Package org.summerboot.jexpress.security

Class SecurityUtil

java.lang.Object

org.summerboot.jexpress.security.SecurityUtil

public class SecurityUtil
extends Object

Author:

Changski Tie Zheng Zhang 张铁铮, 魏泽北, 杜旺财, 杜富贵

Field Summary

Fields

Modifier and Type	Field	Description
static final String[]	CIPHER_SUITES
static final HostnameVerifier	DO_NOT_VERIFY_REMOTE_IP
static final HostnameVerifier	hostnameVerifier
static final Pattern	INSECURE_URI
static final Pattern	Pattern_HasLowercase
static final Pattern	Pattern_HasNumber
static final Pattern	Pattern_HasSpecialChar
static final Pattern	Pattern_HasUppercase
static final Pattern	PATTERN_UNPRINTABLE
static final Pattern	PATTERN_UNPRINTABLE_CRLFTAB

Constructor Summary

Constructors

Constructor	Description
SecurityUtil()

Method Summary

Modifier and Type	Method	Description
static final String	escapeDN(String dnName)	This method demonstrates how to include special characters in Javadoc.
static final String	escapeLDAPSearchFilter(String filter)
static boolean	precheckFile(File file, SessionContext context)
static String	randomAlphanumeric(int count)
static String	sanitizeCRLF(String userInput)
static String	sanitizeDocRootUri(String uri, String docroot)	Deprecated.
static String	sanitizeFilePath(File file)
static String	sanitizeFilePath(String plainText)
static boolean	sanitizePath(String path)
static boolean	sanitizeUri(String uri)
static String	stripControls(String input, String substitute)	Removes all unprintable characters from a string and replaces with substitute (i.e. a space).
static boolean	validatePassword(String pwd, int length)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

DO_NOT_VERIFY_REMOTE_IP

public static final HostnameVerifier DO_NOT_VERIFY_REMOTE_IP

hostnameVerifier

public static final HostnameVerifier hostnameVerifier

CIPHER_SUITES

public static final String[] CIPHER_SUITES

PATTERN_UNPRINTABLE

public static final Pattern PATTERN_UNPRINTABLE

PATTERN_UNPRINTABLE_CRLFTAB

public static final Pattern PATTERN_UNPRINTABLE_CRLFTAB

Pattern_HasUppercase

public static final Pattern Pattern_HasUppercase

Pattern_HasLowercase

public static final Pattern Pattern_HasLowercase

Pattern_HasNumber

public static final Pattern Pattern_HasNumber

Pattern_HasSpecialChar

public static final Pattern Pattern_HasSpecialChar

INSECURE_URI

public static final Pattern INSECURE_URI

Constructor Details

SecurityUtil

public SecurityUtil()

Method Details

stripControls

public static String stripControls(String input,
 String substitute)

Removes all unprintable characters from a string and replaces with substitute (i.e. a space).

Parameters:

input -

substitute -

Returns:

the stripped value

validatePassword

public static boolean validatePassword(String pwd,
 int length)

randomAlphanumeric

public static String randomAlphanumeric(int count)

sanitizeCRLF

public static String sanitizeCRLF(String userInput)

sanitizeFilePath

public static String sanitizeFilePath(String plainText)

sanitizeFilePath

public static String sanitizeFilePath(File file)

sanitizePath

public static boolean sanitizePath(String path)

precheckFile

public static boolean precheckFile(File file,
 SessionContext context)

sanitizeUri

public static boolean sanitizeUri(String uri)

sanitizeDocRootUri

@Deprecated
public static String sanitizeDocRootUri(String uri,
 String docroot)

Deprecated.

escapeDN

public static final String escapeDN(String dnName)

This method demonstrates how to include special characters in Javadoc. The exhaustive list of characters requiring escaping in Distinguished Name (DN) is the following: \ # + < > , ; " = and leading or trailing spaces.

This tag ensures the literal text is rendered correctly without Javadoc parsing errors.

Parameters:

dnName -

Returns:

escapeLDAPSearchFilter

public static final String escapeLDAPSearchFilter(String filter)