CsrfPreventionFilterBase (Apache Tomcat 8.0.53 API Documentation)

java.lang.Object
- org.apache.catalina.filters.FilterBase
- - org.apache.catalina.filters.CsrfPreventionFilterBase

All Implemented Interfaces:

Filter

Direct Known Subclasses:

CsrfPreventionFilter, RestCsrfPreventionFilter
```
public abstract class CsrfPreventionFilterBase
extends FilterBase
```

Field Summary
- Fields inherited from class org.apache.catalina.filters.FilterBase
  sm

Constructor Summary

Constructors
Constructor and Description

CsrfPreventionFilterBase()

Constructors
Constructor and Description
`CsrfPreventionFilterBase()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected java.lang.String`	`generateNonce()` Generate a once time token (nonce) for authenticating subsequent requests.
`int`	`getDenyStatus()` Return response status code that is used to reject denied request.
`protected Log`	`getLogger()`
`protected java.lang.String`	`getRequestedPath(HttpServletRequest request)`
`void`	`init(FilterConfig filterConfig)` Iterates over the configuration parameters and either logs a warning, or throws an exception for any parameter that does not have a matching setter in this filter.
`protected boolean`	`isConfigProblemFatal()` Determines if an exception when calling a setter or an unknown configuration attribute triggers the failure of the this filter which in turn will prevent the web application from starting.
`void`	`setDenyStatus(int denyStatus)` Set response status code that is used to reject denied request.
`void`	`setRandomClass(java.lang.String randomClass)` Specify the class to use to generate the nonces.

Methods inherited from class org.apache.catalina.filters.FilterBase
destroy

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.servlet.Filter
doFilter

- Constructor Detail
  - CsrfPreventionFilterBase
```
public CsrfPreventionFilterBase()
```
- Method Detail
  - getLogger
```
protected Log getLogger()
```
    Specified by:
    
    getLogger in class FilterBase
  - getDenyStatus
```
public int getDenyStatus()
```
    Return response status code that is used to reject denied request.
  - setDenyStatus
```
public void setDenyStatus(int denyStatus)
```
    Set response status code that is used to reject denied request. If none set, the default value of 403 will be used.
    
    Parameters:
    denyStatus - HTTP status code
  - setRandomClass
```
public void setRandomClass(java.lang.String randomClass)
```
    Specify the class to use to generate the nonces. Must be in instance of Random.
    
    Parameters:
    randomClass - The name of the class to use
  - init
```
public void init(FilterConfig filterConfig)
          throws ServletException
```
    Description copied from class: FilterBase
    
    Iterates over the configuration parameters and either logs a warning, or throws an exception for any parameter that does not have a matching setter in this filter.
    
    Specified by:
    
    init in interface Filter
    
    Overrides:
    
    init in class FilterBase
    
    Parameters:
    filterConfig - The configuration information associated with the filter instance being initialised
    
    Throws:
    
    ServletException - if FilterBase.isConfigProblemFatal() returns true and a configured parameter does not have a matching setter
  - isConfigProblemFatal
```
protected boolean isConfigProblemFatal()
```
    Description copied from class: FilterBase
    
    Determines if an exception when calling a setter or an unknown configuration attribute triggers the failure of the this filter which in turn will prevent the web application from starting.
    
    Overrides:
    
    isConfigProblemFatal in class FilterBase
    
    Returns:
    true if a problem should trigger the failure of this filter, else false
  - generateNonce
```
protected java.lang.String generateNonce()
```
    Generate a once time token (nonce) for authenticating subsequent requests. The nonce generation is a simplified version of ManagerBase.generateSessionId().
  - getRequestedPath
```
protected java.lang.String getRequestedPath(HttpServletRequest request)
```

Class CsrfPreventionFilterBase

Field Summary

Fields inherited from class org.apache.catalina.filters.FilterBase

Constructor Summary

Method Summary

Methods inherited from class org.apache.catalina.filters.FilterBase

Methods inherited from class java.lang.Object

Methods inherited from interface javax.servlet.Filter

Constructor Detail

CsrfPreventionFilterBase

Method Detail

getLogger

getDenyStatus

setDenyStatus

setRandomClass

init

isConfigProblemFatal

generateNonce

getRequestedPath