllowedFileUploadSize in interface org.owasp.esapi.SecurityConfiguration

getAllowedLoginAttempts

public int getAllowedLoginAttempts()

Specified by:
getAllowedLoginAttempts in interface org.owasp.esapi.SecurityConfiguration

getAllowMixedEncoding

public boolean getAllowMixedEncoding()

Specified by:
getAllowMixedEncoding in interface org.owasp.esapi.SecurityConfiguration

getAllowMultipleEncoding

public boolean getAllowMultipleEncoding()

Specified by:
getAllowMultipleEncoding in interface org.owasp.esapi.SecurityConfiguration

getApplicationName

public java.lang.String getApplicationName()

Specified by:
getApplicationName in interface org.owasp.esapi.SecurityConfiguration

getAuthenticationImplementation

public java.lang.String getAuthenticationImplementation()

Specified by:
getAuthenticationImplementation in interface org.owasp.esapi.SecurityConfiguration

getCharacterEncoding

public java.lang.String getCharacterEncoding()

Specified by:
getCharacterEncoding in interface org.owasp.esapi.SecurityConfiguration

getCipherTransformation

public java.lang.String getCipherTransformation()

Specified by:
getCipherTransformation in interface org.owasp.esapi.SecurityConfiguration

getCombinedCipherModes

public java.util.List getCombinedCipherModes()

Specified by:
getCombinedCipherModes in interface org.owasp.esapi.SecurityConfiguration

getDefaultCanonicalizationCodecs

public java.util.List getDefaultCanonicalizationCodecs()

Specified by:
getDefaultCanonicalizationCodecs in interface org.owasp.esapi.SecurityConfiguration

getDigitalSignatureAlgorithm

public java.lang.String getDigitalSignatureAlgorithm()

Specified by:
getDigitalSignatureAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getDigitalSignatureKeyLength

public int getDigitalSignatureKeyLength()

Specified by:
getDigitalSignatureKeyLength in interface org.owasp.esapi.SecurityConfiguration

getDisableIntrusionDetection

public boolean getDisableIntrusionDetection()

Specified by:
getDisableIntrusionDetection in interface org.owasp.esapi.SecurityConfiguration

getEncoderImplementation

public java.lang.String getEncoderImplementation()

Specified by:
getEncoderImplementation in interface org.owasp.esapi.SecurityConfiguration

getEncryptionAlgorithm

public java.lang.String getEncryptionAlgorithm()

Specified by:
getEncryptionAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getEncryptionImplementation

public java.lang.String getEncryptionImplementation()

Specified by:
getEncryptionImplementation in interface org.owasp.esapi.SecurityConfiguration

getEncryptionKeyLength

public int getEncryptionKeyLength()

Specified by:
getEncryptionKeyLength in interface org.owasp.esapi.SecurityConfiguration

getExecutorImplementation

public java.lang.String getExecutorImplementation()

Specified by:
getExecutorImplementation in interface org.owasp.esapi.SecurityConfiguration

getFixedIV

public java.lang.String getFixedIV()

Specified by:
getFixedIV in interface org.owasp.esapi.SecurityConfiguration

getForceHttpOnlyCookies

public boolean getForceHttpOnlyCookies()

Specified by:
getForceHttpOnlyCookies in interface org.owasp.esapi.SecurityConfiguration

getForceHttpOnlySession

public boolean getForceHttpOnlySession()

Specified by:
getForceHttpOnlySession in interface org.owasp.esapi.SecurityConfiguration

getForceSecureCookies

public boolean getForceSecureCookies()

Specified by:
getForceSecureCookies in interface org.owasp.esapi.SecurityConfiguration

getForceSecureSession

public boolean getForceSecureSession()

Specified by:
getForceSecureSession in interface org.owasp.esapi.SecurityConfiguration

getHashAlgorithm

public java.lang.String getHashAlgorithm()

Specified by:
getHashAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getHashIterations

public int getHashIterations()

Specified by:
getHashIterations in interface org.owasp.esapi.SecurityConfiguration

getHttpSessionIdName

public java.lang.String getHttpSessionIdName()

Specified by:
getHttpSessionIdName in interface org.owasp.esapi.SecurityConfiguration

getHTTPUtilitiesImplementation

public java.lang.String getHTTPUtilitiesImplementation()

Specified by:
getHTTPUtilitiesImplementation in interface org.owasp.esapi.SecurityConfiguration

getIntrusionDetectionImplementation

public java.lang.String getIntrusionDetectionImplementation()

Specified by:
getIntrusionDetectionImplementation in interface org.owasp.esapi.SecurityConfiguration

getIVType

public java.lang.String getIVType()

Specified by:
getIVType in interface org.owasp.esapi.SecurityConfiguration

getKDFPseudoRandomFunction

public java.lang.String getKDFPseudoRandomFunction()

Specified by:
getKDFPseudoRandomFunction in interface org.owasp.esapi.SecurityConfiguration

getLenientDatesAccepted

public boolean getLenientDatesAccepted()

Specified by:
getLenientDatesAccepted in interface org.owasp.esapi.SecurityConfiguration

getLogApplicationName

public boolean getLogApplicationName()

Specified by:
getLogApplicationName in interface org.owasp.esapi.SecurityConfiguration

getLogEncodingRequired

public boolean getLogEncodingRequired()

Specified by:
getLogEncodingRequired in interface org.owasp.esapi.SecurityConfiguration

getLogFileName

public java.lang.String getLogFileName()

Specified by:
getLogFileName in interface org.owasp.esapi.SecurityConfiguration

getLogImplementation

public java.lang.String getLogImplementation()

Specified by:
getLogImplementation in interface org.owasp.esapi.SecurityConfiguration

getLogLevel

public int getLogLevel()

Specified by:
getLogLevel in interface org.owasp.esapi.SecurityConfiguration

getLogServerIP

public boolean getLogServerIP()

Specified by:
getLogServerIP in interface org.owasp.esapi.SecurityConfiguration

getMasterKey

public byte[] getMasterKey()

Specified by:
getMasterKey in interface org.owasp.esapi.SecurityConfiguration

getMasterSalt

public byte[] getMasterSalt()

Specified by:
getMasterSalt in interface org.owasp.esapi.SecurityConfiguration

getMaxHttpHeaderSize

public int getMaxHttpHeaderSize()

Specified by:
getMaxHttpHeaderSize in interface org.owasp.esapi.SecurityConfiguration

getMaxLogFileSize

public int getMaxLogFileSize()

Specified by:
getMaxLogFileSize in interface org.owasp.esapi.SecurityConfiguration

getMaxOldPasswordHashes

public int getMaxOldPasswordHashes()

Specified by:
getMaxOldPasswordHashes in interface org.owasp.esapi.SecurityConfiguration

getPasswordParameterName

public java.lang.String getPasswordParameterName()

Specified by:
getPasswordParameterName in interface org.owasp.esapi.SecurityConfiguration

getPreferredJCEProvider

public java.lang.String getPreferredJCEProvider()

Specified by:
getPreferredJCEProvider in interface org.owasp.esapi.SecurityConfiguration

getQuota

public org.owasp.esapi.SecurityConfiguration.Threshold getQuota(java.lang.String eventName)

Specified by:
getQuota in interface org.owasp.esapi.SecurityConfiguration

getRandomAlgorithm

public java.lang.String getRandomAlgorithm()

Specified by:
getRandomAlgorithm in interface org.owasp.esapi.SecurityConfiguration

getRandomizerImplementation

public java.lang.String getRandomizerImplementation()

Specified by:
getRandomizerImplementation in interface org.owasp.esapi.SecurityConfiguration

getRememberTokenDuration

public long getRememberTokenDuration()

Specified by:
getRememberTokenDuration in interface org.owasp.esapi.SecurityConfiguration

getResourceFile

public java.io.File getResourceFile(java.lang.String filename)

Specified by:
getResourceFile in interface org.owasp.esapi.SecurityConfiguration

getResourceStream

public java.io.InputStream getResourceStream(java.lang.String filename)
                                      throws java.io.IOException

Specified by:
getResourceStream in interface org.owasp.esapi.SecurityConfiguration
Throws:
java.io.IOException

getResponseContentType

public java.lang.String getResponseContentType()

Specified by:
getResponseContentType in interface org.owasp.esapi.SecurityConfiguration

getSessionAbsoluteTimeoutLength

public int getSessionAbsoluteTimeoutLength()

Specified by:
getSessionAbsoluteTimeoutLength in interface org.owasp.esapi.SecurityConfiguration

getSessionIdleTimeoutLength

public int getSessionIdleTimeoutLength()

Specified by:
getSessionIdleTimeoutLength in interface org.owasp.esapi.SecurityConfiguration

getUploadDirectory

public java.io.File getUploadDirectory()

Specified by:
getUploadDirectory in interface org.owasp.esapi.SecurityConfiguration

getUploadTempDirectory

public java.io.File getUploadTempDirectory()

Specified by:
getUploadTempDirectory in interface org.owasp.esapi.SecurityConfiguration

getUsernameParameterName

public java.lang.String getUsernameParameterName()

Specified by:
getUsernameParameterName in interface org.owasp.esapi.SecurityConfiguration

getValidationImplementation

public java.lang.String getValidationImplementation()

Specified by:
getValidationImplementation in interface org.owasp.esapi.SecurityConfiguration

getValidationPattern

public java.util.regex.Pattern getValidationPattern(java.lang.String typeName)

Specified by:
getValidationPattern in interface org.owasp.esapi.SecurityConfiguration

getWorkingDirectory

public java.io.File getWorkingDirectory()

Specified by:
getWorkingDirectory in interface org.owasp.esapi.SecurityConfiguration

overwritePlainText

public boolean overwritePlainText()

Specified by:
overwritePlainText in interface org.owasp.esapi.SecurityConfiguration

setCipherTransformation

public java.lang.String setCipherTransformation(java.lang.String cipherXform)

Specified by:
setCipherTransformation in interface org.owasp.esapi.SecurityConfiguration

setResourceDirectory

public void setResourceDirectory(java.lang.String dir)

Specified by:
setResourceDirectory in interface org.owasp.esapi.SecurityConfiguration

useMACforCipherText

public boolean useMACforCipherText()

Specified by:
useMACforCipherText in interface org.owasp.esapi.SecurityConfiguration


Copyright © 2006-2011 Internet2. All Rights Reserved.